stands for Security Assertion Markup Language
(version 2.0). It is an XML standard for exchanging authentication
data between security domains, that is, between an identity provider
and a service provider
. SAML is a product of the OASIS Security Services Technical Committee.
The most important problems that SAML is trying to solve are the single sign-on (SSO) and the identity federation problems.
SAML assumes the principal (often a user) has enrolled with at least one identity provider. This identity provider is expected to provide local authentication services to the principal. However, SAML does not specify the implementation of these local services; indeed, SAML does not care how local authentication services are implemented (although individual service providers most certainly will).
The two main projects that use SAML 2.0 are Liberty Alliance
. The definition of the version 2.0 of SAML integrates features that come from both projects, so that solutions developped in these projects are expected to be interoperable
Category Identity And Authorization Management
(This article is based upon a version available under GFDL at Wikipedia:SAML)