I understand that the above 3 techniques are used for secure message transmission, but I am not able to understand the differences between these 3 techniques.
Digital Signature - if a message is digitally signed, the receiver is able to identify the sender and assure its identity. Also, it will be able to know whether the data was exactly like sent by the original sender or if it was changed/corrupted during the transport;
Encryption - the data is encrypted, meaning that only the proper receiver is able to read it. If someone intercepts it during the transport, they won't be able to understand it.
WS-Security - usage of these and some other techniques to increase security level for web services.
WS Security is a standard for securing SOAP messages. By using WS Security, you protect the SOAP messages that are exchanged between the Web service provider and the Web service client with digital XML signatures, XML encryption, time stamps, and security tokens.
XML Signatures
Digital signatures are added to a SOAP document in order to ensure the integrity and the authenticity of the message.
XML Encryption
Encryption is used to protect elements that are sent as part of the SOAP message. This protects the confidentiality of the message and prevents the undesired disclosure of the sent data.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.