
	Home > Ask the SOA Experts > Questions & Answers > Are SAML and WS-Security competitive specifications for Web services security?

Ask The SOA Expert: Questions & Answers

EMAIL THIS

Are SAML and WS-Security competitive specifications for Web services security?

EXPERT RESPONSE FROM: Donald Flinn

		Pose a Question

		Other SOA Categories

		Meet all SOA Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 21 May 2003
Are SAML and WS-Security competitive specifications for Web services security?

No, they both serve somewhat different purposes. SAML, the Security Assertion Markup Language specification, is used to make authentication, attribute and/or authorization assertions about the subject of the SAML assertion. WS-Security is a higher-level specification that is used, among other things, to carry different token types, which, in turn, support claims about the subject. In fact, SAML has been accepted as one of the tokens that can be used in WS-Security. In one sense, WS-Security may be thought of as a container that carries security information in its token, one of which may be SAML. Note that WS-Security does more that this. The specification also describes how to use digital signatures and encryption with SOAP messages for stronger protection of the message.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	WS-Security (Web services security standards)
	The technology of Web Service Security
	Web 2.0 at the old ballgame
	SOA complicated by ESB proliferation
	BPEL4People and WS-HumanTask get reference implementation
	Liberty offers Web 2.0 open source security
	The case against WS-Security
	SOA governance, security concerns drive XACML interop
	New BizTalk Services rolling out
	Will acquisitions stifle SOA innovation?
	Burton: WS-* specs good, but SOA security needs more

SAML

UML-based SoaML attacks SOA services modeling issues

IBM, HP qualify on SAML 2.0

SOA governance, security concerns drive XACML interop

Microsoft, Liberty join for Web services identity interop

OASIS begins work on WS-Federation

Web 2.0 lacks the business impact of SOA, Burton warns

Eclipse and Novell join in Web service security effort

Liberty reaches out to open source

SAML declares victory, closes in on a billion IDs

WS-Security 1.1 approved

SAML Research

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

Web Services Trust Language (SearchSOA.com)

WS-Security (SearchSOA.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

SOA Governance White Papers - BPM, EDA, IT Governance

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2001 - 2009, TechTarget \| Read our Privacy Policy