One of the important part of any service is its security. Security fundamentally mean protecting tangible items such as database of a service. Security provides authentication, authorization, and privacy to the web services that are deployed over internet. One should descibe service as a public interface.
These service interfaces are defined by a Web Services Description Language (WSDL) files and operations which are called using XML-based message schemas. Security is critical to web services. Security related issues are:
Authorization is the process that administer the resources and operations and authenticate the client to access these resources. Resources include files, databases, tables, rows, etc.
Confidentiality mention as privacy. Privacy is the process of making data private and confidential. Confidentiality ensure that data wil not be use by unathorize person(user).
Authentication is a process of verifying the correct user on the basis of credentials such as knowing about user who is using password. To identify the user we uses standards like HTTP that provide built-in support for authentication and protected services, Digital Signature provides public key cryptography to digitlize the message.
The word Integrity is the guarantee that data is protected from accidental or malicious modification. A digital signature is used to validate the signature and provides non-repudiation i.e. no repetition of data.
The important concepts in security is that effective security is a combination of people, process, and technology. A network is a group of two or more computer systems that are linked together. Security of network is neccessary to protect web service operations from malicious threat. Transferring data from one domain to another domain or between applications needs sometimes a secure transaction.