WS-Security, WS-Trust, and Others

Previous page
Table of content
Next page

Document:

Web Services Security and other specifications

Purpose:

To define standards for handling security-related tasks during a message transmission. Among the tasks:

  • To invoke encryption software, which is used

    • to prevent information from being understood by persons who intercept the message without authorization.

    • to guarantee that the message cannot be repudiated, which means that the originator cannot honestly claim (a) that the data was changed in transit, (b) that the data came from a different originator, or (c) that the data was never delivered.

  • To retrieve an encryption key, which is a value used in the process of encrypting or decrypting data. The source of a key may be a certificate authority, which is software whose administrators ensure that a given encryption key is from a given user.

  • To ensure that the requester submits authentication details only once, even when the transmitted message will be handled by multiple services.

Sponsor:

OASIS, with other specifications sponsored by various corporations

Links:

Several OASIS specifications are available:

  • http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss

For Web Services Trust Language (WS-Trust):

  • http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-sx

For Web Services Secure Conversation Language (WS-SecureConversation):

  • http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-sx

For Web Services Security Policy Language (WS-SecurityPolicy):

  • http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-sx

For Web Services Federation Language (WS-Federation):

  • http://www.ibm.com/developerworks/library/specification/ws-fed

A number of security technologies are useful during message transmission and in other contexts. Among those technologies:

  • XML Encryption, which is sponsored by W3C:

    • http://www.w3.org/TR/xmlenc-core

  • XML Signature, which is sponsored by W3C:

    • http://www.w3.org/TR/xmldsig-core

  • Security Assertion Markup Language (SAML), which is sponsored by OASIS:

    • http://xml.coverpages.org/saml.html

  • Extensible Access Control Markup Language (XACML), which is sponsored by OASIS:

    • http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml

  • Key Management Specification (XKMS), which is sponsored by W3C:

    • http://www.w3.org/TR/xkms2



Previous page
Table of content
Next page
SOA for the Business Developer. Concepts, BPEL, and SCA
SOA for the Business Developer: Concepts, BPEL, and SCA (Business Developers series)
ISBN: 1583470654
EAN: 2147483647
Year: 2004
Pages: 157
Authors: Ben Margolis
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Lotus Notes and Domino 6 Development (2nd Edition)
VBScript Programmers Reference
Python Programming for the Absolute Beginner, 3rd Edition
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy