WS-I Profile Eases Web Services Security
Security profile defines how to make Web services work together securely.
April 6, 2007
This week the Web Services Interoperability Organization (WS-I) published a set of guidelines outlining how developers can enable Web services interoperate with each other in a secure fashion.
The WS-1 Basic Security Profile (BSP) 1.0 was ratified after five vendor members--IBM, Microsoft, Novell, Oracle, and SAP--demonstrated interoperability.Using the WS-I's Basic Profile 1.1 as a foundation, BSP 1.0 describes the interoperability qualities of two key security technologies--HTTP over TLS and Simple Object Access Protocol (SOAP) message security. HTTP over TLS safeguards data privacy over point-to-point HTTP connections. SOAP message security defines how SOAP messages, the basis of Web services communications, are to be protected even as these messages pass through multiple waypoints.
The security profile also addresses other elements of secure interoperability including Username Token Profile, X.509 certificate, Kerberos Token Profile and SAML Token Profile.
The Basic Security Profile can be accessed at www.ws-i.org/Profiles/BasicSecurityProfile-1.0.html
You May Also Like