Definitions for "WS-Security"
a new Web Services security specification authored by Microsoft, IBM, and VeriSign
A Web service specification that describes security enhancements to SOAP messaging to provide quality of protection through message integrity, message confidentiality, and single message authentication. It provides three main mechanisms: security token propagation, message integrity, and message confidentiality. It provides a foundation for further security specifications such as WS-Trust and WS-Federation.
WS-Security is a proposal for adding message-layer security to SOAP messages, defining standardized locations and syntax by which security tokens (such as X.509 certificates and Kerberos tickets) can be carried within SOAP Headers in order to secure the contents of the SOAP messages (some business message). It leverages the existing XML Signature and XML Encryption specifications for capturing the results of, respectively, signing and encryption operations in XML syntax. In essence, WS-Security will standardize where the XML Signature and XML Encryption data blocks are carried within a SOAP message.
Keywords:  transaction