Last post Jun 26, 2013 05:19 AM by Amy Peng - MSFT
Jun 25, 2013 01:18 PM|michael5119|LINK
by make by SOAP security header: security tokens, XML encryption and
what is this 3 thing performance?
Jun 26, 2013 05:19 AM|Amy Peng - MSFT|LINK
Please try to refer to the following:
XML Encryption (Confidentiality)
The XML encryption specification describes a process for encrypting data and representing the result in XML. Specifically, XML encryption defines:
* How digital content is encrypted and decrypted.
* How the encryption key information is passed to a recipient.
* How encrypted data is identified to facilitate encryption.
XML Signature (Integrity, Authenticity)
The XML Signature specification describes signature processing rules and syntax. XML Signature binds the sender's identity (or "signing entity") to an XML document. The document is signed using the sender's private key; the signature is verified using the
sender's public key.
Signing and signature verification can be done using asymmetric or symmetric keys. XML Signature also ensures non-repudiation of the signing entity, that is, it provides proof that messages have not been altered since they were signed.
Web services security supports the following security tokens:
Username—defines how a Web service consumer can supply a username as a credential for authentication). For more information, see "Username"
X.509 certificate—a signed data structure designed to send a public key to a receiving party. For more information, see "X.509 Certificate"
Kerberos ticket—a binary authentication and session token. For more information, see "Kerberos Ticket"
Security Assertion Markup Language (SAML) assertion—shares security information over the Internet through XML documents. For more information, see "SAML Token"
For more information, please try to refer to:
Hope it can help you.