Security Assertion Markup Language (SAML) was the topic of Chapter 6, “Portable Identity, Authentication, and Authorization.” WS-Security was presented in Chapter 7, “Building Security into SOAP.” Then WS-Policy was the focus of Chapter 8, “Communicating Security Policy.” They are the three pillars of WS-Security.

Several other important standards are derived from and complementary to WS-Security; they relate to such fundamental security topics as trust, access control, and rights. In this chapter, we review the family of WS-Security–related technologies. An important additional topic is the XML Key Management Specification (XKMS) for managing keys used in signatures, encryption, and ...