SOA 9 WSExtension Security

SOA 9 WSExtension Security - Service Oriented Architecture...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
1 1 Service Oriented Architecture (SOA) Subject Incharge Pratidnya S. Hegde Patil Security WS-* Extensions Security Security WS-Security XML-Encryption XML-Signature 2
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 What is WS-* Extensions? b The term "WS-*" has become a commonly used abbreviation that refers to the second-generation Web services specifications. b These are extensions to the basic Web services framework established by first-generation standards represented by WSDL, SOAP, and UDDI. The term "WS-*" became popular because the majority of titles given to second-generation Web services specifications have been prefixed with "WS-“. b (See www.specifications.ws for examples of WS-* specifications.) 3 b The WS-Security framework governs a subset of these specifications, and establishes a cohesive and composable security architecture. b The WS-Security framework provides extensions that can be used to implement message-level security measures. These protect message contents during transport and during processing by service intermediaries. Additional extensions implement authentication and authorization control, which protect service providers from malicious requestors. 4
Background image of page 2
3 b Security measures can be layered over any message transmissions to either protect the message content or the message recipient. b The WS-Security framework and its accompanying specifications therefore fulfill fundamental QoS requirements that enable enterprises to: s utilize service-oriented solutions for the processing of sensitive and private data s restrict service access as required 5 Security, as it relates to policies, SOAP messages, and Web services 6
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 b Service-oriented applications need to be outfitted to handle many of the traditional security demands of protecting information and ensuring that access to logic is only granted to those permitted. b However, the SOAP messaging communications framework, upon which contemporary SOA is built, emphasizes particular aspects of security that need to be accommodated by a security framework designed specifically for Web services. 7
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 15

SOA 9 WSExtension Security - Service Oriented Architecture...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online