Hal Lockhart (who I've met while working with WS-I) over at BEA has put together a couple of nice little primers on XML based security.

They are both relatively short but well worth the reading if you don't have a good understanding on how XACML, SAML, and WSS relate.

Demystifying Security Standards by Harold Lockhart -- Security is a fundamental aspect of architecture. This article, part of a series looking at security standards, introduces Web Services Security (WSS), Security Assertion Markup Language (SAML) and Extensible Access Control Markup Language (XACML).

Demystifying SAML by Harold Lockhart -- Continuing our look at security standards, Hal Lockhart explores SAML, the Security Assertion Markup Language. Using Identity Federation as a driver, Hal shows why SAML is now a critical requirement of modern networked environments.