London software testing news UK

Inter-operability testing and SAML

Posted in Acceptance testing by testing in London on December 3, 2007

From Government Computer News

The government’s push toward E-Authentication has given a boost to the Security Assertion Markup Language. Federal programme managers say the government’s pioneering interoperability testing program for the E-Authentication Federated Identity and Authentication Initiative has helped drive standard implementations of the protocol in identity management products.

Federated identity management projects are gaining momentum because providing user authentication separately for each of the hundreds of public-facing government applications entails needless costs for the enterprises supporting them and irksome burdens for users who now must maintain multiple IDs and passwords to access different online resources.

“Wouldn’t it be great if we could use just one” user ID and password to access multiple applications? Kireilis asked rhetorically. Federation enables access across a variety of resource providers, using the same infrastructure and a network of trust.

“In an identity federation, management of the end user’s identity might be performed by agencies other than your own,” said Dave Temoshok, director of ID policy and management at GSA’s Governmentwide Policy Office.

This interoperability requires a common standard that can be employed by product manufacturers. SAML specifies an Extensible Markup Language standard for exchanging data for authentication and authorisation between security domains.

But a common standard does not necessarily ensure that products created by different companies will work with one another, because standards can be interpreted and implemented differently by each. The E-Authentication programme established a formal testing programme to ensure interoperability.

The testing program “is essential for us, and I think it’s essential for any other large-scale deployment using Security Assertion Markup Language,” Temoshok said. Until recently, GSA did that testing. “We established an interoperability testing programme because there was no testing programme on the industry side,” he said.

Kireilis said the federal testing program consumed a lot of resources, so officials concluded that the testing operation should shift to the private sector once a program became available. “Given the community that Liberty Alliance represents, they were in the perfect place to provide the testing for us.”

Liberty Alliance launched its testing program in 2003 and has certified 80 products since then. The group recently selected Drummond Group to provide SAML 2.0 interoperability testing.

GSA has certified seven products under its interoperability testing program so far. That total could expand rapidly, Kireilis said, and eventually the number of products tested could range in the hundreds.

Client- side assurance

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: