The attribute-based authorization model has one web site communicating identity information about a subject to another web site in support of some transaction. However, the identity information may be some characteristic of the subject (such as a person's role in a B2B scenario) rather than, or in addition to, information about when and how the person was authenticated. The attribute-based authorization model is
important when the individual's particular identity is either not important, should not be shared (for privacy reasons), or is insufficient on its own.
See also:
- SAML Executive Overview- SAML Technical Overview
More Here
Courtesy:http://saml.xml.org/attribute-based-authorization