Web Services Security (WSS): SOAP Message Security is a
set of enhancements to SOAP messaging that provides message integrity and
confidentiality. WSS: SOAP Message Security is extensible, and can accommodate
a variety of security models and encryption technologies.
WSS: SOAP Message Security provides three main mechanisms that can be used
independently or together. They are:
- The ability to send security tokens as part of a message, and for associating
the security tokens with message content
- The ability to protect the contents of a message from unauthorized and
undetected modification (message integrity)
- The ability to protect the contents of a message from unauthorized disclosure
(message confidentiality).
WSS: SOAP Message Security can be used in conjunction with other Web service
extensions and application-specific protocols to satisfy a variety of security
requirements.