|
What Is It ?
|
XML Security is a general term that applies to a number of technologies and standards intended to make the exchange of XML data, more secure. |
| Technologies | |
| XML Encryption | Any branch of an XML document can be replaced by an EncryptedData element containing the encrypted CypherData and optional information about the encryption method and key |
| XML Digital Signature | A Signature element is use to provide authentication, integrity and non-repudiation of a branch of an XML document using an encrypted digest of that information |
| SAML | Security Assertions Markup Language - XML exchange of authentication/authorisation information, e.g. to facilitate Single Sign On (SSO) |
| XACML | eXtensible Access Control Markup Language - generic XML syntax for managing access to distributed resources using policy definitions |
| XKMS | XML Key Management Specification - Protocols for registering keys with escrow services, locating public keys, and validating them without the need for heavyweight PKI clients. |
| WS-Security | A suite of specifications for end-to-end SOAP messaging security. Builds upon XML Encryption, XML Digital Signatures, SAML using a set of SOAP header extensions. |
| Liberty Alliance | A project aimed at providing an opern standard federated identity/trust architecture for distributed authentication without centralised control. |
© 2007 i-Lab Limited