NMA ZSentry SAML

NMA ZSentry SAML (Security Assertion Markup Language) and Service-Oriented Architecture (SOA) allow for secure, usable, quick, and seamless exchange of critical information. ZSentry SAML fully supports a multi-party regulatory environment where customers have varying needs to actively protect and control the release of private and sensitive information.

SAML is an XML-based framework for communicating user authentication, entitlement, and attribute information, developed by the Security Services Technical Committee of OASIS.

As its name suggests, SAML allows business entities to make assertions regarding the identity, attributes, and entitlements of a subject (an entity that is often a human user) to other entities, such as a partner company or another enterprise application. More importantly, SAML allows applications in one security domain to communicate with applications in another security domain, on behalf of a user whose identity does not have to also flow with the data.

NMA ZSentry offers a SAML-based Single Sign-On (SSO) service that provides partner companies with full control over the authorization and authentication of hosted user accounts that can access web-based applications at ZSentry or elsewhere.

In terms of the SAML model, while using its SaaS "Sans-Target" technology, ZSentry can act as the service provider (SP) or the identity provider (IdP).

Software-as-a-Service Sans-Target (SaaS-ST)
Each customer's data is protected in separate by our "No Target" ZSentry technology, with configurable, encrypted metadata (keys also protected by our "No Target" ZSentry technology) providing a protected, standards-compliant, unique user experience and feature set for each customer. ZSentry helps allay data storage security concerns, both locally and in the infrastructure. This is even more important in the context of "cloud computing" and SaaS, when user data may be stored in the "cloud". With ZSentry, customer access audit trails and customer data storage can be securely maintained in the "cloud" with encrypted, de-identified numbers, which access keys are provided and secured by the ZSentry technology.

Identity Provider (IdP)
The ZSentry technology allows our IdP solutions to work without ever exposing the users' private data, passwords, keys, or data. Therefore, ZSentry's user data and keys are never in danger from outside or inside attacks, neither in the servers providing the service nor in the user's desktop or laptop client accessing the service.

As an identity provider, ZSentry securely controls usernames, passwords and other information used to identify, authenticate and authorize users for web applications that are hosted by partners.

There are a number of existing open source and commercial service provider solutions that can help you implement SSO with ZSentry SAML.

Service Provider (SP)
When ZSentry acts as an SP, ZSentry allows and provides services such as secure email with ZSentry Mail, secure epayments with ZSentry Bill, secure and private online voting (through our partner Safevote, Inc.), and secure document archive with self-destruct option using ZSentry Vault.

Requirements
ZSentry SAML is a zero-footprint interface. ZSentry does not require Java, ActiveX controls, or custom plugins. Javascript is used. There is no download, no installation process, no removal or removal tool, no additional security risk.

Feedback
Please tell us about any service you would like to use with ZSentry SAML.