Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 451
  • Last Modified:

WS-Security, WS-Trust

On a high level, what is the difference between WS-Secuirty and what it does, and WS-Trust, and what it does?

Thanks
0
Anthony Lucia
Asked:
Anthony Lucia
1 Solution
 
btanExec ConsultantCommented:
WS-Security is 'base' to WS-Trust. as the latter extends its with additional capability and standard. These are all about securing web services...

it started off with WS-Security specifying how integrity and confidentiality can be enforced on (SOAP) messages and allows the communication of various security token formats, such as Security Assertion Markup Language (SAML), Kerberos, and X.509. It lays the as a building block that can be used in conjunction with other Web service extensions.

then it comes WS-Trust specifying  that Security Token Service (STS) which is some sort of trusted authority that can issue parties requesting for security token to be trusted. STS is then (or can be) used by both web service clients and providers to perform operations on issued standard security tokens as mandated in WS-Security.  

in all, WS-Security lays the ground to say you can drive in a car as long as you have a driving licence but to get that licence, you need to take driving centre test to achieve it. The driving center is run by the trusted provider - in this manner someone legit (one who is 'WS-trust'ed)
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now