Applying Security Assertion Markup Language (SAML) to non SOAP protocols
Small Business Information
43462 Mechanicsville Glen Street, Ashburn, VA, -
Chief Technology Advisor
Chief Technology Advisor
AbstractABSTRACT: D-Tech is pleased to submit this proposal in response to the SBIR solicitation under topic AF112-030 titled"Applying Security Assertion Markup Language (SAML) to non SOAP Protocols". D-Tech will develop a prototype to demonstrate the feasibility and flexibility of user authentication and authorization for web applications, implementing an OpenID Identity Provider as a proxy to integrate RESTful services with a SAML-based Attribute Service compliant with NCES standard. We will extend the OpenID"s single sign-on capability with OAuth, an emerging standard for fine-grained user authorization. A survey and analysis comparing different standards, their applicability, and techniques for RESTful single sign-on will be provided. A new software framework to bind SAML with light-weight protocols will be presented in the final technical report, along with potential security applications in DoD and the commercial sector. We have formed a top-notch research team for this project, including DoD security veterans and university researcher with a solid track record in computer security and information assurance. We have a collaborative partnership with the Center of Secure Information Systems of GMU and will bring the latest R & D findings to benefit this project. The D-Tech team is confident in completing this research with the best quality and customer satisfaction. BENEFIT: Benefits: - Provide the DoD and the Federal Government at large with a simplified framework for web-based single sign-on, utilizing user attributes stored and maintained by standard enterprise directory service (e.g. LDAP) - Establish a new standard and approach for deploying web-based single sign-on and user authentication in a flexible, cost-effective way, integrating SAML with OpenID and OAuth - Gain valuable knowledge and experience in various technologies and best practices, with the potential of enhancing related open industry standards, and contributing the knowledge back to the DoD and the IT security community via publications and conference presentations based on Phase I research - Generate new intellectual properties out of this research if such opportunities arise Potential Commercial Applications - Online Service Provider to use SAML attribute service to provide trust services (e.g. Secure Token Service) for RESTful applications - Online Service provider to use SAML in combination with OpenID and OAuth to achieve attribute-based access control - Mobile Service Provider to use lightweight protocol to perform user access control in difference mobile platforms
* information listed above is at the time of submission.