Web Services Security (WSS)

Web Services Security (WSS or WS-Security) describes enhancements to SOAP messaging in order to provide quality of protection through message integrity, and single message authentication. These mechanisms can be used to accommodate a wide variety of security models and encryption technologies.

The scope of the Web Services Security Technical Committee is the support of security mechanisms in the following areas:

bulletUsing XML Signature (new window) to provide SOAP message integrity for Web services 
bulletUsing XML Encryption (new window) to provide SOAP message confidentiality for Web services 
bulletAttaching and/or referencing security tokens in headers of SOAP messages. Options include:
bulletUsername token
bulletSAML (new window)
bulletXrML (new window)
bulletKerberos
bulletX.509
bulletCarrying security information for potentially multiple, designated actors 
bulletAssociating signatures with security tokens 
bulletEach of the security mechanisms will use implementation and language neutral XML formats defined in XML Schema (new window).

Current specification: Web Services Security: SOAP Message Security

The basis of the work is the WS-Security specification submitted to OASIS by IBM, Microsoft, and VeriSign.

Organization: OASIS

More information: WSS page on the OASIS Web site (new window)

 

 

Web Services and Service-Oriented Architectures
Online articles>
Consulting
Mentoring
Speaking
Suggested programs
Stencils for the Savvy Manager's Guide
Links
Mail list
Privacy policy
Sitemap
Contact
Web Services articles>
XML standards and vocabularies
Application server articles
Database concepts and standards
Object database articles
Relational database articles
Object-relational mapping articles
XML database articles
XML middleware articles
Article Sponsorship
Reprint policy
Web Services definition
Service-oriented architecture (SOA) definition
Web Services explained
Web Services specifications>
Prior Service-Oriented Architecture specifications
Organizations
Article suggestions
Models and metamodels
Repository
Messaging
Service
Security and authorization>
Federated network identity
User interface
Workflow
Application servers
Object programming languages
eXtensible Access Control Markup Language (XACML)
eXtensible rights Markup Language (XrML)
Security Assertion Markup Language (SAML)
Service Provisioning Markup Language (SPML)
Web Services Security (WSS)>
XML Common Biometric Format (XCBF)
XML Key Management Specification (XKMS)
Public Key Infrastructure (PKI)
XML Encryption
XML Signature

Related recent articles from Google News


Team System
MSDN Magazine - May 2, 2008
You'll find 28 files stored in the folder C:\Program Files\Microsoft Visual Studio 2008 Team Foundation Server\Web Services\Services\v1.0\Transforms. ...

Spring (Acegi) Security 2.0 Adds OpenID Support, REST Capabilities ...
InfoQ.com, Canada - Apr 28, 2008
... additional languages, Web Flow 2.0 support, Spring IDE visualization and auto-completion, enhanced WSS support via Spring Web Services 1.5 and more. ...

More related news: "Web services" WSS - Google News

 

Copyright © 2000-2008 Barry & Associates, Inc. All Rights Reserved.
You can use this material for your work or classes. Click here for our reprint policy.
www.service-architecture.com

 

 Information on becoming a sponsor

 

 

Google

 

Barry & Associates, Inc.