Web services security (WS-Security)

宗政博文
2023-12-01

Web services security (WS-Security) specification has been out for more than a year now. However, the real life implementation of the technology has followed a slow pace, attempting to map the footsteps of Web services development. This session will present the WS-Security implementations currently in the Java community, as well as the trends and standardization in process. It provides a quick introduction to the various aspects of WS-Security, including the use and significance of key WS-Security concepts such as tokens, XML encryption, canonicalization, XML signature, and policy. It will briefly touch upon related security standards such as SAML, XACML, XrMS, Kerberos and XKMS, and other important aspects of Web services security such as single sign-on, federation and secure conversation. This paper will then provide examples of implementations of WS-Security by Web service tool vendors such as Apache AXIS, BEA WebLogic, IBM WebSphere, and Microsoft .NET. Detailed comparisons will be made with real-life demonstrations of interoperability between these platforms using WS-Security-enabled Web services.

http://dev2dev.bea.com/technologies/soa/xmlmessaging/articles/WS-Security.jsp

 类似资料: