kuyacai
发贴: 20
|
于 2005-06-16 10:55
在看SAML(Security Assertion Markup Language)相关文档中,其中提到这样两个概念,请问如何翻译。多谢! SAML is different from other security systems due to its approach of expressing assertions about a subject that other applications within a network can trust. What does this mean? To understand the answer, you need to know the following two concepts used within SAML:
Asserting party
The system, or administrative domain, that asserts information about a subject. For instance, the asserting party asserts that this user has been authenticated and has given associated attributes. For example: This user is John Doe, he has an email address of john.doe@acompany.com, and he was authenticated into this system using a password mechanism. In SAML, asserting parties are also known as SAML authorities.
Relying party
The system, or administrative domain, that relies on information supplied to it by the asserting party. It is up to the relying party as to whether it trusts the assertions provided to it. SAML defines a number of mechanisms that enable the relying party to trust the assertions provided to it. It should be noted that although a relying party can trust the assertions provided to it, local access policy defines whether the subject may access local resources. Therefore, although the relying party trusts that I'm John Doe – it doesn't mean I'm given carte blanche access to all resources.
|