Skip to Main Content
With the development of the Internet, Web Services technology has gradually become the development direction of the e-business, e-government and other fields, and the corresponding security mechanism has received unprecedented attention, while how to design an integrated architecture to enhance web services security remains a problem very difficult to tackle with, and there are no good solutions to support individualized security requirements. As a result of our study we present in this paper a policy-based architecture termed PBA4WSSP for web services security processing. In PBA4WSSP, the processes of all security problems are based on security policy in service stage to enable system security and flexibility. Moreover, this architecture provides the five security services including as integrity, confidentiality, non-repudiation, authentication and authorization. In PBA4WSSP, a web service security module have been designed and implemented.