Within this project, many technical issues, concerning security, reliability, quality of service, communications compatibility, etc., need to be addressed. Some related mature security products can be used as good references (e.g. Sun Access Manager, Microsoft CardSpace, OpenID, etc).
The implemented prototype proves that our LK-WSG has the following features:
- Transparency for Web Services and Web Service Clients
- Centralization of Web Service Management and Security
- Encryption and Signature using WS-Security and SSL
- Authentication and Authorization using SAML and XACML
- Authentication across companies in SOAs
- Flexibility to be capable of working with/without ock-Keeper