Monday, March 24, 2008

NIST guide to secure web servies

A well written guide on the topic of securing web services coming from the Computer Security Resource Center (CSRC) of the U.S. National Institute of Standards and Technology (NIST). SP 800-95, “Guide to Secure Web Services” provides detailed information on standards for Web services security.

The document explains the security features of XML, Simple Object Access Protocol (SOAP), the Universal Description, Discovery and Integration (UDDI) protocol, and other open standards related to Web services. It also provides recommendations to ensure the security of Web services-based applications.

A must read ...