Security Policy
The Security Policy shared configuration resource specifies a security policy that can be used for inbound or outbound SOAP messages. The security policy can include any combination of the following characteristics:
-
Authentication — whether messages must be authenticated. Authentication can be performed either with usernames and passwords or by way of X.509 compliant certificates.
-
Integrity — whether messages must be validated with a signature to ensure the message has not been altered since its creation.
-
Confidentiality —whether messages should be encrypted or decrypted.
-
Timeout — whether messages should expire after a certain time.
For more information about using security policies for web services, see TIBCO ActiveMatrix BusinessWorks™ Process Design