The remote
objects that are to be invoked are hosted in a SOAP server and a SOAP
message that has the information regarding the object that is to be
invoked is sent across the internet using HTTP.
_______________________________________________
_______________________________________________
The
SOAP server then invokes the object that is needed as per the SOAP message
that it has got. You have to understand one point that in this scenario
any message that is got from any type of user whether it is an anonymous
user or an authenticated user might be interpreted by the SOAP server
and the required object is invoked.
Hence there
is a need for security at the SOAP server level so that it can find
out from which type of user the SOAP message comes from.
So there
is a need for an XML firewall that can scan the incoming SOAP message
and find out from where it comes. XML Signature specifications, XML
Encryption Specifications are used in Web Services security so that
digital signatures are included and the data is encrypted in the SOAP
message sent to the server.
Mechanism
for integrity and confidentiality is defined in these specifications.
SAML - Security Assertion Markup Language - from OASIS is also used
for authentication and authorization.
Recent Original Stories (New Mobile Computing)
"This presents a high-level overview of the different pieces of the GNOME Platform : libraries to write user interfaces, to integrate with the desktop, to do inter-process communication, the virtual file system, accessibility, multimedia.
Layer 7 Technologies to Exhibit at SYS-CON's SOA World Conference & Expo (SYS-CON Media)
Layer 7 Technologies is a provider of SOA security and governance infrastructure for next generation service oriented and Web oriented integrations. The SecureSpan family of XML appliances and gateway software addresses the security, performance management and operational governance issues associated with deploying and maintaining production Web services.