Web Services Security (WSS)

Web Services Security (WSS or WS-Security) describes enhancements to SOAP messaging in order to provide quality of protection through message integrity, and single message authentication. These mechanisms can be used to accommodate a wide variety of security models and encryption technologies.

The scope of the Web Services Security Technical Committee is the support of security mechanisms in the following areas:

bulletUsing XML Signature (new window) to provide SOAP message integrity for Web services 
bulletUsing XML Encryption (new window) to provide SOAP message confidentiality for Web services 
bulletAttaching and/or referencing security tokens in headers of SOAP messages. Options include:
bulletUsername token
bulletSAML (new window)
bulletXrML (new window)
bulletKerberos
bulletX.509
bulletCarrying security information for potentially multiple, designated actors 
bulletAssociating signatures with security tokens 
bulletEach of the security mechanisms will use implementation and language neutral XML formats defined in XML Schema (new window).

Current specification: Web Services Security: SOAP Message Security

The basis of the work is the WS-Security specification submitted to OASIS by IBM, Microsoft, and VeriSign.

Organization: OASIS

More information: WSS page on the OASIS Web site (new window)

Related content for: Web Services Security (WSS)

More detail for the current topic: Web Services Security (WSS)
Public Key Infrastructure (PKI)
XML Encryption
XML Signature

More on the general topic: Security and authorization
eXtensible Access Control Markup Language (XACML)
eXtensible rights Markup Language (XrML)
Security Assertion Markup Language (SAML)
Service Provisioning Markup Language (SPML)
XML Common Biometric Format (XCBF)
XML Key Management Specification (XKMS)

Read more free articles on this site

There are nearly 400 pages of articles on this site with over 130 pages on Web services and service-oriented architecture.

Search this site for more articles

Custom Search

Browse this site for more articles

Click on the topics below to browse the articles on this site.The arrows show the path to the current article: Web Services Security (WSS).

Web Services and Service-Oriented Architectures
Online briefings
Search results
Online articles -->
Consulting
Mentoring
Speaking
Stencils for the Savvy Manager's Guide
Links
Mail list
Privacy policy
Sitemap
Contact
Web Services articles -->
XML standards and vocabularies
Application server articles
Database concepts and standards
Object database articles
Relational database articles
Object-relational mapping articles
XML database articles
XML middleware articles
Article Sponsorship
Reprint policy
Web Services definition
Service-oriented architecture (SOA) definition
Web Services explained
Web Services specifications -->
Prior Service-Oriented Architecture specifications
Organizations
Article suggestions
Models and metamodels
Repository
Messaging
Service
Security and authorization -->
Federated network identity
User interface
Workflow
Application servers
Object programming languages
eXtensible Access Control Markup Language (XACML)
eXtensible rights Markup Language (XrML)
Security Assertion Markup Language (SAML)
Service Provisioning Markup Language (SPML)
Web Services Security (WSS)
XML Common Biometric Format (XCBF)
XML Key Management Specification (XKMS)

Related recent articles from Google News


Using SharePoint In A Regulated Environment
Life Science Leader Magazine
... out-of-the-box workflows, and portal web services. It is not recommended that companies use this version for compliance issues. The step up from WSS was ...

and more »

More related news: "Web services" WSS - Google News

 

Copyright © 2000-2009 Barry & Associates, Inc. All Rights Reserved.
You can use this material for your work or classes. Click here for our reprint policy.
www.service-architecture.com

 

 

Newletter Sign Up

 

 

Barry & Associates, Inc.