Related Research Articles
Enterprise JavaBeans (EJB) is one of several Java APIs for modular construction of enterprise software. EJB is a server-side software component that encapsulates business logic of an application. An EJB web container provides a runtime environment for web related software components, including computer security, Java servlet lifecycle management, transaction processing, and other web services. The EJB specification is a subset of the Java EE specification.
The Distributed Management Task Force (DMTF) is a computer software trade group which works to simplify the manageability of network-accessible technologies.
The Web Services Business Process Execution Language (WS-BPEL), commonly known as BPEL, is an OASIS standard executable language for specifying actions within business processes with web services. Processes in BPEL export and import information by using web service interfaces exclusively.
Web Services Security is an extension to SOAP to apply security to Web services. It is a member of the Web service specifications and was published by OASIS.
The Web Services Interoperability Organization (WS-I) is an industry consortium chartered to promote interoperability amongst the stack of web services specifications. WS-I does not define standards for web services; rather, it creates guidelines and tests for interoperability. It is part of OASIS, another standards body.
Security Assertion Markup Language is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions. SAML is also:
The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that implements this protocol.
Web Services Discovery provides access to software systems over the Internet using standard protocols. In the most basic scenario there is a Web Service Provider that publishes a service and a Web Service Consumer that uses this service. Web Service Discovery is the process of finding suitable web services for a given task.
Web Services Resource Framework (WSRF) is a family of OASIS-published specifications for web services. Major contributors include the Globus Alliance and IBM.
Web Services Addressing (WS-Addressing) is a specification of transport-neutral mechanism that allows web services to communicate addressing information. It essentially consists of two parts: a structure for communicating a reference to a Web service endpoint, and a set of message addressing properties which associate addressing information with a particular message.
WS-MetaDataExchange is a web services protocol specification, published by BEA Systems, IBM, Microsoft, and SAP. WS-MetaDataExchange is part of the WS-Federation roadmap; and is designed to work in conjunction with WS-Addressing, WSDL and WS-Policy to allow retrieval of metadata about a Web Services endpoint.
The Java API for XML Web Services (JAX-WS) is a Java programming language API for creating web services, particularly SOAP services. JAX-WS is one of the Java XML programming APIs. It is part of the Java EE platform.
WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure message exchange.
Web Services Security Kerberos Binding is a Web Services specification, authored by IBM and Microsoft, which details how to integrate the Kerberos authentication mechanism with the Web Services Security model. The most recent draft of the specification was released in 2003 and is identified as being for "review and evaluation only."
Desktop and mobile Architecture for System Hardware (DASH) is a Distributed Management Task Force (DMTF) standard.
Security token service (STS) is a cross-platform open standard core component of the OASIS group's WS-Trust web services single sign-on infrastructure framework specification.cf. Within that claims-based identity framework, a secure token service is responsible for issuing, validating, renewing and cancelling security tokens. The tokens issued by security token services can then be used to identify the holder of the token to services that adhere to the WS-Trust standard. Security token service provides the same functionality as OpenID, but unlike OpenID is not patent encumbered. Together with the rest of the WS-Trust standard, the security token service specification was initially developed by employees of IBM, Microsoft, Nortel and VeriSign.
