The paper on “Extending the Security Assertion Markup Language to Support Delegation for Web Services and Grid Services” by Jun Wang and my friend Marty Humphrey over at the CS department, University of Virginia, is a great read. It illustrates how one could do user rights delegation using SAML. This is a common scenario in Internet-scale applications (aka Grid applications). They also have an implementation using Microsoft‘s WSE.
Here’s a quote from the paper:
“The problem with the conventional approach in Grids – GSI X509 proxy certificates [5] – is that commercial tooling for Web Services does not necessarily recognize and properly process these certificates, typically the Distinguished Name (DN) in the certificate or in path validation. Even with the recent introduction of proxy certificates in the IETF, it is not clear when and if this commercial support will occur. An alternative approach that is pursued in this work is to leverage and extend existing Web Services standards, without breaking the existing tooling, so as to facilitate Grid practitioners more easily building and consuming services across the Grid without requiring Grid-specific protocols.”
Excellent stuff.
As I wrote in previous posts, the manual recording of memories for BrainExpanded is just…
Imagine a world where your memory is enhanced by a team of intelligent agents, working…
As part of the BrainExpanded project, I’m building an iOS app that lets users easily…
Artificial Intelligence (AI) has rapidly evolved over the past few decades, becoming an integral part…
Happy New Year everyone! I was planning for my next BrainExpanded post to be a…
See "BrainExpanded - Introduction" for context on this post. Notes and links Over the years,…