Home arrow Security arrow Basic Concepts of Web Services Security

Basic Concepts of Web Services Security

Today we cover the basics of Web services and information security and the way Web services security builds on existing security technology. This is chapter 1 from Securing Web Services with WS-Security, by Rosenberg and Remy (ISBN 0672326515, Sams, 2004).

  1. Basic Concepts of Web Services Security
  2. XML, SOAP, and WSDL
  3. UDDI
  4. Security Basics
  5. Shared Key and Public Key Technologies
  6. Security Concepts and Definitions
  7. Web Services Security Basics
  8. Summary
  9. Footnotes
By: Sams Publishing
Rating: starstarstarstarstar / 10
October 04, 2004

print this article



Securing Web Services with WS-SecurityWeb services are a transformational technology for integrating information sources from both inside and outside an enterprise. Web services are the newest incarnation of middleware for distributed computing. Unlike all previous forms of middleware, however, this is a simpler, standards-based, and more loosely coupled technology for connecting data, systems, and organizations. That is good news for architects and developers wanting to quickly become proficient in this technology and deploy real systems. It is also somewhat bad news for architects and developers because all middleware needs strong security practices, and Web services need it more than any middleware of the past. Why more? Because Web services create loosely coupled integrations. Because Web services are not just being used to integrate internal systems, but they are also integrating data sources from outside the organization. Because Web services are based on the passing of readable and self-describing business messages represented in XML. Because Web services are based on underlying Web technologies that already had their own set of security challenges.

It is true that Web services—like most new transformational information technologies introduced—have been overhyped, and it is true that fears of security problems have also been overblown, which has impeded the development and deployment of Web services. It is also true that the standards for Web services are either quite new or in some cases not even fully baked yet. This book is designed to take the mystery and fear out of how to build secure Web services and to shed light on these new standards and how to best use them. It is also designed to show you the richness and complexity of the security issues around Web services so that you, the designers, builders, and operators of Web services, can fully exploit all the capabilities of Web services to your best advantage but do so knowing full well what all the security challenges are and how to face them.

This chapter covers the basics of Web services and information security and the way Web services security builds on existing security technology. This sets the stage for a deeper understanding of the major standards for information security associated with Web services.

SamsThis chapter is from Securing Web Services Security with WS-Security, by Jothy Rosenberg and David Remy (Sams, 2004, ISBN: 0672326515). Check it out at your favorite bookstore today.

Buy this book now.

>>> More Security Articles          >>> More By Sams Publishing

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Secure Your Business for Data Privacy Day
- Google Testing Security Fob Password Alterna...
- Security News Highlights Concerns
- Going to Extremes for Data Security
- Skipfish Website Vulnerability Scanner
- Critical Microsoft Visual Studio Security Pa...
- US Faces Tech Security Expert Deficit
- LAN Reconnaissance
- An Epilogue to Cryptography
- A Sequel to Cryptography
- An Introduction to Cryptography
- Security Overview
- Network Security Assessment
- Firewalls
- What’s behind the curtain? Part II

Developer Shed Affiliates


Dev Shed Tutorial Topics: