Q
Problem solve Get help with specific problems with your technologies, process and projects.

Why do Web services impact security?

What are Web services and how to they affect security? Web services security expert Alex Smolen explains.

What are Web services and why do they impact security?
"Web services" is a fairly broad term applied to a set of technologies that conform to the basic idea that services that process and consume data should be able to communicate regardless of platform or implementation. Web services are used for many different purposes, and have the potential to be widespread throughout the industry and the Web. The common thread through Web services is XML, which organizes the data that is passed back and forth. There are Web services interoperability standards organizations, such as OASIS, WS-I and W3C, which provide common guidelines to promote shared standards of message formatting and delivery.

When it comes to Web service security, there is a broad range of issues to deal with. Web services are being used to replace previously proprietary inter-process communication schemes, such as RMI and EDI, as well as provide new means of distributing data on the Web (think AJAX and Web APIs). Besides traditional security concerns, such as verifying authentic users and guarding against potentially dangerous submitted data, Web services architects and developers must be very careful about the kinds of information they expose, the business processes they allow to be run and the potential security implications of providing what is essentially an API to a general, anonymous audience. That being said, all of the vendors who are pushing Web services are working to solve these problems. An organization's success in creating secure Web services typically boils down to how well the organization's security requirements are elucidated, designed for, and implemented.
This was last published in January 2006

Dig Deeper on Building security into the SDLC (Software development life cycle)

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchMicroservices

TheServerSide.com

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

DevOpsAgenda

Close