7.4. Web Services Security Requirements
Security sometimes is an afterthought until something unpleasant happens or a security loophole is reported. Security is a process. The security requirements are the key drivers for the Web Services security framework. They relate the security concerns to different areas of Web Services technology during the initial design and implementation stage. It would be useful to put these requirements into scenarios to get the appropriate perspective.
Authentication. The client accessing the business services, which may be a Web browser, PDA, or WAP phone, needs to be authenticated with reliable credentials. Reliable credentials may be passwords, X.509v3 digital certificates, Kerberos tickets, or any secure token ...
Get J2EE™ Platform Web Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
