When it comes to Web service security, there is a broad range of issues to deal with. Web services are being used to replace previously proprietary inter-process communication schemes, such as RMI and EDI, as well as provide new means of distributing data on the Web (think AJAX and Web APIs). Besides traditional security concerns, such as verifying authentic users and guarding against potentially dangerous submitted data, Web services architects and developers must be very careful about the kinds of information they expose, the business processes they allow to be run and the potential security implications of providing what is essentially an API to a general, anonymous audience. That being said, all of the vendors who are pushing Web services are working to solve these problems. An organization's success in creating secure Web services typically boils down to how well the organization's security requirements are elucidated, designed for, and implemented.
Dig Deeper on Building security into the SDLC (Software development life cycle)
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.