WS-Trust

WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure message exchange.

The WS-Trust specification was authored by representatives of a number of companies, and was approved by OASIS as a standard in March 2007.[1]

Using the extensions defined in WS-Trust, applications can engage in secure communication designed to work within the Web services framework.

Overview

WS-Trust defines a number of new elements, concepts and artifacts in support of that goal, including:

WS-Trust is then implemented within Web services libraries, provided by vendors or by open source collaborative efforts.[2] Web services frameworks that implement the WS-Trust protocols for token request include: Microsoft's Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF - as of .NET 4.5, WIF is integrated into .NET Core), Sun's WSIT framework, Apache's Rampart (part of axis2), and others. In addition, vendors or other groups may deliver products that act as a Security Token Service, or STS. Microsoft's Access Control Services is one such service, available online today. PingIdentity Corporation also markets an STS. Microsoft's ADFS also provides implementation of an STS.[3]

Authors

The companies involved in defining WS-Trust were:

  • Actional Corporation, BEA Systems, Inc.
  • Computer Associates International, Inc.
  • International Business Machines Corporation
  • Layer 7 Technologies
  • Microsoft Corporation
  • Oblix Inc.
  • OpenNetwork Technologies Inc.
  • Ping Identity Corporation
  • Reactivity Inc.
  • RSA Security Inc.
  • VeriSign Inc

References

  1. Jones, Bradley L. (2007-03-28). "WS-SecureConversation and WS-Trust Approved as Standards". CodeGuru. Retrieved 2023-09-20.
  2. "What is Endpoint Privilege Management". oneidentity.com. Retrieved 2023-09-20.
  3. "Integrating Login People Digital DNA Server with AD FS 2.0 for". studylib.net. Retrieved 2023-09-20.

See also


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.