XML Security vs traditional (network) security Traditional Security: Host-to-host or point-to-point security Client/server oriented Connection or connectionless oriented Generically single/common trust domain/association XML Security Document oriented approach Security tokens/assertions and policies can be associated with the document or its parts Intended to be cross-domain Potentially for virtual and dynamic trust domains (security associations) |