Web Services Addressing security

Communications traveling on a public network using Web Services Addressing (WS-Addressing) must be adequately secured and a sufficient level of trust must be established between the communicating parties. You are recommended to use transport level security, such as SSL or HTTPS, to secure your communications.

Transport level security, such as SSL or HTTPS, is the most straightforward way to ensure that your WS-Addressing communications are secure. If transport level security is not available, you can secure your messages by signing the WS-Addressing message addressing properties and encrypting the endpoint references.

CICS® cannot sign headers containing WS-Addressing message addressing properties or encrypt endpoint references. However, CICS can verify signatures on incoming messages and can decrypt headers that have been encrypted. If you want to use signing and encryption to secure your communications, you must use an external security gateway, such as the IBM® WebSphere DataPower® XML Security Gateway. For more information, see IBM WebSphere DataPower XML Security Gateway.