翻訳と辞書
Words near each other
・ WS-Coordination
・ WS-Discovery
・ WS-Federation
・ WS-Federation Active Requestor Profile
・ WS-Federation Passive Requestor Profile
・ WS-I Basic Profile
・ WS-Management
・ WS-MetadataExchange
・ WS-Policy
・ WS-Policy4MASC
・ WS-Reliability
・ WS-ReliableMessaging
・ WS-SecureConversation
・ WS-Security
・ WS-Security based products and services
WS-SecurityPolicy
・ WS-Transaction
・ WS-Trust
・ WS1
・ WS2
・ WS2300
・ WS2400
・ WS2500
・ WS2B
・ WSA
・ WSA Awards
・ WSA Fraternal Life, Inc
・ WSA Winnipeg
・ WSA World Series
・ WSA-Greenlife


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

WS-SecurityPolicy : ウィキペディア英語版
WS-SecurityPolicy
(WS-SecurityPolicy ) is a web services specification, created by IBM and 12 co-authors, that has become an OASIS standard as of version 1.2. It extends the fundamental security protocols specified by the WS-Security, WS-Trust and WS-SecureConversation by offering mechanisms to represent the capabilities and requirements of web services as policies. Security policy assertions are based on the WS-Policy framework.
Policy assertions can be used to require more generic security attributes like transport layer security <TransportBinding>, message level security <AsymmetricBinding> or timestamps, and specific attributes like token types.
Most policy assertion can be found in following categories:
* Protection assertions identify the elements of a message that are required to be signed, encrypted or existent.
* Token assertions specify allowed token formats (SAML, X509, Username etc.).
* Security binding assertions control basic security safeguards like transport and message level security, cryptographic algorithm suite and required timestamps.
* Supporting token assertions add functions like user sign-on using a username token.
Policies can be used to drive development tools to generate code with certain capabilities, or may be used at runtime to negotiate the security aspects of web service communication. Policies may be attached to WSDL elements such as service, port, operation and message, as defined in WS Policy Attachment.〔http://www.w3.org/TR/ws-policy-attach/ WS-Policy - Attachment〕
== Sample Policies ==
Namespaces used by the following XML-snippets:

   xmlns:p="http://www.w3.org/ns/ws-policy"
   xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802">
   ...


Include a timestamp:



Use either transport layer security (https) or message level security (XML Dsig/XML Enc):


  ...
  ...


To define a SAML assertion as security token:


  
    ...#SAMLV2.0


Issued token assertion of providers with reference to the STS and required token format:


  
    
      http://sampleorg.com/sts
     
  
  
    
       http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
    
        ...
  
  ...


Specify that message header and body need to be signed, and attachments are left unsigned:


  ?
  
*
...



抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「WS-SecurityPolicy」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.