ZXID
Encyclopedia
ZXID.org Identity Management toolkit implements standalone SAML 2.0
,
Liberty ID-WSF 2.0
, and XACML
2.0 stacks and aims at implementing all popular
federation, SSO
, and ID Web Services protocols. It is a C implementation
with minimal external dependencies - OpenSSL, CURL, and zlib -
ensuring easy deployment (no DLL hell
). Due to its small footprint and
efficient and accurate schema driven implementation, it is suitable
for embedded and high volume applications. Language bindings to all
popular highlevel languages such as PHP
, Perl
, and Java
, are provided
via SWIG
. ZXID implements, as of Nov 2011, SP, IdP, WSC, WSP,
Discovery, PEP, and PDP roles. ZXID is the reference implementation
of the core security architecture of the TAS3.eu
project.
similarly liberal open source license.
The underlying standards are all Royalty Free
as specified in Libery Alliance and OASIS IPR policies.
The TAS3 architecture, of which ZXID is the reference implementation, is covered by TAS3 Consortium "Royalty free to implement and use" pledge at www.tas3.eu section "Software" (http://vds1628.sivit.org/tas3/?page_id=138)
from Symlabs commitment to release the code under Apache2 license, which effectively
made ZXID an open source project. In 2009 TAS3 project adopted ZXID as the
reference implementation of TAS3 core security technologies. The 1.0 release and end of initial development phase happened in May 2011. ZXID is considered to be stable with respect to SAML2, ID-WSF2, and XACML2 features. ZXID continues to be
an active open source project (as of November 2011) and new features, some of which may not be stable, continue to be added.
SAML 2.0
Security Assertion Markup Language 2.0 is a version of the SAML OASIS standard for exchanging authentication and authorization data between security domains. SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal between an...
,
Liberty ID-WSF 2.0
ID-WSF
ID-WSF - Identity Web Services Framework =Identity Web Services Framework is a protocol stack that profiles WS-Security, WS-Addressing, SAML andadds new protocol specifications of its own, such as the Discovery Service, for open market per user service...
, and XACML
XACML
XACML stands for eXtensible Access Control Markup Language. The standard defines a declarative access control policy language implemented in XML and a processing model describing how to evaluate authorization requests according to the rules defined in policies.As a published standard...
2.0 stacks and aims at implementing all popular
federation, SSO
Single sign-on
Single sign-on is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them...
, and ID Web Services protocols. It is a C implementation
with minimal external dependencies - OpenSSL, CURL, and zlib -
ensuring easy deployment (no DLL hell
DLL hell
In computing, DLL Hell is a term for the complications that arise when working with dynamic link libraries used with Microsoft Windows operating systems, particularly legacy 16-bit editions which all run in a single memory space....
). Due to its small footprint and
efficient and accurate schema driven implementation, it is suitable
for embedded and high volume applications. Language bindings to all
popular highlevel languages such as PHP
PHP
PHP is a general-purpose server-side scripting language originally designed for web development to produce dynamic web pages. For this purpose, PHP code is embedded into the HTML source document and interpreted by a web server with a PHP processor module, which generates the web page document...
, Perl
Perl
Perl is a high-level, general-purpose, interpreted, dynamic programming language. Perl was originally developed by Larry Wall in 1987 as a general-purpose Unix scripting language to make report processing easier. Since then, it has undergone many changes and revisions and become widely popular...
, and Java
Java
Java is an island of Indonesia. With a population of 135 million , it is the world's most populous island, and one of the most densely populated regions in the world. It is home to 60% of Indonesia's population. The Indonesian capital city, Jakarta, is in west Java...
, are provided
via SWIG
SWIG
SWIG is an open source software tool used to connect computer programs or libraries written in C or C++ with scripting languages such as Lua, Perl, PHP, Python, R, Ruby, Tcl, and other languages like C#, Java, Modula-3, Objective Caml, Octave, and Scheme...
. ZXID implements, as of Nov 2011, SP, IdP, WSC, WSP,
Discovery, PEP, and PDP roles. ZXID is the reference implementation
of the core security architecture of the TAS3.eu
TAS3
TAS3 - Trusted Architecture for Securely Shareable Services, with PrivacyTAS3 Architecture is a result of European Commission FP7 project ofthe same name . It is a holistic, yet concrete,...
project.
IPR Status
Apache2 Open Source License. All dependency libraries (OpenSSL, libcurl, zlib) are undersimilarly liberal open source license.
The underlying standards are all Royalty Free
Royalty free
Royalty-Free, or RF, refers to the right to use copyrighted material or intellectual property without the need to pay royalties for each use or per volume sold, or some time period of use or sales.-Computer standards:...
as specified in Libery Alliance and OASIS IPR policies.
The TAS3 architecture, of which ZXID is the reference implementation, is covered by TAS3 Consortium "Royalty free to implement and use" pledge at www.tas3.eu section "Software" (http://vds1628.sivit.org/tas3/?page_id=138)
-
- In TAS3 General Assembly of 2010-09-13, following declaration was made:
-
-
- "TAS3 architecture and specifications, as described in public deliverables D2.1, D2.4, and D7.1, are licensed free for implementation and use by anyone. Up to June 2010, TAS3 consortium partners do not hold patents nor will exercise patents that cover implementation and use of the TAS3 architecture and specifications of those deliverables. This license is only granted for the specific purpose of correct implementations of TAS3 specifications."
-
History
ZXID was started in 2005 by Sampo Kellomäki while still working with Symlabs. Sampo obtained in 2006from Symlabs commitment to release the code under Apache2 license, which effectively
made ZXID an open source project. In 2009 TAS3 project adopted ZXID as the
reference implementation of TAS3 core security technologies. The 1.0 release and end of initial development phase happened in May 2011. ZXID is considered to be stable with respect to SAML2, ID-WSF2, and XACML2 features. ZXID continues to be
an active open source project (as of November 2011) and new features, some of which may not be stable, continue to be added.