The web services specifications are: WS-Security: defines how to include security tokens in SOAP messages and how to protect messages with digital signature and encryption.
WS-Policy: provides a framework for describing web services meta-information. based on the framework, Domain specific languages can be defined, such as WS-SecurityPolicy WS-Trust : prescribes an interaction protocol to access security token services. WS-SecureConversation: defines a security context with which parties ca share a secret key to sign and encrypt parts of messages efficiently. WS-Federation: provides a framework for federating multiple security domains. for example, it defines how to get a temporary identify to access web service in anther security domain. WS-privacy: provides a framework for describing the privacy of web services. WS-Authorization: defines how to exchange authorization information among parties.the authorization is defined a a security token. All the best Ashraf Galal On Tue, Dec 2, 2008 at 1:01 AM, henryk mozman <[EMAIL PROTECTED]>wrote: > Hello all, > > I am looking into SOA policy-driven security (as in Governance) > > What is the current of this technology ? > > Henryk > >
