WS-Security supports fewer authentication mechanisms than SAML: user name/password (the password can be sent in plain text or hashed), Kerberos ticket or X.509 certificate.

Web services protocols use XML to make it easier to share data between applications. The goal of the WS-Security specification is to improve interoperability between different security systems ...

The WS-I said that the security profile will be an extension to the WS-I's basic profile, which describes how to comply with low-level Web services communications specifications, including the ...

The Web Services Interoperability Organization (WS-I) announced on Tuesday publication of its WS-I Basic Security Profile 1.0 , serving as a guide for enabling secure, interoperable Web services.

Eventually, WS-SecurityPolicy could incorporate XACML as one of its access-control policy schemes, but that solution, like several other advanced aspects of Web services security, has a ways to go.

WS-Security details the mechanisms by which a SOAP (Simple Object Access Protocol) message can describe not only its contents but also its credentials, and the algorithms by which your XML packet ...

Lockhart said there are an infinite number of ways for companies to use standards such as WS-Security and SOAP Message Security 1.0 to secure Web services messages. The WS-I is providing only a ...

Research firm Gartner says WS-Security 1.1 will become a standard for the majority of Web services and that users should adopt it now to make it easier to update their Web services in the future.

The WS-I's Basic Security Profile Working Group developed the security scenarios in the report from security specs issued by OASIS, according to Hal Lockhart, senior engineering technologist at BEA ...