DocumentCode
1303438
Title
XML and Web Services Security Standards
Author
Nordbotten, Nils Agne
Author_Institution
Norwegian Defence Res. Establ., Norway
Volume
11
Issue
3
fYear
2009
Firstpage
4
Lastpage
21
Abstract
XML and Web services are widely used in current distributed systems. The security of the XML based communication, and the Web services themselves, is of great importance to the overall security of these systems. Furthermore, in order to facilitate interoperability, the security mechanisms should preferably be based on established standards. In this paper we provide a tutorial on current security standards for XML and Web services. The discussed standards include XML Signature, XML Encryption, the XML Key Management Specification (XKMS), WS-Security, WS-Trust, WS-SecureConversation, Web Services Policy, WS-SecurityPolicy, the eXtensible Access Control Markup Language (XACML), and the Security Assertion Markup Language (SAML).
Keywords
Web services; XML; cryptography; digital signatures; open systems; Security Assertion Markup Language; WS-SecureConversation; WS-Trust; Web services policy; Web services security standard; XML encryption; XML key management specification; XML security standard; XML signature; distributed system; eXtensible Access Control Markup Language; interoperability; Access control; Communication system security; Cryptography; Digital signatures; Information security; Markup languages; Service oriented architecture; Simple object access protocol; Web services; XML; Security, XML, Web services, SOA, distributed systems;
fLanguage
English
Journal_Title
Communications Surveys & Tutorials, IEEE
Publisher
ieee
ISSN
1553-877X
Type
jour
DOI
10.1109/SURV.2009.090302
Filename
5208730
Link To Document