Transport and message security
Two main ways of securing interactions are Secure Sockets Layer with Transport Level Security (SSL/TLS) and digital signatures.
Use SSL/TLS in environments the require both message confidentiality and integrity. For SAML messaging, digital signatures ensure the identity of both parties involved in the transaction and validate that a particular partner received a message. To achieve increased privacy, PingFederate also lets you encrypt SAML 2.0 messages, including SAML metadata files, as well as WS-Trust STS assertions.
For more information, see Security and Privacy Considerations for the OASIS Security Assertion Markup Language (SAML) V2.0.