 - WS-Security (Web Services Security) is a proposed IT industry standard that addresses security when data is exchanged as part of a Web service. WS-Security is one of a series of specifications from an industry group that includes IBM, Microsoft, and Verisign. Related specifications include the Business Process Execution Language (BPEL), WS-Coordination, and WS-Transaction.
WS-Security specifies enhancements to SOAP (Simple Object Access Protocol) messaging aimed at protecting the integrity and confidentiality of a message and authenticating the sender. WS-Security also specifies how to associate a security token with a message, without specifying what kind of token is to be used. It does describe how to encode X.509 certificates and Kerberos tickets. In general, WS-Security is intended to be extensible so that new security mechanisms can be used in the future.
The WS-Security specification is an activity of the Web Service Interoperability Organization (WS-I Organization) which is an industry-wide effort at standardizing how Web services are requested and delivered.
 |
Learn more about WS-Security (Web services security standards) |
| SOA runtime major step for Eclipse – Milinkovich: The development of an SOA runtime, the release of Ajax tools, a Web services security project and an embrace of PHP demonstrate the vitality of the Eclipse Foundation. |
| Reactivity's Nash on who controls SOA: Reactivity CTO Andrew Nash addresses what's needed in the corporate culture around SOA and explains the differences between network agents and XML appliances. |
| The Concordia Project and XML security interoperability: Web services security and identity management has become a convoluted arena. Seeking to find common ground for competing approaches, the Concordia Project has entered the fray. |
| Reactivity's Nash: Get ready for the SOA deluge, part 2: In the second part of a Q&A, Reactivity CTO Andrew Nash talks about the need for policy-driven SOA, the potential of Binary XML and why this is a great time to be independent. |
| Web services next battlefront for hackers: Web services security is being targeted by hackers. Fortunately, sophisticated new tools and compliance with standards should mitigate these threats. |
| Chapter of the week: Advanced Messaging, Metadata and Security: This chapter, excerpted from Service-Oriented Architecture: Concepts, Technology, and Design, focuses on the various WS-* extensions that govern specific areas of the SOAP messaging framework. ... |
| XML Security Tutorial: This XML security tutorial is a compilation of resources that review different types of XML security standards and approaches for keeping your XML Web services secure. |
| Fast Guide: Web services security: Web services directly expose core application logic, increasing an organization's risk profile. These resources will help you identify the risks and protect your organization. |
| Fast facts: WS-Security: WS-Security enables Web services to be deployed across firewalls, reaching business partners, suppliers and customers. |
| The technology of Web Service Security: SOAP Web service messages frequently move through public channels and contain valuable information, therefore security technology has become increasingly important. |
| LAST UPDATED: |
18 Aug 2002
|
 |
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
|
More resources from around the web:
|
 |
 |
| |
RELATED CONTENT
 |
The technology of Web Service Security
SOAP Web service messages frequently move through public channels and contain valuable information, therefore security technology has become...
|
|
Web 2.0 at the old ballgame
Major League Baseball adopts Web 2.0 to authenticate home run balls for fans and provide umpires with the latest game time weather reports.
|
|
SOA complicated by ESB proliferation
Despite technical adherence to standards, ESBs from different vendors still don't play well with others, argues John Michelsen, chief architect at...
|
|
|
Show me everything on 