Site icon API Security Blog

WS Security is not enough to secure your SOAP web services.

WS Security Threats and Countermeasures

The WS-Security standard does not provide a complete security solution, but it can help you achieve some of the following goals:

Confidentiality – ensure that messages are protected from eavesdropping during transit.  Message integrity – verify that messages have not been altered in transit. Authentication – confirm the identity of message senders and receivers. Non-repudiation – prove that a sender sent a specific message on behalf of an organization or individual. Availability – prevent denial-of-service attacks against Web service endpoints by ensuring availability of these endpoints at all times.
https://t.co/6mSPqqvTRv

Exit mobile version