Solved

WS-Security, WS-Trust

Posted on 2014-07-31
1
433 Views
Last Modified: 2014-08-01
On a high level, what is the difference between WS-Secuirty and what it does, and WS-Trust, and what it does?

Thanks
0
Comment
Question by:Anthony Lucia
1 Comment
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40234069
WS-Security is 'base' to WS-Trust. as the latter extends its with additional capability and standard. These are all about securing web services...

it started off with WS-Security specifying how integrity and confidentiality can be enforced on (SOAP) messages and allows the communication of various security token formats, such as Security Assertion Markup Language (SAML), Kerberos, and X.509. It lays the as a building block that can be used in conjunction with other Web service extensions.

then it comes WS-Trust specifying  that Security Token Service (STS) which is some sort of trusted authority that can issue parties requesting for security token to be trusted. STS is then (or can be) used by both web service clients and providers to perform operations on issued standard security tokens as mandated in WS-Security.  

in all, WS-Security lays the ground to say you can drive in a car as long as you have a driving licence but to get that licence, you need to take driving centre test to achieve it. The driving center is run by the trusted provider - in this manner someone legit (one who is 'WS-trust'ed)
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
On Beyond Tools A conversation I recently had with the DevOps manager of a major online retailer really made me think about DevOps monitoring tools (https://www.onpage.com/devops-incident-management-tool/). The manager and I discussed how sever…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question