Specs for Web services

Microsoft and IBM, along with BEA Systems, RSA Security, SAP and VeriSign have published a new set of advanced Web services specs to help businesses share information securely.

Microsoft and IBM, along with BEA Systems, RSA Security, SAP and VeriSign have published a new set of advanced Web services specifications to help businesses share information securely between applications and organisations in a standard way.

Using broadly accepted standards and specifications around Simple Object Access Protocol (SOAP), security, transactions and discovery, the new specs fall into two key groups.

The first helps address key technical concerns in the area of security and build on the work outlined in a Microsoft and IBM’s co-authored road map, ‘Security in a Web Services World.’

<a href=’http://msdn.microsoft.com/webservices/default.aspx?pull=/library/en-us/dnglobspec/html/ws-trust.asp’>WS-Trust</a>, for example, describes a framework for managing, establishing and assessing trust relationships to enable Web services to securely interoperate.

<a href=’http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnglobspec/html/wssecurspecindex.asp’>WS-SecureConversation</a> describes a framework to establish a secure context for parties that want to exchange multiple messages.

<a href=’ http://msdn.microsoft.com/webservices/default.aspx?pull=/library/en-us/dnglobspec/html/ws-securitypolicy.asp’ >WS-SecurityPolicy</a>describes general security policies that can be associated with a service.

The second group focuses on streamlining the implementation of business policies in a Web services environment.

<a href=’http://msdn.microsoft.com/ws/2002/12/Policy’>WS-Policy</a> outlines a way for senders and receivers of Web services to communicate their requirements and capabilities, which enables them to search for and discover the information they need to access the service.

<a href=’http://msdn.microsoft.com/ws/2002/12/PolicyAttachment ‘>WS-PolicyAttachment</a> provides a standard mechanism for attaching the requirement and capability statements to the Web service.

<a href=’http://msdn.microsoft.com/ws/2002/12/PolicyAssertions/’>WS-PolicyAssertions</a> describes general policies that can be affiliated with a service.

All the specifications have been posted on the MSDN web site.