BAE SAML 2.0 Profiles
Title: Security Markup Language (SAML) 2.0 Identifier and Protocol Profiles for Backend Attribute Exchange (BAE) v2.0
Category: Authentication Protocol Interoperability Profile
Date: 1/23/2012
Creator: ICAM
URL: http://www.idmanagement.gov/documents/BAE_v2_SAML2_Profile_Final_v1.0.0.pdf
Description: A SAML 2.0 profile to support direct or brokered attribute exchange over the Backend Attribute Exchange
system. It supports names based on FASC-N (from a PIV authentication certificate), UUID (from a PIV-I
authentication certificate) or a general X.509 Subject Distinguished Name. It provides a mechanism for
looking up sources of metadata information from a repository based on the FASC-N (for government users)
and the AKI and organization name for non-government PIV-I users.
Privacy: The document recommends that BAE servers not store user identities in log files, but it is not required.
Security: The document is an information security profile. It promotes security by specifying a mechanism for relying
parties to obtain user attributes.
Interoperability: The document promotes interoperability by providing a common profile for BAE messages.
Terms: