NMA ZSentry SAML
Pricing: This service is priced attractively for bulk sale and is offered in addition to a Desktop, Web, and Mobile ZSentry subscription. There is no free personal offer for this service. For pricing and quantity discounts, Government, Non-Profit, and Education pricing please Contact us.
NMA ZSentry SAML (Security Assertion Markup Language) and Service-Oriented Architecture (SOA) allow for secure, usable, quick, and seamless exchange of critical information. ZSentry SAML fully supports a multi-party regulatory environment where customers have varying needs to actively protect and control the release of private and sensitive information.
SAML and SSO
SAML is an XML-based framework for communicating user authentication, entitlement, and attribute information, developed by the Security Services Technical Committee of OASIS.
As its name suggests, SAML allows business entities to make assertions regarding the identity, attributes, and entitlements of a subject (an entity that is often a human user) to other entities, such as a partner company or another enterprise application. More importantly, SAML allows applications in one security domain to communicate with applications in another security domain, on behalf of a user whose identity does not have to also flow with the data.
In terms of the SAML model, while using its SaaS "Sans-Target" technology, ZSentry SAML can act as the service provider (SP) or the identity provider (IdP).
Software-as-a-Service Sans-Target (SaaS-ST)
Identity Provider (IdP)
As an identity provider, ZSentry securely controls usernames, passwords and other information used to identify, authenticate and authorize users for web applications that are hosted by partners.
There are a number of existing open source and commercial service provider solutions that can help you implement SSO with ZSentry SAML.
Preventing false login (eg, by stealing a user's credentials with a key-logger) and duplicate use of the same account, may be a threat in some cases, especially with SSO. In addition to ZSentry Adaptive Security, which helps allay such concerns, people can use ZSentryID (PDF) to introduce a fresh second-channel challenge that changes for every authentication, for example by cell phone SMS.
Service Provider (SP)
Use Now:Contact Us >> for information on licensing and using the ZSentry SAML & SSO services.
|Main Technical Notes|