The most popular and comprehensive Open Source ECM platform
SOA: Secure Interoperability for Web Services
Progess on standards from the Web Services Interoperability Organization (WS-I) have been slow in coming. But in early April the WS-I published a set of guidelines for secure Web Service interoperability.
WS-I Basic Security Profile (BSP) 1.0 was approved after initial successful interoperability tests were conducted by Microsoft, IBM, Novell, Oracle and SAP. An updated version 1.1 is expected to be out before year end with fixes to any problems that may come up. The ‘Secure Profile’ builds on the elements specified in the WS-I Basic Profile 1.1.
The guidelines of the BSP will help developers be able to build secure and interoperable Web Services. In particular, it details how to securely handle SOAP messaging and transport. It will protect data over HTTP point-to-point data transmissions. Data can remain secure even if it passes through multiple waypoints.
The BSP 1.0 specification describes security interoperability among elements like Username Token Profile, X.509, Kerbros and SAML.
The Basic Profile is also slowly evolving. The next revision of Basic Profile, version 1.2, due before the end of the year, is to include WS-Addressing, MTOM/XOP and SOAP 1.1 binding for MTOM, and W3C Message Transmission Optimization Mechanism.
Basic Profile 2.0 will upgrade support from SOAP 1.1 to SOAP 1.2 and WSDL 1.1 binding for SOAP 1.2.