abstract |
System and method for designing and implementing secure Web Services according to a Web Services Security Assessment structured methodology and design patterns. Lifecycles of the Web Services Security Assessment structured methodology may include, but are not limited to: vision and strategy, architecture design, development, integration, and deployment. In one embodiment, security components may be identified based on one or more use case requirements. Web Services objects that need to be protected may be identified. The object relationship for security protection may be defined, and associated trust domains, security policy and strategy and threat profiles may be identified. Protection schemes for these Web Services objects may be generated. Web Services security design patterns may be applied. One embodiment may be implemented as a secure Web Services architecture design mechanism that may receive Web Services requirements as input and assist a user in designing and generating a secure Web Services architecture. |