• DocumentCode
    1303438
  • Title

    XML and Web Services Security Standards

  • Author

    Nordbotten, Nils Agne

  • Author_Institution
    Norwegian Defence Res. Establ., Norway
  • Volume
    11
  • Issue
    3
  • fYear
    2009
  • Firstpage
    4
  • Lastpage
    21
  • Abstract
    XML and Web services are widely used in current distributed systems. The security of the XML based communication, and the Web services themselves, is of great importance to the overall security of these systems. Furthermore, in order to facilitate interoperability, the security mechanisms should preferably be based on established standards. In this paper we provide a tutorial on current security standards for XML and Web services. The discussed standards include XML Signature, XML Encryption, the XML Key Management Specification (XKMS), WS-Security, WS-Trust, WS-SecureConversation, Web Services Policy, WS-SecurityPolicy, the eXtensible Access Control Markup Language (XACML), and the Security Assertion Markup Language (SAML).
  • Keywords
    Web services; XML; cryptography; digital signatures; open systems; Security Assertion Markup Language; WS-SecureConversation; WS-Trust; Web services policy; Web services security standard; XML encryption; XML key management specification; XML security standard; XML signature; distributed system; eXtensible Access Control Markup Language; interoperability; Access control; Communication system security; Cryptography; Digital signatures; Information security; Markup languages; Service oriented architecture; Simple object access protocol; Web services; XML; Security, XML, Web services, SOA, distributed systems;
  • fLanguage
    English
  • Journal_Title
    Communications Surveys & Tutorials, IEEE
  • Publisher
    ieee
  • ISSN
    1553-877X
  • Type

    jour

  • DOI
    10.1109/SURV.2009.090302
  • Filename
    5208730