Section 13.7. Security and Policy
|
13.7. Security and PolicyWS-SecurityPolicy defines policy assertions for the security properties of Web services. In particular, WS-SecurityPolicy defines policy assertions for use with WS-Policy that apply to WSS: SOAP Message Security, WS-Trust, and WS-SecureConversation. These assertions are primarily designed for describing policies related to the features defined in the WSS: SOAP Message Security, WS-Trust, and WS-SecureConversation specifications, but they can also be used for describing security requirements at a more abstract or transport-independent level. The primary goal of WS-SecurityPolicy is to define an initial set of assertions that describe how messages are secured on a communication path. The intent is to allow flexibility in terms of the tokens, cryptography, and mechanisms used, including leveraging transport security, while being specific enough to ensure interoperability based on assertion matching. One goal of the security policy model is to leverage the WS-Policy framework. Consequently, wherever possible, the security policy assertions do not use parameters or attributes. This enables element QName matching without security domain-specific knowledge (see Chapter 7, "Web Services Policy"). |
|
![Web Services Platform Architecture(c) SOAP, WSDL, WS-Policy, WS-Addressing, WS-BP[. .. ] More](/icons/blank_book.jpg "Web Services Platform Architecture(c) SOAP, WSDL, WS-Policy, WS-Addressing, WS-BP[. .. ] More"){kind=icon}
EAN: N/A
Pages: 176
- Enterprise Application Integration: New Solutions for a Solved Problem or a Challenging Research Field?
- Context Management of ERP Processes in Virtual Communities
- Data Mining for Business Process Reengineering
- A Hybrid Clustering Technique to Improve Patient Data Quality
- Development of Interactive Web Sites to Enhance Police/Community Relations