Security Option | Description |
Signature | A signature is a means of authenticating a message so that the recipient is certain of the sender’s identity and the integrity of the message content. Signing a message involves encrypting a message digest with the sender’s private key. To verify a signed message, the recipient uses the public key corresponding to the sender’s private key. |
Encryption | Encryption is a means of ensuring only the intended message recipient can read the message. The sender encrypts the message using the recipient’s public key. The recipient can then decrypt the message using its private key. |
Security timestamps | Use a timestamp to specify the message expiration time, as well as the precision of the time measurement. This provides protection against replay attacks because inbound messages arriving after the expiration time can be invalidated. |
Authentication tokens | You can use the following standard WS-Security authentication tokens for authenticating a web service client: ![]() ![]() ![]() Note: You can only use SAML tokens when using WS-SecurityPolicy. The Integration Server WS-Security facility does not support SAML tokens. |