Skip to main content
purple hex pattern

Why is it needed?

Security mechanisms like TLS (Transport Layer Security) are insufficient for securing Web Services. Since TLS creates a secure channel through which messages flow, it is incapable of differentiated protection, e.g. encrypting and/or signing only particular components of those messages. This is relevant when non-sensitive portions of the message need to be accessed or changed by intermediate actors. Additionally, in a scenario where a SOAP message might flow through multiple actors, TLS is incapable of providing end-to-end protection; TLS only allows each ‘hop’ to be protected-with the resultant security gaps at intermediate actors.


A new OASIS Technical Committee was formed in August 2002 to oversee the standardization of the WS-Security proposal.

Entrust Involvement

Entrust is an active member of the newly formed OASIS Technical Committee working on WS-Security. Entrust already has support for XML Signature and XML Encryption in the Entrust Authority™ Security Toolkit for Java and these are the fundamental building blocks for WS-Security. As the specification progresses, Entrust will build on this existing support to directly support the WS-Security specification itself.