Applying Security Assertion Markup Language (SAML) to non SOAP protocols
Small Business Information
13800 Coppermine Road, Suite 300, Herndon, VA, 20171-6163
Chief Technology Officer
Chief Technology Officer
AbstractABSTRACT: In Phase II, D-Tech plans to continue our success from Phase I by enhancing the existing prototype product with the latest Identity Management and Access Control (IdAM) technologies. We will implement the latest IdAM standards (i.e. OpenID Connect and XACML) in our product to enable advanced functions, including delegate access, policy-driven ABAC, and identity federation. By creating the necessary IdAM core services, a service-oriented IdAM environment can be established to support cross-domain interoperability and extensibility. We will integrate our IdAM solution with existing DoD/IC software application frameworks, including the DCGS DIB and the Ozone Widget Framework (OWF), to demonstrate real mission support. We will continue solidifying our product strength with enhanced enterprise and mobile capabilities, as well as a Software-as-a-Service (SaaS) solution for cloud security, to ensure operational readiness and product commercialization. We have formed a top-notch R & D team for this effort based on our core team from Phase I. With the help of our business consultant, we will be able to start our marketing and business development effort to promote our product and solutions to customers. By collaborating with our AF stakeholders closely, the D-Tech team is confident in completing Phase II successfully, with technology innovations and quality deliverables. BENEFIT: Benefits: - Provide the DoD and other government agencies with lightweight IdAM technologies for information assurance and cyber security - Establish a approach and best practices in achieving enterprise-wide cross-domain interoperability of identities and attributes, as well as IdAM SaaS capabilities for cloud security - Gain valuable knowledge and experience in various technologies and best practices, with the potential of enhancing related open industry standards, and contributing the knowledge back to the DoD and the IT security community via publications and conference presentations based on our research findings - Generate new intellectual properties out of this research if such opportunities arise Potential Commercial Applications: - Government agencies and large corporations using the Identity Provider solution to consolidate and streamline user identity management and to provide centralized user authentication - Government agencies and online Service Provider to use SAML attribute service to provide trust services (e.g. Secure Token Service) for RESTful applications - Government agencies and online Service provider to use OpenID /OpenID connect based solution for cross-domain identity federation and access control - Government agencies and online service providers to operate IdAM operations in a cloud environment - Mobile Service Provider to use lightweight protocol to perform user access control in difference mobile platforms
* information listed above is at the time of submission.