Microsoft, IBM and VeriSign today announced the publication of a
new web services security specification to help organisations build
secure, broadly interoperable web services applications. The three
companies jointly developed the new specification, known as
WS-Security, and plan to submit it to a standards body.
Web services are widely seen as growth area. The term describes
software that is made available from a business's web server for
use by individuals or by other web-connected programs.
According to the companies, WS-Security defines a standard set
of Simple Object Access Protocol (SOAP) extensions, or message
headers, that can be used to implement integrity and
confidentiality in web services applications.
SOAP is an XML-based industry protocol for accessing Web
services in a platform-and-language-independent manner. WS-Security
provides standard mechanisms to exchange secure, signed messages in
a web services environment, and provides what the companies call an
important foundation layer that will help developers build more
secure and broadly interoperable web services.
The WS-Security specification and the companies’ "Security in a
Web Services World" road map are available on IBM’s
site
