Title :
Why applying standards to Web services is not enough
Author :
Viega, John ; Epstein, Jeremy
Author_Institution :
McAfee, Santa Clara, CA
Abstract :
Properly designing and securing your Web services application is important, and it´s not just a matter of using security standards. Developers must understand both the limitations and drawbacks to security standards in order to fully secure their Web services. In this article, we outline the role of security standards in Web services development. We then look at each of these three pitfalls in detail. Finally, we provide some suggestions on how to address standards-based security in a Web application
Keywords :
Internet; security of data; Web service design; Web service development; Web service security standards; Authentication; Biometrics; Cryptographic protocols; Cryptography; Cyclic redundancy check; Optimized production technology; Security; Standards development; Standards organizations; Web services; Internet; security; web security; web services;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2006.110
