Content

The Month: Web-services security standards hailed

Analysts have hailed the ratification of two web-services security standards as a key development in the area, saying it shows that "web services security has finally reached a level of maturity acceptable to many enterprises". The Organisation for the Advancement of Structured Information Standards (Oasis) recently approved WS-SecureConversation version 1.3 for establishing and maintaining extended secure sessions, and WS-Trust version 1.3, for obtaining and exchanging security credentials.

Gartner said it was a positive step for vendors and customers alike. Itsreport stated: "This adds to a credible toolset for federation efforts,which has proved elusive to many enterprises due to the issues ofbrokered authentication availability and scalability the standardsaddress. WS-Trust alone is vital to enabling the credential usenecessary for networked, consumable web services."

Oasis members that collaborated to develop WS-SecureConversation andWS-Trust included Fujitsu, HP, IBM, Microsoft, Nokia and Oracle.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds