Q

A few questions regarding XML security...

I have few questions regarding XML security: 1.What is the relationship between WS-security and SAML? Do you think

that eventually these two standards will become one?

2.What is the relationship between XML encryption, XML signature and SAML/WS-security?

Are XML encryption and XML signature a subset of the two other?

3.Can SAML and WS-Security work together?

4.Are there any other important XML security standards out there except XML encryption, XML signature, (XKMS) XML key management specifications, WS-Security, SAML and XACL for access control?


All the questions you ask are good questions to which I (and I suggest I am not alone) do not have the answers. The whole security arena is quite fragmented and volatile at the moment. This is not helped by the fact that security on the Internet at large is an unsolved problem. XML or no XML, there is no consensus as to how to achieve non-repudiation for example - a vital component of transactional processes on the Internet.

The Halcyon days of PKI as a solution to these problems seem long gone - not necessarily for technical reasons. I suspect things will get worse before they get better in the XML security space.

This was first published in July 2002

Dig deeper on XML and XML schema

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSoftwareQuality

SearchCloudApplications

SearchAWS

TheServerSide

SearchWinDevelopment

Close