San Mateo, CA November 7, 2002 dba Sigaba, a provider of secure messaging solutions, said it now supports the Security Assertion Markup Language (SAML) v1.0, which this week received the highest level of ratification as an OASIS Open Standard.
"We consider SAML to be an excellent, very thorough and well-thought-out standard that addresses and solves the lack of interoperability between security services," said Jahan Moreh, chief technology architect, Sigaba.
SAML is the OASIS standard XML schema for security assertions and protocols. It enables security interoperability through the exchange of authentication and authorization information among disparate Web access management and security products. Sigaba said the standard addresses the need for a secure sign-on across diverse Web access management environments that are implemented across various organizations, applications, Web sites and portals. The standard defines standardized exchanges of identity and access management (IAM) information, leveraging Web services standards such as XML and SOAP.
"We are committed to remaining a technology innovator in the secure messaging market, as demonstrated by solutions that are well ahead of the industry," said Moreh. "Our customers also tell us that our work with SAML and other industry standards has weighed into their final analysis and decision to select Sigaba as their secure messaging partner."
Sigaba is the only secure messaging company to implement a federated authentication model utilizing SAML. In Sigaba's implementation, users authenticate with their favorite authentication mechanism, which issues a SAML authentication assertion. Subsequently, the Sigaba key server consumes the SAML assertion and releases decryption keys to authorized recipients of the message. All of this happens automatically and transparently to the sender and the recipient.
Other companies that participated in the development of the SAML Open Standard include Baltimore Technologies, BEA Systems, Computer Associates, Entrust, Hewlett-Packard Co., Hitachi, IBM, Netegrity, Oblix, OpenNetwork, RSA Security, Sun Microsystems, Verisign, and other members of the OASIS Security Services Technical Committee.