A service that issues a SAML assertion is called a Policy Decision Point (PDP) while a service that accepts a SAML assertion is called a SAML authority.
A hash is created as a result of carrying out a digest function. The hash is subsequently used together with XML canonicalization functions to match message documents in order to prove integrity and authenticity.
As part of Service Composition A, a service consumer needs to authenticate itself to four different services. The Direct Authentication pattern was applied to each of these four services, all of which share the same identity store. This identity store is also shared by a number of additional services. As a result of increased usage, the identity store has become a performance bottleneck. The resulting performance degradation is impacting Service Composition A to the extent that it is causing problems. The security architecture for Service Composition A needs to be improved in order to avoid further performance degradation. However, any changes to the service composition architecture cannot break any dependencies with the existing service consumer. Which of the following approaches fulfills these requirements?
The SAML and WS-Security industry standards can be applied to the same service composition architecture.
Service A hashes a message, resulting in message digest X. Service A encrypts the message digest X with its private key, resulting ir ciphertext X1. Service A sends the message and X1 to Service B . Service B hashes the message, resulting in message digest Y. Service B decrypts X1 with Service A's public key, recovering message digest X. Service B compares Y with X and finds them to be equal. This proves that:
