developerWorks

AIX and UNIX
Information Mgmt
Lotus
Rational
Tivoli
WebSphere

Architecture
Autonomic computing
Java™ technology
Linux
Multicore acceleration
Open source
SOA and Web services
	New to SOA and Web services
	Downloads & products
	Open source projects
	Standards
	Technical library
	Training
	Forums
	Events
Web development
XML

About dW
Submit content
Feedback

Related links
	ISV resources
	alphaWorks (emerging technologies)
	IBM Academic Initiative
	IBM Redbooks
	IBM Press books
	IBM communities

Local sites
	developerWorks 中国
	developerWorks Japan
	developerWorks 한국
	developerWorks Россия

developerWorks > SOA and Web services >

Web Services Secure Conversation Language

Level: Advanced

Contributors: IBM, BEA Systems, Microsoft, Computer Associates, Actional, VeriSign, Layer 7 Technologies, Oblix, OpenNetwork Technologies, Ping Identity, Reactivity, RSA Security

01 May 2004
Updated 01 Feb 2005

The recently updated Web Services Secure Conversation Language (WS-SecureConversation) is built on top of the WS-Security and WS-Trust models to provide secure communication between services.

The Web Services Secure Conversation Language (WS-SecureConversation) is built on top of the WS-Security and WS-Policy models to provide secure communication between services. WS-Security focuses on the message authentication model but not a security context, and thus is subject several forms of security attacks. This specification defines mechanisms for establishing and sharing security contexts, and deriving keys from security contexts, to enable a secure conversation.

By using the SOAP extensibility model, modular SOAP-based specifications are designed to be composed with each other to provide a rich messaging environment. As such, WS-SecureConversation by itself does not provide a complete security solution. WS-SecureConversation is a building block that is used in conjunction with other Web service and application-specific protocols (for example, WS-Security) to accommodate a wide variety of security models and technologies.

Get the specification and related material

Description	Date	Access method
WS-SecureConversation Language specification (PDF, 199KB)	February 2005	HTTP download
WS-SecureConversation Language XSD	February 2005	HTTP Web page

If you would like to contribute technical comments on this specification, please do so through our Feedback page.

You can still view the previous version of this specification by clicking on the following link:

WS-SecureConversation specification previous version (May 2004)

Resources

Read the related Web Services Trust specification that explains how trust relationships are defined between Web services.
Web Services Addressing defines how to identify services across a network.
Web Services Policy Framework defines how to apply policies to control individual services behavior.
Web Services Security describes enhancements to SOAP to provide quality of protection through message integrity, confidentiality, and authentication.
WS-SecurityPolicy is a building block that is used in conjunction with other Web service and application-specific protocols to accommodate a wide variety of security models.
SOAP 1.1 is the basic messaging transport for all Web services while SOAP 1.2 offers enhancements to the message framework.
WSDL 1.1 is the current standard language for services description.
XML Schema, Part 1 and Part 2 are specifications that explain how schemas are organized in XML documents.

Back to top

Document options

Document options requiring JavaScript are not displayed