Abstract: Securing the web services is of major concern when implementing critical business transaction with web services. A problem with web services security standards are appeared due to the fact that several organizations are involved in developing such standards caused many possibilities of unsecured usage. The present work summarizes the security model for WS-security and its related specifications. The most important one is the WS-security which defines a message-based security model for WS-S that is suitable for achieving end-to-end security in environments with multiple trust domains. Additionally, WS-security describes how to encode binary security tokens. Specifically, the specification describes how to encode X.509 certificates and Kerberos tickets as well as how to include opaque encrypted keys. This study also introduces the different levels of security and gives an overview of the current status of these concepts concerning standardization.
Marzouk S. Mokbel , Maan Younis Abdullah and Le Jiajin , 2007. The Web Services Securing: Basic Technologies . Asian Journal of Information Technology, 6: 674-680.