Web services security specifications

  • December 08, 2010 08 Dec'10

    Security tokens, the OASIS approach to Web services security

    One approach to Web services security is to focus on authorization and authentication with the OASIS security standards and the security assertion markup language (SAML).

  • December 07, 2010 07 Dec'10

    Q&A: SOA authentication, security tokens, SAML and more

    Security in an SOA environment must primarily address access control. It must be 'baked in.' We talked with Ross Altman, Research VP at Gartner, about authenticating Web services.

  • June 13, 2007 13 Jun'07

    SOA governance, security concerns drive XACML interop

    The policy requirements of service-oriented architecture (SOA) require major vendors, including IBM, Oracle and BEA Systems Inc. to demonstrate XACML interoperability.

  • April 25, 2007 25 Apr'07

    Web 2.0 lacks the business impact of SOA, Burton warns

    The hype around Web 2.0 is justified for devotees of MySpace and fans of wikipedia, but there is no good business model for its adoption by corporations, say analysts at the Burton Group.

  • April 12, 2007 12 Apr'07

    Will acquisitions stifle SOA innovation?

    Startups often provide innovations in software technology, but as big SOA fish gobble up the small fry faster than you can say "food chain," is creativity dead in the water? Fear not, say industry analysts.

  • December 29, 2006 29 Dec'06

    WS-Policy on SOA fast track, W3C approval this summer

    WS-Policy, which has been in the W3C process since April, is progressing quickly towards the goal of becoming an approved W3C standard in the coming year.

  • July 18, 2006 18 Jul'06

    Ajax security tip: Good architecture and safer APIs can thwart attacks

    Andrew van der Stock, who wrote a new chapter on Ajax for the OWASP Guide to Building Secure Web Applications, discusses ways to prevent attacks against Ajax applications.

  • May 31, 2006 31 May'06

    Burton: WS-* specs good, but SOA security needs more

    A Burton analyst says the WS-* security stack is on track, but organizations still need to think through security policies and implement a layered security strategy inside an SOA.

  • May 12, 2006 12 May'06

    Burton: Choosing an SOA mediation system

    Web services management products provide the broadest range of capabilities; WS-Policy will be key down the road, analyst says.

  • May 01, 2006 01 May'06

    SOA vendors banding together to verify interoperability

    Infravio organizes interop group called SOALink to fill standards gap and releases next version of it's registry/repository platform.

  • February 08, 2006 08 Feb'06

    WSDL 2.0: Web services' lightning rod standard

    Four years of work have gone into creating a better version of WSDL, but it now faces questions as to whether it has changed too much and become too theoretical for practical usage.

  • January 19, 2006 19 Jan'06

    Reactivity's Nash on who controls SOA

    Andrew Nash is the chief technology officer at Reactivity Inc. He is the co-author of numerous Web Services specifications including WS-Security, WS-Trust, WS-Federation, WS-SecureConversation and WS-SecurityPolicy. Previously he was a director of ...

  • November 15, 2005 15 Nov'05

    Cape Clear puts Eclipse, network intelligence into ESB

    The latest enterprise service bus offering from Cape Clear Software steps well beyond its messaging roots, adding a full Eclipse IDE and server clustering tools.

  • November 02, 2005 02 Nov'05

    OASIS melds sci-fi, SOA

    SOA may seem like a radical technical concept to some, but OASIS plans to use it as a grounding point for the even loftier and more abstract notion of the Semantic Web.

  • October 26, 2005 26 Oct'05

    Web services security specs hit the standards track

    Seen as critical to building out an SOA, Web services standards defining credentials management, extended conversations and security policies have been submitted to OASIS.