XML Security Learning Guide
Securing XML is an essential element in keeping Web services secure. This SearchSecurity.com Learning Guide is a compilation of resources that review different types of XML security standards and approaches for keeping your XML Web services secure.
TABLE OF CONTENTS
XML Security Key Terms and Definitions
Introduction to XML Security
OASIS
WS-Security
SAML
XML Signatures & Encryption
XML Firewalls
More Security Learning Resources
Free Security IT Downloads
![]() |
![]() |
- Security Assertion Markup Language (SAML) (SearchSecurity.com Glossary)
- Authentication (SearchSecurity.com Glossary)
- Authorization (SearchSecurity.com Glossary)
- Digital signature (SearchSecurity.com Glossary)
- SOAP (Simple Object Access Protocol)(SearchWebservices.com Glossary)
- Algorithm (SearchSecurity.com Glossary)
- Extensible Access Control Markup Language (XACML) (SearchSecurity.com Glossary)
- Organization for the Advancement of Structured Information Standards (OASIS) (SearchWebservices.com Glossary)
- Encryption (SearchSecurity.com Glossary)
- WS-Security (SearchWebservices.com Glossary)
- Firewall (SearchSecurity.com Glossary)
- Single signon (SearchSecurity.com Glossary)
- Public key infrastructure (PKI) (SearchSecurity.com Glossary)
![]() |
![]() |
- Article: XML complexity introduces security risks (SearchSecurity.com)
- Article: Web services require new approach to security (SearchSecurity.com)
- Article: Sorting out the Web services security landscape (SearchSecurity.com)
- Conference presentation: How to Overcome Web Services Security Obstacles (Information Security Decisions 2005)
- Quiz: Infosec Know IT All Trivia: Securing Web services (SearchSecurity.com)
- Advice: Confused about differences in Web services security technology (SearchSecurity.com)
- Webcast: Web Services Security School, Lesson 1: Why Web services need security and trust (SearchWebServices.com)
![]() |
![]() |
- Article: Web services security specs hit the standards track (SearchWebServices.com)
- Article: OASIS advances security standards (SearchSecurity.com)
- Article: OASIS ratifies core security spec (SearchSecurity.com)
- Article: Latest Web services spec tackles application flaws (SearchSecurity.com)
- Advice: National standards, security bodies release security checklists spec (SearchWebServices.com)
- Advice: How will the battle between W3C and OASIS affect Web service security standards? (SearchSecurity.com)
- Article: Study shows companies still lukewarm (for now) on Web services (SearchSecurity.com)
![]() |
![]() |
- Fast facts: WS-Security (SearchWebServices.com)
- Q&A: Standards expert: WS-Security changing Web services landscape (SearchSecurity.com)
- Article: WS-Security celebrates anniversary as a standard (SearchSecurity.com)
- Article: Implementing WS-Security (SearchWebServices.com)
- Advice: What security concerns does WS-Security address? (SearchSecurity.com)
- Advice: Are there other projects for Web services security in the works beside WS-Security? (SearchSecurity.com)
- Advice: How will WS-Security impact Web services deployments? (SearchWebServices.com)
- Advice: A few questions regarding XML security (SearchWebServices.com)
![]() |
![]() |
- Article: RSA 2006: Hunger grows for federated ID (SearchSecurity.com)
- Article: Eight vendors pass SAML 2.0 sniff test (SearchSecurity.com)
- Article: Liberty Alliance begins SAML 2.0 testing in July (SearchSecurity.com)
- Article: Young SAML must conquer business pressures (SearchSecurity.com)
- Article: SAML 2.0 unifies support for federation (SearchWebServices.com)
- Article: SAML ratification enables vendor interoperability (SearchSecurity.com)
- Article: Federal agency demonstrates SAML interoperability (SearchWebServices.com)
- Advice: Limiting the risk and liability of federated identities (SearchSecurity.com)
- Advice: How SAML works (SearchWebServices.com)
- Advice: Are SAML and WS-Security competitive specifications for Web services security? (SearchSecurity.com)
- Webcast: Leveraging the power of SAML (SearchSecurity.com)
- Webcast: Web Services Security School, Lesson 4: SAML (SearchWebServices.com)
![]() |
![]() |
- Article: Securing Web services requires out-of-box thinking (SearchSecurity.com)
- Article: Web services pose identity management challenges (SearchWebServices.com)
- Q&A: The pros and cons of securing Web services with SSL (SearchSecurity)
- Article: Report recommends standalone XML security appliances (SearchWebServices.com)
- How-to guide: Supporting digital signatures within SOAP messages (SearchWebServices.com)
- Advice: Determining from WSDL if a Web service supports XML signature (SearchSecurity.com)
- Advice: Confused about differences in Web services security technology (SearchSecurity.com)
- Advice: Support for XML signature/encryption (SearchWebServices.com)
- Advice: What implementation(s) of XML encryption and XML signature would you recommend? (SearchWebServices.com)
- Webcast: Web Services Security School, Lesson 3: XML Signature and XML Encryption for Web services (SearchWebServices.com)
![]() |
![]() |
- Article: Web application firewalls create breathing room (SearchSecurity.com)
- Article: Rockwell Collins taps XML security appliance for services foundation (SearchWebServices.com)
- Article: XML viruses threaten Web services security (SearchSecurity.com)
- Article: XML firewalls dig deeper than traditional firewalls (SearchSecurity.com)
- Article: Web application, XML firewalls converge in one appliance (SearchWebServices.com)
- Article: Web services security vendors focus on access control, XML firewalls (SearchSecurity.com)
- Article: New XML firewall keeps watch on Web services (SearchWebServices.com)
- Article: Various flavors of firewalls are evolving (SearchSecurity.com)
- Article: XML firewall integrates crypto hardware (SearchSecurity.com)
- Article: Westbridge exec: When XML is a factor, standard firewalls don't cut it (SearchSecurity.com)
- Advice: XML-based attacks and how to guard against them (SearchSecurity.com)
- Advice: Securing Web services: A job for the XML firewall (SearchSecurity.com)
- Featured Topic: XML firewalls (SearchWebServices.com)
More Security Learning Resources |
SECURITY SCHOOL | LEARNING GUIDES | CHECKLISTS | GLOSSARY | ASK THE EXPERTS | ||||||