(Web Services Security) Standards framework for secure web services, based on SOAP. WS-Security defines additional headers that can be added to a SOAP message to implement integrity and confidentiality in web services applications. It provides a foundation for further security specifications that are under development, including WS-Policy, WS-Trust and WS-Federation. Originally put forward by IBM, Microsoft and Verisign, WS-Security became the responsibility of the OASIS e-business standards body in July 2002.
by Mark O'Neill Timely introduction to web services security and emerging standards, with advice and examples of implementation strategies. (312 pages, Jan 2003, McGraw-Hill Osborne Media)