Get started Bring yourself up to speed with our introductory content.

XML Web services tutorial: How to improve security in Web services

Securing XML is an essential element in keeping Web services secure. This Learning Guide is a compilation of resources that review different types of XML security standards and approaches for keeping your XML Web services secure.

  The complex nature of XML security can leave some security pros scratching their heads. The use of XML-based...

Web services can introduce security risks that could leave your organization vulnerable to malicious attacks. In order to keep Web services secure and thwart attacks and viruses, organizations must take specific steps to secure XML and Web services; one example would be virus protection for XML documents and attachments, which often requires a more in-depth antivirus and antimalware security strategy.

This XML Web services tutorial, provided below, is a compilation of resources that review different types of XML security standards and approaches on how to improve security in Web services. Some of the areas covered in this tutorial include XML firewall security features and capabilities, OASIS security guidelines, the WS-Security standard and notable XML vulnerabilities and threats.


   Introduction to XML Web services security
   XML encryption and WS-Security tutorial
   XML firewall security guide

Using an XML security gateway in a service-oriented architecture
Enabling security for enterprise Web services and service-oriented architectures (SOA) requires an approach that differs from traditional security practices.

In this tip, Gunnar Peterson discusses deployment of security services in XML security gateways, explains how XML security gateways can help keep network endpoints safe in an SOA environment, and details other security services they provide.

XML viruses threaten Web services security
As XML content on the Internet continually increases, the threat of viruses, worms and malware continues to cross over into the world of Web services, meaning that simply scanning scan your computer and email attachments for malicious files is not an adequate defense against threats.

This tip highlights the importance of solid virus protection for XML documents and attachments, discusses common XML threats, and explains how they operate and explains how XML security vendors are shoring up their products to protect Web services against viruses, worms and malware.

XML complexity introduces security risks
The complexity surrounding XML security can leave some security pros scratching their heads, introducing security risks that could leave an enterprise open to malicious attacks. According to the experts, security pros need to remove complexity and remedy performance degradation introduced by hefty authentication methods in order to implement a solid XML security strategy.

This article provides a better understanding of XML security and XML security issues, such and authentication and access control, and highlights the importance of considering these issues when designing and managing XML Web services.

XML security terms and definitions

This was last published in May 2006

Dig Deeper on Single-sign on (SSO) and federated identity

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.