WS – Specifications

While searching for materials on WebService Trust, I came across this presentation, which acts as a good introduction to the concept.

And also the following figure, which summarizes the web services specification stack.

WS-Secure Conversation : How to manage and authenticate message exchanges between parties including security context exchange and establishing and deriving session keys.

WS-Federation : How to manage and broker the trust relationships in a heterogeneous, federated environment including support for federated identities

WS-Authorization : How to manage authorization data and authorization policies.

WS-Policy : The capabilities and constraints of security and other business policies on intermediaries and endpoints (for example, required security tokens, supported encryption algorithms and privacy rules).

WS-Trust : A framework for trust models that enables Web services to securely


WS-Privacy : A model for how Web services and requesters state subject privacy

preferences and organizational privacy practice statements.

WS-Security : How to attach signature encryption headers to SOAP messages. In addition, it describes how to attach security tokens, including binary security tokens such as X.509 certificates and Kerberos tickets (an encryption system developed at MIT), to messages.

Technorati tags: , , , , , , , , ,


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s