Don't forget WS-Transaction which ensures transactional integrity across multiple boundaries, and that (IMO) you've designed your system incorrectly.
Steve 2008/12/8 A W <[EMAIL PROTECTED]>: > The web services specifications are: > WS-Security: defines how to include security tokens in SOAP messages and how > to protect messages with digital signature and encryption. > > WS-Policy: provides a framework for describing web services > meta-information. based on the framework, Domain specific languages can be > defined, such as WS-SecurityPolicy > WS-Trust : prescribes an interaction protocol to access security token > services. > > WS-SecureConversation: defines a security context with which parties ca > share a secret key to sign and encrypt parts of messages efficiently. > > WS-Federation: provides a framework for federating multiple security > domains. for example, it defines how to get a temporary identify to access > web service in anther security domain. > > WS-privacy: provides a framework for describing the privacy of web services. > > WS-Authorization: defines how to exchange authorization information among > parties.the authorization is defined a a security token. > > All the best > Ashraf Galal > > On Tue, Dec 2, 2008 at 1:01 AM, henryk mozman <[EMAIL PROTECTED]> > wrote: >> >> Hello all, >> >> I am looking into SOA policy-driven security (as in Governance) >> >> What is the current of this technology ? >> >> Henryk > >
