WS-I Profile Eases Web Services Security

Security profile defines how to make Web services work together securely.

April 6, 2007

2 Min Read
Network Computing logo

This week the Web Services Interoperability Organization (WS-I) published a set of guidelines outlining how developers can enable Web services interoperate with each other in a secure fashion.

The WS-1 Basic Security Profile (BSP) 1.0 was ratified after five vendor members--IBM, Microsoft, Novell, Oracle, and SAP--demonstrated interoperability.Using the WS-I's Basic Profile 1.1 as a foundation, BSP 1.0 describes the interoperability qualities of two key security technologies--HTTP over TLS and Simple Object Access Protocol (SOAP) message security. HTTP over TLS safeguards data privacy over point-to-point HTTP connections. SOAP message security defines how SOAP messages, the basis of Web services communications, are to be protected even as these messages pass through multiple waypoints.

The security profile also addresses other elements of secure interoperability including Username Token Profile, X.509 certificate, Kerberos Token Profile and SAML Token Profile.

The Basic Security Profile can be accessed at www.ws-i.org/Profiles/BasicSecurityProfile-1.0.html


SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights