WS-Security supports fewer authentication mechanisms than SAML: user name/password (the password can be sent in plain text or hashed), Kerberos ticket or X.509 certificate.

Security and trust has painstakingly built up for IT services where humans interact with applications. But Web services involves applications, or components, interacting directly with each other.

The WS-I said that the security profile will be an extension to the WS-I's basic profile, which describes how to comply with low-level Web services communications specifications, including the ...

Eventually, WS-SecurityPolicy could incorporate XACML as one of its access-control policy schemes, but that solution, like several other advanced aspects of Web services security, has a ways to go.

Specifically, WS-Security extends Simple Object Access Protocol (SOAP) to support message integrity, confidentiality (encryption) and authentication. It also specifies how security tokens should ...

The WS-I said that the security profile will be an extension to the WS-I's basic profile, which describes how to comply with low-level Web services communications specifications, including the ...

Research firm Gartner says WS-Security 1.1 will become a standard for the majority of Web services and that users should adopt it now to make it easier to update their Web services in the future.

The Web Services Interoperability Organization (WS-I) announced on Tuesday publication of its WS-I Basic Security Profile 1.0 , serving as a guide for enabling secure, interoperable Web services.

The Web Services Interoperability Organization (WS-I) announced on Tuesday publication of its WS-I Basic Security Profile 1.0, serving as a guide to enable secure, interoperable Web services.

Lockhart said there are an infinite number of ways for companies to use standards such as WS-Security and SOAP Message Security 1.0 to secure Web services messages. The WS-I is providing only a ...

/zimages/3/28571.gif WS-I security document identifies Web services threats. Click here to read more. “Attacks are standardized,” he said.

, a group working on standards for Web services, formed a new committee to develop the WS-Security specification. WS-Security, version 1.0 of which was written by IBM, Microsoft a ...