12.12. Summary
This chapter has discussed the basic mechanisms that can be used to make Web services interactions reliable in the presence of security attacks. A family of WS-Security specifications has been defined to deal with many of the aspects of Web services security. The most fundamental of these specifications, WS-Security: SOAP Message Security, provides a common syntax and a processing model for carrying security information in SOAP envelopes, enabling the integration of existing enterprise and internet security mechanisms. Using basic WS-Security Web service requesters and providers can ensure the integrity and confidentiality of their interactions and check and transmit identity and authorization information among others. Other specifications in the WS-Security family, which provide solutions for other security needs of Web service users, are reviewed in the next chapter. |