Overview of secured web services specifications

The proliferation of XML based web services in the IT industry not only gives rise to opportunities but challenges too. Namely the challenges of security and a standard way of maintaining it across domains and organisational boundaries. OASIS, W3C and other organisations have done some great work in bringing about this synergy. What this paper looks in are some of the more popular standards in vogue today and clubbed under WS-* specification. This paper will try to give an overview of various frameworks and protocols being used to keep web-services secure. Some of the major protocols looked into are WS-Security, SAML, WS-Federation, WS-Trust, XML-Encryption and Signature. This paper will give you a brief introduction to impact of using WS-* on time complexity due to the extra load of encrypting and certificates. Windows communication foundation is one of the best designed toolset for this.