Security Token Service (STS)

The Security Token Service (STS) is a partial implementation of the OASIS WS-Trust specification. It is a service that can be used for transforming an existing security token into another security token format. Security token, on the other hand, is defined in the WS-Security specifications as a collection of claims that can be attached into a Web Service message. The token formats that will be supported by our STS implementation include X.509 certificate, X.509 proxy certificate, Username/Password and SAML assertion. Existing external sources like online Certificate Authorities, online credential repositories, VOMS and SAML authorities can be exploited by STS for aggregating the required information for the security tokens to be issued. By enabling the token transformation, STS can establish a trust relationship between different security and application domains.