Can you recommend any resources which address Web services security?

Are there any whitepapers, scenarios, best practices, or documented experiences with resolving security issues in Web services as they are today?
Web services do not address security well, in the current state-of-the-art of the standard. Lacking is support for authentication, encryption, and access control. Indeed, Web services do not have the ability to authenticate publishers or consumers of the Web services. The XML-Based Security Services Technical Committee from the Organization for the Advancement of Structured Information Standards (OASIS) is looking to shore up security within Web services with the Security Assertion Markup Language (SAML). This security standard allows organization to share authentication information between those they wish to share Web services with as partner organizations. Other emerging security standards include the XML Key Management Specification (XKMS), based on PKI (Public Key Infrastructure).
This was first published in May 2002

Dig deeper on Enterprise Application Integration (EAI)



Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: