Which statement is true about the WS-Security standard?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
https://docs.oracle.com/cd/E19226-01/820-7627/gjiou/index.htmlThe WS-Security standard is a protocol designed to secure SOAP messages transmitted over a network. It provides a framework for securing SOAP messages at the message level, independent of the transport protocol (e.g., HTTP, SMTP).
Among the given options, the correct statement about WS-Security is C. It provides message-level security. This means that WS-Security is concerned with securing the actual content of the SOAP message, including its header and body. This is in contrast to transport-level security mechanisms, such as SSL/TLS, which are concerned with securing the connection between the client and the server.
Option A is incorrect because WS-Security is not a Java EE standard, but rather a more general web services standard that can be implemented in any programming language or platform.
Option B is also incorrect because WS-Security is not reliant on any specific transport protocol for security. It can be used with any protocol that supports the exchange of SOAP messages.
Option D is partly incorrect. WS-Security does define protocol-specific ways of protecting SOAP messages, but it is not limited to just one protocol. It can be used with multiple protocols, including HTTP, SMTP, and others.
In summary, WS-Security provides a framework for securing SOAP messages at the message level, independent of the transport protocol, and can be used with multiple protocols.