WS-Security

WS-Security specifies enhancements to SOAP (Simple Object Access Protocol) messaging aimed at protecting the integrity and confidentiality of a message and authenticating the sender. WS-Security also specifies how to associate a security token with a message, without specifying what kind of token is to be used. It does describe how to encode X.509 certificates and Kerberos tickets. In general, WS-Security is intended to be extensible so that new security mechanisms can be used in the future.

The WS-Security specification is an activity of the Web Service Interoperability Organization (WS-I Organization) which is an industry-wide effort at standardizing how Web services are requested and delivered.

Read more about WS-Security: - The initial version of the WS-Security specification is available. - SearchSecurity.com provides up-to-date news about security developments.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT The technology of Web Service Security SOAP Web service messages frequently move through public channels and contain valuable information, therefore security technology has become... Web 2.0 at the old ballgame Major League Baseball adopts Web 2.0 to authenticate home run balls for fans and provide umpires with the latest game time weather reports. SOA complicated by ESB proliferation Despite technical adherence to standards, ESBs from different vendors still don't play well with others, argues John Michelsen, chief architect at...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Web Services Trust Language  (SearchSOA.com) Web Services Trust Language (WS-Trust) is a specification that uses the secure messaging mechanisms of WS-Security to facilitate trust relationships...