Authentication and authorization assume complex relationships in Web service interactions. The distributed, loosely coupled architecture of service-driven architectures present serious challenges in terms of verifying credentials and exercising access control over diversified resources without creating security bottlenecks.
SAML, a major initiative from OASIS, provides a standard means for communicating authentication and authorization information across Web services in XML/SOAP format. SAML makes use of the concept of assertions to provide access to specific resources available on the Web. SAML is likely to evolve as a standard in Web service authenticationprovided that major vendors start adopting the same in their security architectures.
XACML, another initiative from OASIS, complements SAML in providing a standard means of exercising finely grained access control over confidential XML documents. XACML is still within the egg in its early stages; wider implementations are expected to be available later this year.