1. Transport Layer Security (TLS)
1.1. Feature
1.1.1. Authentication—communication is established between two trusted parties
1.1.2. Message confidentiality—data exchanged is encrypted
1.1.3. Message integrity—data is checked for corruption
1.1.4. Secure key exchange between client and server
1.2. user case
1.2.1. No authentication, No certificates are sent or exchanged. In this case, only confidentiality (encryption/decryption) is used
1.2.2. One-way authentication (or server authentication)
1.2.3. Two-way authentication (or bilateral authentication)
2. WS-Security
2.1. XML Encryption (Confidentiality)
2.1.1. How digital content is encrypted and decrypted.
2.1.2. How the encryption key information is passed to a recipient.
2.1.3. How encrypted data is identified to facilitate encryption.
2.1.4. An XML document may be encrypted as a whole or in part
2.2. XML Signature (Integrity, Authenticity)
2.2.1. The document is signed using the sender's private key; the signature is verified using the sender's public key.
2.2.2. A signature can apply to a whole document or just part of a document
2.2.3. provides proof that messages have not been altered since they were signed
2.3. WS-Security profiles
2.4. WS-Security Tokens
2.4.1. Username
2.4.2. X.509 certificate
2.4.3. Kerberos ticket
2.4.4. Security Assertion Markup Language (SAML) assertion
3. WS-Policy
4. WS-SX
4.1. WS-SecurityPolicy
4.1.1. Example of WS-SecurityPolicy
4.1.2. xample of Message Conforming to WS-SecurityPolicy
4.2. WS-Trust
4.3. WS-SecureConversation
5. WS-Addressing
5.1. WS-Addressing is transport-independent
5.2. WS-Addressing is used with other WS-* specifications, such as WS-Policy
5.3. Example
6. J2EE Container
6.1. WebContainer
6.1.1. getUserPrincipal()
6.2. EJBContainer
6.2.1. getCallerPrincipal()