Related Concepts
Definition
Web Single Sign On consists in authenticating once and being able to accede to web services for which the user has an authorization without having to manage multiple authentication/passwords.
SAML is an OASIS XML-based standard used to exchange authentication and authorization information between different security domains.
Background
End users are often seen as a major vulnerability of IT access control systems [1]: as they have to memorize different passwords associated to different systems, they often use easy-to-memorize passwords and share a same password to accede to different systems so that the access control performance is reduced. Moreover, as they can have only a visual checking of the interface of a system to decide if they can trust it or not, other vulnerabilities as phishing attackscan...
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Bertino E, Martino L, Paci F, Squicciarini A (2010) Security for web services and service-oriented architectures. Springer, Berlin, ISBN 978-3-540-87741-7
Open Group. Single sign on specification. Available at http://www.opengroup.org/security/sso/
OASIS (2005) SAML V2.0 executive overview. Available at http://www.oasis-open.org/committees/download.php/13525/sstc-saml-exec-overview-2.0-cd-01-2col.pdf
OASIS (2005) SAML V2.0 technical overview. Available at http://www.oasis-open.org/committees/download.php/27819/sstc-saml-tech-overview-2.0-cd-02.pdf
OnLine community for SAML OASIS Standard. http://saml.xml.org/saml-specifications
Williamson G, Yip D, Sharoni I, Spaulding K (2009) Identity management: a primer. MC Press online, Lewisville, ISBN 978158347-093-0
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Biennier, F. (2011). Web Single Sign On and SAML. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_906
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_906
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering