Secure Web Services Guide

669 KB | 3 files |  DOC, PDF

The flexibility and scalability that make Web Services so attractive as an infrastructure model also create risks and insecurity. This guide will help you lock down SOA, SOAP and other services-based technologies.

The advance of Web services technologies promises to have far-reaching effects on the Internet and enterprise networks. Web services based on the eXtensible Markup Language (XML), SOAP, and related open standards, and deployed in Service-Oriented Architectures (SOA) allow data and applications to interact without human intervention through dynamic and ad hoc connections. Web services technology can be implemented in a wide variety of architectures, can co-exist with other technologies and software design approaches, and can be adopted in an evolutionary manner without requiring major transformations to legacy applications and databases.

The security challenges presented by the Web services approach are formidable and unavoidable. Many of the features that make Web services attractive, including greater accessibility of data, dynamic application-to-application connections, and relative autonomy (lack of human intervention) are at odds with traditional security models and controls. The primary purpose of this publication is to inform people about securing Web services.

The attached Zip file includes:

  • Intro Page.doc
  • Cover Sheet and Terms.pdf
  • Secure Web Services Guide.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology» | Visit National Institute of Standards and Technology »
Related IT Downloads

Security73 Guide to Application Whitelisting

This publication is intended to assist organizations in understanding the basics of application whitelisting. It also explains planning and implementation for whitelisting technologies throughout the security deployment lifecycle. ...  More >>

Security29 Security of Interactive and Automated Access Management Using Secure Shell (SSH)

This publication assists organizations in understanding the basics of SSH interactive and automated access management in an enterprise, focusing on the management of SSH user keys. ...  More >>

Security35.jpg Secrets: Managing Information Assets in the Age of Cyberespionage

In this excerpt, Pooley focuses on managing your information assets, specifically looking at how to keep them safe, stay out of trouble, and maximize their utility in your business. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.