IBM Skip to main content
  Home     Products & services     Support & downloads     My account  
  Select a country  
Journals Home  
  Systems Journal  
  ·  Current Issue  
  ·  Recent Issues  
  ·  Papers in Progress  
  ·  Search/Index  
  ·  Orders  
  ·  Description  
  ·  Author's Guide  
Journal of Research
and Development
  Staff  
  Contact Us  
  Related links:  
     IBM Web services  
     IBM alphaWorks
   Web Services Toolkit		  
     IBM alphaWorks
   XML Security Suite		  
IBM Systems Journal  
Volume 41, Number 2, 2002
New Developments in Web Services and E-commerce
 Table of contents: arrowHTML arrowPDF arrowASCII   This article: arrowHTML arrowPDF arrowASCII arrowCopyright info
   

Securing Web services - References
by M. Hondo, N. Nagaratnam, and A. Nadalin

Cited references and notes

  1. D. Plummer and D. Smith, Web Services and Software E-Services: What's in a Name? Application Integration and Middleware Strategies Research Note COM-12-0101, Gartner Group (October 30, 2000).
  2. Web services architecture; see
    http://www-106.ibm.com/developerworks/webservices/library/w-ovr/.
  3. W3C Recommendation, Extensible Markup Language (XML) 1.0 (Second Edition); see http://www.w3.org/TR/2000/REC-xml-20001006.html.
  4. SAML (Security Assertion Markup Language) is an emerging standard, from the OASIS organization, that provides the definition of XML tokens, such as name assertions that can be used to map identities between administrative domains.
  5. D. Box, D. Ehnebuske, G. Kakivaya, A. Layman, N. Mendelsohn, H. F. Nielsen, S. Thatte, and D. Winer, Simple Object Access Protocol (SOAP) 1.1, W3C Note (May 8, 2000); available at http://www.w3.org/TR/SOAP/.
  6. See http://www.w3.org/Protocols/HTTP/ietf-http-ext/.
  7. E. Christensen, F. Curbera, G. Merideth, and S. Weerawarana, Web Services Description Language (WSDL) 1.1, W3C Note (March 15, 2001); see http://www.w3.org/TR/wsdl.html
  8. See http://www.uddi.org/ and http://www.uddi.org/faqs.html#who.
  9. R. Cover, Web Services Flow Language (WSFL); see http://xml.coverpages.org/wsfl.html.
  10. W3C XML Digital Signatures, see http://www.w3.org/Signature and http://www.w3.org/TR/2000/CR-xmldsig-core-20001031/.
  11. Security Assertion Markup Language; see
    http://www.oasis-open.org/committees/security/docs/draft-sstc-use-strawman-03.html.
  12. W3C XML Encryption Syntax and Processing, see http://www.w3c.org/Encryption/2001/03/12-proposal.html.
  13. XML Digital Signature APIs, see http://www.jcp.org/jsr/detail/105.jsp.
  14. XML Digital Encryption APIs, see http://www.jcp.org/jsr/detail/106.jsp.
  15. It is expected that the trust model will be specified in SAML.
  16. A. Brown, B. Fox, S. Hada, B. LaMacchia, and H. Maruyama, SOAP Security Extensions: Digital Signature, W3C Note (February 6, 2001); see http://www.w3.org/TR/SOAP-dsig/.
  17. See http://www.ietf.org/rfc/rfc2828.txt.
  18. XKMS is an emerging W3C specification for key management services. It can be used in combination with the keyref element in the keyinfo block of the XML digital signature to retrieve keys and certificates. See http://www.verisign.com.
  19. The ebXML organization (see http://www.ebxml.org) worked with “vertical” industries, such as travel, to attempt to specify such core components, as well as issuing specifications to sign XML messages as indicated in this example.
  20. The IETF PKIX working group has defined a specification for Online Certificate Status Protocol; see http://www.ietf.org/internet-drafts/draft-ietf-pkix-ocspv2-02.txt.
  21. F. Leymann, Web Services Flow Language guide, available at
    http://www-4.ibm.com/software/solutions/webservices/pdf/WSFL.pdf.
About IBM | Privacy | Legal | Contact