11.3. Web-Service Security
Almost all of the standards relating to Web Services are still evolving, and the security standards are no exception. The lack of maturity in the Web-Service security standards is the biggest barrier to adopting Web-Services technology today. If the security models were complete, we could cover them in the following chapters as an integrated part of our Web Services. Instead, we'll briefly cover them here as a future step in Web-Services evolution.
Starting at the lowest level in the stack, Web Services will require a secure transport mechanism. This is largely in place; Secure Sockets Layer (SSL) and various ways of encrypting information as it is passed over the Internet are well understood. The XML Digital Encryption ...
Get J2EE™ and JAX™: Developing Web Applications and Web Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
