The Commons

Back to Results

Standard/Technology Name: Web Services Security: SOAP Message Security 1.0
Version:1.0
Type:Web services
Developing Organization:OASIS
Contributor:International Business Machines, Inc. (IBM)

This specification describes enhancements to SOAP messaging to provide message integrity and confidentiality. The specified mechanisms can be used to accommodate a wide variety of security models and encryption technologies. This specification also provides a general-purpose mechanism for associating security tokens with message content. No specific type of security token is required, the specification is designed to be extensible (i.e. support multiple security token formats). For example, a client might provide one format for proof of identity and provide another format for proof that they have a particular business certification. Additionally, this specification describes how to encode binary security tokens, a framework for XML-based tokens, and how to include opaque encrypted keys. It also includes extensibility mechanisms that can be used to further describe the characteristics of the tokens that are included with a message.

Notes:

View Commitment for conditions of IBM's healthcare and initiative announcement, including limitation of nonassert to "Necessary Patent Claims" and requirement that "Covered Standards" be included on the "Covered Standards List" maintained by IBM.

Link to Standard

View Commitment for this Standard