WS-I Security Document Identifies Web Services Threats

 
 
By Darryl K. Taft  |  Posted 2005-05-17
 
 
 

The Web Services Interoperability Organization has promoted a key security document that was approved by its member community.

WS-I officials Monday said the organizations "Security Challenges, Threats and Countermeasures" document had reached "Final Material" status and is available for enterprises to use to identify threats and security challenges in their Web services environments.

According to WS-I, the challenges listed in the document describe security challenges, such as ensuring data integrity and confidentiality. The document also details 10 threats, including denial-of-service attacks, message alteration and message replay, and lists countermeasures to the various threats. It also features usage scenarios and solutions, WS-I officials said.

Meanwhile, the WS-I Basic Security Profile Working Group has been working to deliver the WS-I Basic Security Profile. The BSP is expected to be available this summer and will focus on transport security and SOAP (Simple Object Access Protocol) messaging security, WS-I officials said.

"Security has been identified as one of the most important challenges to interoperable Web services," said Tom Glover, WS-I Chairman, in a statement. "The publication of WS-Is Security Challenges, Threats and Countermeasures document as Final Material will enable Web services architects and developers to minimize risk while focusing on interoperability."

Check out eWEEK.coms for the latest news, reviews and analysis in Web services.

Rocket Fuel