The articles in this section explore Web service security from different angles. Subjects include: infrastructure-level security techniques based on products like ISA, secure transport protocol based on HTTP, and SOAP-level techniques based on WS-Security.
Securing Web Services with WSE 2.0
Aaron Skonnard takes you on a tour of the Web Services Enhancements 2.0 security features and shows you how to automate security code with declarative policies. |
Build Security Into Your Web Services with WSE 2.0 and ISA Server 2004
In this MSDN Magazine Security Issue article, Dino Esposito talks about authentication techniques for .NET Web services, Security and policy in WSE 2.0, and the use of ISA Server 2004 in protecting Web Services. |
Use Role Based Security with the Web Services Enhancements 2.0
See how WSE 2.0 integrates X.509-based WS-Security authentication with role-based security features in the Microsoft .NET Framework, and how to use WS-Policy in WSE 2.0 to greatly simplify tasks. |
WS-Security Drilldown in WSE 2.0
Learn how to use Web Services Enhancements 2.0 to implement security, trust, and secure conversations in Web services architecture. Also covers the security-related changes from Web Services Enhancements 1.0. |
Microsoft and Industry Partners Release the WS-Federation Specifications
These new specifications deliver on the security architecture outlined in the Web Services Security Roadmap. The new Federation whitepaper describes the issues around federated identity management and serves as a good introduction to the specifications. |
Understanding WS-Security
Discover how to use WS-Security to embed security within the SOAP message itself, and understand the concerns WS-Security addresses, such as authentication, signatures, and encryption. |
Web Services Enhancements (WSE) 2.0 SP3
Web Services Enhancements 2.0 SP3 for Microsoft .NET (WSE) is a supported add-on to Microsoft Visual Studio .NET and the Microsoft .NET Framework that enables developers to build secure Web services based on the latest Web services protocol specifications. |
New Technologies Help You Make Your Web Services More Secure
Read an overview of WS-Security and its associated technologies, the future of security for Web services. Topics include integrity and confidentiality and how they are provided by public key cryptography, WS-Security, and more. |
Security in a Web Services World: A Proposed Architecture and Roadmap
Read about a proposed strategy for addressing security within a Web service environment. |
Securing Web Services with ISA Server
Create a Web service whose security is handled by Microsoft Internet Security and Acceleration (ISA) Server: Look at the Web service and what it allows callers to do, create a client application that will call Web Methods, and create an ISA Server extension to secure the Web Service. |
Understanding XML Digital Signature
Digital signatures provide end-to-end message integrity guarantees. Read an explanation from Rich Salz on the XML Digital Signature specification, its processing model, and some of its capabilities. |
Implementing XML Key Management Services Using ASP.NET
Learn how to create a Microsoft ASP.NET Web service that conforms to a Microsoft SOAP message-based interface specification. |
Building Secure Web Services with Microsoft SOAP Toolkit 2.0
Learn how to build secure solutions with the Microsoft SOAP Toolkit 2.0. |
HTTP Security and ASP.NET Web Services
Learn how to secure a Web service using a combination of features found in Microsoft IIS and Microsoft ASP.NET. |