This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Category:OWASP XML Security Gateway Evaluation Criteria Project

Revision as of 23:21, 23 February 2007 by 1raindrop (talk | contribs)

Jump to: navigation, search

Welcome to the XML Security Gateway Evaluation Criteria Project

This OWASP Project is defines an open standard for evaluating XML Security Gateways. This criteria will first identify and provide the OWASP community a set of standard evaluation criteria to assess the quality of open source and proprietary XML Security Gateways. The main driver for this project is to reduce the confusion and complexity in assessing the strengths and weaknesses of solutions in this complex space, and enlightening the community as to the utility of XML Security Gateways to deliver a number of valuable security services.

Project Guiding Principles:

The XML Security Gateway Evaluation Criteria Project’s Guiding Principles were created in order to express the intentions of its contributors when designing the criteria.

  • Create evaluation criteria supporting a transparent, level playing field for XML Security Gateway solutions to define their solution's key value proposition
  • Where practical, attempt to standardize nomenclature and metrics
  • Educate the community on the design considerations for XML security

Project Scope:

This project will focus on evaluation criteria for XML Security Gateways, that are commonly used in SOAP, Web services, SOA, and Rest applications.

Feedback and Participation:

We hope you find the OWASP XML Security Gateway Project useful. Please contribute to the Project by volunteering for one of the Tasks, sending your comments, questions, and suggestions to [email protected] To join the OWASP XML Security Gateway Project mailing list or view the archives, please email Gunnar Peterson

Project Contributors:

If you contribute to this Project, please add your name here Project Lead:


  • Mark O'Neill, Vordel
  • Brian Roddy, Cisco

This category currently contains no pages or media.