WS-Security OASIS Standard
The Web Services Security (WS-Security) OASIS Standard specifies how SOAP messages can have their integrity and confidentiality ensured.
WS-Security defines a framework for securing SOAP messages, with the specifics being defined in profiles determined by the nature of the security token used to carry identity information. So, for instance, there are different profiles of WS-Security for various different security token formats such as X.509 certificates and Kerberos tickets.
WS-Security and SAML
The WS-Security SAML token profile specifies how SAML assertions can be used to provide message security.
Additionally, SAML itself points to WS-Security as an approved mechanism for securing SOAP messages carrying SAML protocol messages and assertions.