The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

NEWS
Cover Stories
Articles & Papers
Press Releases

CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG

TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps

EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Created: July 23, 2002.
News: Cover StoriesPrevious News ItemNext News Item

OASIS Announces Technical Committee for Web Services Security.

OASIS has announced the formation of new Technical Committee for Web Services Security (WSS). The TC is designed to continue work on the Web services security foundations published in the WS-Security specification from IBM, Microsoft, and Verisign. Development will also follow the vision of the Web Services Security Roadmap published in April, 2002. The WS-Security specification "defines a standard set of Simple Object Access Protocol (SOAP) extensions, or message headers, that can be used to implement integrity and confidentiality in Web services applications." The new Web Services Security specification will support security mechanisms of several types, each using implementation and language-neutral XML formats defined by XML Schema: use of XML signature to provide SOAP message integrity for Web services; use of XML encryption to provide SOAP message confidentiality for Web services; attaching and/or referencing security tokens in headers of SOAP messages; carrying security information for potentially multiple, designated actors; associating signatures with security tokens; representing specific forms of binary security tokens as defined in WS-Security specification. Participation in the OASIS Web Services Security Technical Committee is open to all organizations and individuals.

Relationship to Existing Activities. "Many efforts related to Web services security and related technologies are underway throughout the industry. The following work may be relevant to this Web Services Security TC:

  • OASIS Access Control TC (XACML)
  • OASIS XML Common Biometric Format TC (XCBF)
  • OASIS Provisioning TC (PSTC)
  • OASIS Rights Language TC (XrML)
  • OASIS Security Services TC (SAML)
  • W3C XML Signature
  • W3C XML Encryption
  • W3C XML Key Management

From the announcment:

"WS-Security is one of the first Web services standards to support, integrate and unify multiple security models, mechanisms and technologies, allowing a variety of systems to interoperate in a platform- and language-neutral manner," said Chris Kaler of Microsoft. Kaler and Kelvin Lawrence of IBM serve as co-chairs of the OASIS Web Services Security Technical Committee.

"Significant work is happening at OASIS in the areas of security and Web services. We are excited by the overwhelming response from OASIS members ready to collaborate on WS-Security," added Lawrence.

BEA Systems, Blockade Systems, Commerce One, divine, Documentum, Fujitsu, Intel, IBM, IONA, Microsoft, Novell, Oblix, OpenNetwork, Perficient, SAP, SeeBeyond, Sonic Software, Sun Microsystems, TIBCO, VeriSign, webMethods, XML Global, and other OASIS members will collaborate on advancing the WS-Security specification. The first meeting of the technical committee will be held on 4-5 September 2002 and hosted by Sun Microsystems.

WS-Security joins several security standards currently being developed within OASIS. Other specifications include SAML for authentication and authorization, XACML for access control, XrML for rights management, SPML for exchanging provisioning information, and XCBF for describing biometrics data.

"WS-Security is complementary to our work on SAML," said Joe Pato of HP, co-chair of the OASIS Security Services Technical Committee. "In fact, our team intends to employ WS-Security to specify the use of SAML for adding security features to SOAP messages."


Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

Primeton

XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Bottom Globe Image

Document URI: http://xml.coverpages.org/ni2002-07-23-a.html  —  Legal stuff
Robin Cover, Editor: robin@oasis-open.org