locked
Transport security VS Message Security? RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User-252718598 posted

    who can tell me why Transport security can provide point-to-point security and Message Security can provide end-to-end security? What is the underlying mechanism of both?

    any body can give me some explanation or useful links for this question? thanks for u in advanced! Smile

    Monday, April 11, 2016 5:45 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    User-271186128 posted

    Hi EastCoder,

    I suggest you could refer to the following articles:

    https://msdn.microsoft.com/en-us/library/ms733137(v=vs.110).aspx

    https://msdn.microsoft.com/en-us/library/ff648863.aspx 

    Transport Security

    When using transport security, the user credentials and claims are passed by using the transport layer. In other words, user credentials are transport-dependent, which allows fewer authentication options compared to message security. Each transport protocol (TCP, IPC, MSMQ, or HTTP) has its own mechanism for passing credentials and handling message protection. The most common approach for this is to use Secure Sockets Layer (SSL) for encrypting and signing the contents of the packets sent over Secure HTTP (HTTPS).

    Transport security is used to provide point-to-point security between the two endpoints (service and client). If there are intermediary systems between client and the service, each intermediate point must forward the message over a new SSL connection.

    Message Security

    When using message security, the user credentials and claims are encapsulated in every message using the WS-Security specification to secure messages. This option gives the most flexibility from an authentication perspective. You can use any type of security credentials you want, largely independent of transport, as long as both the client and service agree.

    Best regards,
    Dillion

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, April 11, 2016 8:37 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    User-271186128 posted

    Hi EastCoder,

    I suggest you could refer to the following articles:

    https://msdn.microsoft.com/en-us/library/ms733137(v=vs.110).aspx

    https://msdn.microsoft.com/en-us/library/ff648863.aspx 

    Transport Security

    When using transport security, the user credentials and claims are passed by using the transport layer. In other words, user credentials are transport-dependent, which allows fewer authentication options compared to message security. Each transport protocol (TCP, IPC, MSMQ, or HTTP) has its own mechanism for passing credentials and handling message protection. The most common approach for this is to use Secure Sockets Layer (SSL) for encrypting and signing the contents of the packets sent over Secure HTTP (HTTPS).

    Transport security is used to provide point-to-point security between the two endpoints (service and client). If there are intermediary systems between client and the service, each intermediate point must forward the message over a new SSL connection.

    Message Security

    When using message security, the user credentials and claims are encapsulated in every message using the WS-Security specification to secure messages. This option gives the most flexibility from an authentication perspective. You can use any type of security credentials you want, largely independent of transport, as long as both the client and service agree.

    Best regards,
    Dillion

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, April 11, 2016 8:37 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-252718598 posted

    cool reply! thanks a lot.Smile

    Monday, April 11, 2016 8:54 AM