WS-I Publishes SAML and REL Interoperability Profiles for Use With Basic Security Profile; Web Services Consortium Seeks Public Comment for New Working Group Drafts.SAN FRANCISCO San Francisco (săn frănsĭs`kō), city (1990 pop. 723,959), coextensive with San Francisco co., W Calif., on the tip of a peninsula between the Pacific Ocean and San Francisco Bay, which are connected by the strait known as the Golden -- The Web Services Interoperability The Web Services Interoperability Organization (WS-I) is an industry consortium chartered to promote interoperability amongst the stack of web services specifications. Organization (WS-I (Web Services Interoperability Organization, www.ws-i.org) A consortium founded by Microsoft, IBM, BEA Systems and Intel that is dedicated to the development of Web services. Its goals are to provide guidance and education, to promote interoperability and to ensure that Web services ) today announced that it has published interoperability profiles for the WS-Security SAML (Security Assertion Markup Language) An XML-based format from OASIS for exchanging security information for single sign-on. The "assertions" are statements from a SAML authority that authenticate a user, confirm some attribute about the individual and grant or Token Profile and REL Token Profile OASIS Standard for use with the WS-I Basic Security Profile. These new profiles, along with an updated version of the Basic Security Profile, have been published as "Working Group Drafts" and are available for review and public comment at www.ws-i.org. The WS-I Basic Security Profile is a collection of guidelines for ensuring that Web services (1) Loosely, any online service delivered over the Web. Such usage appears in articles from non-technical sources, but not in IT-oriented publications, because definition #2 below describes the correct use of the term. developed in accordance with security specifications, including the WS-Security 1.0 OASIS Standard, are interoperable. When the Working Group Draft of the Basic Security Profile was initially published, it encompassed uses of the first Token Profiles provided with WS-Security, the Username and X.509 Certificate Token Profiles. In response to industry feedback, WS-I has extended the Basic Security Profile to include the newer WS-Security token profiles for SAML and REL. "Publication of the WS-I profiles of the SAML and REL tokens extends the coverage of the Basic Security Profile to all of the parts of the WS-Security 1.0 OASIS Standard," said Paul Cotton Paul Cotton may refer to:
The WS-Security: SAML Token Profile is an OASIS Standard that describes the use of Security Assertion Markup Language markup language Standard text-encoding system consisting of a set of symbols inserted in a text document to control its structure, formatting, or the relationship among its parts. The most widely used markup languages are SGML, HTML, and XML. (SAML) v1.1 assertions with the baseline WS-Security: SOAP Message Security specification. The WS-Security: Rights Expression Language (REL) Token Profile is an OASIS Standard that describes the use of ISO/IEC ISO/IEC International Organization for Standardization/International Electrotechnical Commission (ITU-T M 3000) 21000-5 Rights Expressions with the baseline WS-Security: SOAP Message Security specification. Since its initial publication in May 2004, significant enhancements have been made to the Basic Security Profile in response to public comment and to feedback from the various WS-I working groups. For example, the conformance targets of many of the profile's requirements have been renovated, many of the requirements now have rationales and explanations that make them easier to understand, and changes have been made to ensure that the Basic Security Profile reflects the WS-Security 1.0 OASIS Standard errata er·ra·ta n. Plural of erratum. . The Basic Security Profile is expected to receive formal approval of the WS-I membership and to be published as "Final Material" this Fall. About WS-I WS-I is an open industry organization committed to promoting consistent and reliable interoperability among Web services across platforms, applications and programming languages. The organization unites a diverse community of Web services companies by providing guidance, recommended practices and supporting resources for developing interoperable Web services. For more information, please visit http://www.ws-i.org or e-mail info@ws-i.org. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion