aspose file tools
The moose likes Security and the fly likes WebServices Security Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login
JavaRanch » Java Forums » Engineering » Security
Reply Bookmark "WebServices Security" Watch "WebServices Security" New topic
Author

WebServices Security

Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8845

I like...
Firefox Browser Java Spring
posted private message
0
Quote
Is web services security stable enough to be used in real world. I am confused with XML signatures, WS security , XML encryption etc. What is the future of Web services security?

Groovy
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8845

I like...
Firefox Browser Java Spring
posted private message
0
Quote
Originally posted by Mcgill smith:
a
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
posted private message
0
Quote
IMO, although there are more and more new terms in security, the idea never changes!
Encryption is the only means to perform confidentiality, while digital signature is the most common way for authentication.
The method to carry them out maybe differ, say algorithms used, using RSA or ECC, DSA etc, or using other ways, like XML DS etc, the idea does not change much, just the method changes.
Thus, I will think Web Services security is just a subset of current security measurement, instead of new stuffs. In anytime, Web Services security will still be based on the existing security mechanisms.
Nick

SCJP 1.2, OCP 9i DBA, SCWCD 1.3, SCJP 1.4 (SAI), SCJD 1.4, SCWCD 1.4 (Beta), ICED (IBM 287, IBM 484, IBM 486), SCMAD 1.0 (Beta), SCBCD 1.3, ICSD (IBM 288), ICDBA (IBM 700, IBM 701), SCDJWS, ICSD (IBM 348), OCP 10g DBA (Beta), SCJP 5.0 (Beta), SCJA 1.0 (Beta), MCP(70-270), SCBCD 5.0 (Beta), SCJP 6.0, SCEA for JEE5 (in progress)
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
posted private message
0
Quote
I just find a link from my bookmark about Web Services Security, I hope this help:
http://www.j2ee-security.net/book/dnlds/Chapter11-WebService_Security.pdf
It is a sample chapter of the book J2EE security for Servlets, EJB and Web Services.
Hope you find it useful.
Nick
iyven koh
Ranch Hand

Joined: Jun 16, 2003
Posts: 66
posted
0
Quote
WS-Security has became OASIS standard recently. The annoucement can be found at http://sys-con.com/story/?storyid=44391 and the related document is posted at http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss.
Hope this will help.
 
 
subject: WebServices Security
 
Threads others viewed
Security for web services
Web service security toolkits
Security
To authors
XML security (XML signature, XML encryption)
IntelliJ Java IDE