WS- Security in SOA

ü WS-Security framework extension can  be used to implement message level security to protect message content during transport and processing by service intermediaries.

ü Message-level security clearly become the core component of service-oriented solutions.

The WS-Security framework and its accompanying specifications fulfill fundamental QoS requirements that enable enterprises to:

  Ø utilize service-oriented solutions for the sensitive and private data process.

  Ø restrict service access as required.

WS-Security in SOA

ü Security within SOA  encompasses the feature set of numerous specifications such as WS-Security, XML-Signature and XML-Encryption. 

 The aspects of security addressed by the specifications are,

 ★ Identification

 ★ Authentication

 ★ Authorization

 ★ Integrity

 ★ Confidentiality

 ★ Non-repudiation

WS-Security related to the other WS-* specifications

The WS-Security framework governs a subset of specifications, and establishes a cohesive and composable security architecture.

Elements in WS-Security:

UsernameToken, username, and password elements:

ü Token information can be hosted by the Username Token element to ensure  authentication and authorization. 

ü Typical children of this element are the Username and Password child elements, but custom elements also can be added.

BinarySecurityToken element:

 ü BinarySecurityToken element allows the tokens which are stored as binary data(Certificates) to be represented in an encoded format.

SecurityTokenReference element:

ü Pointer can be provided to the token that is existing outside of the SOAP message document  by the SecurityTokenReference element.