The authors, BEA, IBM, Microsoft, SAP AG, Sonic Software and Verisign, were joined by other W3C members including WSO2 in submitting the WS-Policy specification as the basis for work to develop a W3C Recommendation (standard).
There has been significant progress to develop WS-Policy to create a composable architecture that enables the development of secure, reliable, and transacted Web services. The authors believe it is now appropriate to share this work with a larger audience, which will hopefully continue its refinement and ratify it as a Web services standard.
Introduced in 2002, the WS-Policy specifications include the WS-Policy Framework and WS-Policy Attachment. The goal of the specifications is to enable Web services to express their requirements and policies to requesting applications and other Web services. Requirements may include security constraints, protocols supported, message encoding information, and more. Specifically, these specifications define the following:
- An XML Infoset, called a policy expression, that contains domain-specific, Web service policy information.
- A core set of constructs to indicate how choices and/or combinations of domain-specific policy assertions apply in a Web services environment.
WS-Policy specifically will further Web services security by defining how to express capabilities and constraints of security policies. That said, WS-Policy is a general purpose policy framework not in anyway limited just to the security space.< p> The public acknowledgement is available here: http://www.w3.org/Submission/2006/06/
The WS-Policy implementation has also been renamed as Apache Neethi in the Apache Software Foundation Web services Commons project. For more information about Apache Neethi see here.