ABSTRACT
The concept of service-oriented architecture (SOA) has been around in various forms for some time, but the SOA model has really become popular of late because of advances in web technology, web services, and standards. Although the concept of an SOA is not tied to a specific technology, in most cases SOA now refers to a distributed system using web services for communication. Other examples of SOA architectures are primarily based upon remote procedure calls, which use binary or proprietary standards that cause challenges with interoperability. Web services solve the problems of interoperability because they are based upon eXtensible Markup Language (XML), by nature an interoperable standard. Significant effort is being put into developing security standards for web services to provide integrity, confidentiality, authentication, trust, federated identities, and more. Those security standards will be the focus of this entry, which will cover XML, XML encryption, XML signature, Simple Object Access Protocol (SOAP), Security Assertion Markup Language (SAML), WS-Security, and other standards within the WS-Security family.
