Windows Communication Foundation are Confidentiality, Integrity, Auditing, Authentication and Authorization. In Windows Communication Foundation, security can be configured at two different levels.
- Transport Level Security
It secures the actual transport (i.e. the pipe) over which the message passes through from client to a service. For example it uses SSL (Secure Socket Layer) to ensure point-to-point protection.
- Message Level Security
It secures the message itself that is being transported from client to a service and vice versa
Actual message is secured in Message Level Security, it support intermediaries.
|Transport Level Security||Message Level Security|
|As Transport Level Security secures the network protocol, so no extra coding required.||As the message is secured (signed and encrypted) while transmitting through the network, any intermediate hop in the network has no impact on security.|
|As client and service doesn’t need to understand WS-Security specification results support for interoperability.||Being transport-independent, it can support multiple transport options.|
|Improved performance can be achieved by using hardware accelerators.||Supports wide range of security options, even we can implement custom security.|
|Lacks support for intermediate systems because it’s point to point and protects the “pipe” between a single client and a service.||Every individual Message is secured means there is a cost to encrypt a message at one side and decrypt on the other resulting in reduced performance.|
|Security options are comparatively less due to protocol security limitations.||Lacks Interoperability. It demands both client and service should support WS-Security specification, so no support for applications developed in older technologies like ASMX.|
© 2015, admin. All rights reserved.