Solved

WS-Security, WS-Trust

Posted on 2014-07-31
1
440 Views
Last Modified: 2014-08-01
On a high level, what is the difference between WS-Secuirty and what it does, and WS-Trust, and what it does?

Thanks
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 64

Accepted Solution

by:
btan earned 500 total points
ID: 40234069
WS-Security is 'base' to WS-Trust. as the latter extends its with additional capability and standard. These are all about securing web services...

it started off with WS-Security specifying how integrity and confidentiality can be enforced on (SOAP) messages and allows the communication of various security token formats, such as Security Assertion Markup Language (SAML), Kerberos, and X.509. It lays the as a building block that can be used in conjunction with other Web service extensions.

then it comes WS-Trust specifying  that Security Token Service (STS) which is some sort of trusted authority that can issue parties requesting for security token to be trusted. STS is then (or can be) used by both web service clients and providers to perform operations on issued standard security tokens as mandated in WS-Security.  

in all, WS-Security lays the ground to say you can drive in a car as long as you have a driving licence but to get that licence, you need to take driving centre test to achieve it. The driving center is run by the trusted provider - in this manner someone legit (one who is 'WS-trust'ed)
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question