[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

WS-Security, WS-Trust

Posted on 2014-07-31
1
Medium Priority
?
460 Views
Last Modified: 2014-08-01
On a high level, what is the difference between WS-Secuirty and what it does, and WS-Trust, and what it does?

Thanks
0
Comment
Question by:Anthony Lucia
1 Comment
 
LVL 66

Accepted Solution

by:
btan earned 2000 total points
ID: 40234069
WS-Security is 'base' to WS-Trust. as the latter extends its with additional capability and standard. These are all about securing web services...

it started off with WS-Security specifying how integrity and confidentiality can be enforced on (SOAP) messages and allows the communication of various security token formats, such as Security Assertion Markup Language (SAML), Kerberos, and X.509. It lays the as a building block that can be used in conjunction with other Web service extensions.

then it comes WS-Trust specifying  that Security Token Service (STS) which is some sort of trusted authority that can issue parties requesting for security token to be trusted. STS is then (or can be) used by both web service clients and providers to perform operations on issued standard security tokens as mandated in WS-Security.  

in all, WS-Security lays the ground to say you can drive in a car as long as you have a driving licence but to get that licence, you need to take driving centre test to achieve it. The driving center is run by the trusted provider - in this manner someone legit (one who is 'WS-trust'ed)
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Spectre and Meltdown, how it affects me and my clients?
Are you looking to start a business? Do you own and operate a small company? If so, here are some courses you need to take before you hire a full-time IT staff.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question