In this chapter we studied the Web services security. First, we looked at some of the present Web services security methods , such as SSL/TLS and firewall. Then, we explored the XML encryption technologies: XML signature, XML encryption, XKMS, and SAML. Finally, we discussed WS-Security and how to implement it by employing WSE. SSL/TLS and other existing technologies are temporary solutions that work reasonably well within a constrained environment. If you are using Web services right now, we suggest you employ these solutions. We suggest also that you stay informed about the development of the WSE, which implements WS security, and make use of it after its final release. |