I have been quite busy this week with work. There are two interoperability tests I am ramping up for and need some test plans out this week. But I thought would add a link to my company's monthly newsletter which just came out and its main feature is a short article I wrote. One of my goals with this site is to become a better writer. Writing which is technical in nature is actually quite tricky because it is so easy and natural to be strictly technical which makes it boring which means no one reads it. The challenge is balancing the necessary technical content with a form and voice which is interesting and readable.
Here is the newsletter featuring my article on SAML. You probably don't know what SAML is, but this is written to explain it to a novice. In re-reading it, I found a couple of places which could use some additional clarity, but it is not bad. I always try to come up with analogies to tie commonly understood concepts to the lesser known technical points I am trying to explain. I pulled from my 11th Grade US History class for this article. Enjoy.
This is a fascinating and helpful paper. I absolutely love your teaching and writing style. (This from a teacher. :) ) The governmental anaology was extremely helpful. I was a bit disappointed because you seemed to make the mistake of using Authorization (what users are allowed to do) interchangably with Authentication (establishing that a user is indeed who they say that they are). If I understand you correctly, the centralized "federal government" is responsible for Authentication, while authorization is still handled individual states. I'm learning about SharePoint's Claims based authentication and there the SAML token seems to be exclusively used to establish identity (AuthN), so your paper provided a nice overview of general federated identity for me. I just had to reinterpret things a little to make them match up. Since your ranking is so high on Google, it might be a nice service to the community to rewrite this paper in order to draw the distinction between AuthN and AuthZ in federated identity management.
ReplyDelete