SAML is an open authentication and authorization standard, which runs between two entities:
- an identity provider, which holds the information about the user (identified as the main one);
- a service provider, which requests the main one’s identity to the identity provider mentioned above.
The existence and use of this standard is justified by the need to communicate assertions about the identity of a user or between systems that use different authentication and/or proprietary technologies. CAS univocal authentication system answers to this problem only internally, to the IST community. However, SAML works in a broader universe or federation. Not storing the data needed for the individual’s authentication , the service provider requests to an identity provider which will in turn, if unable to assert the identity, hand it over to another one, within the same federation.
Project eduGAIN
IST has its authentication portal and identity provider integrated into the eduGAIN identity federation. This membership allows IST users to have access to various online services made available both by the academic and scientific communities, as well as by commercial service providers, as support for federated authentication. These include scientific databases, scientific knowledge repositories, scientific article publishers, computing and data storage services, mass data analysis services, among other services.
More information available on the eduGAIN project website.