Book Review - Web Services Security

Networking/Security Forums -> News // Columns // Articles

Author: MR2Location: Somewhere between 0-160mph PostPosted: Wed Sep 17, 2003 8:43 pm    Post subject: Book Review - Web Services Security
Web Services Security

Author: Mark O’Neill with Phillip Hallam Baker, Sean Mac Cann, Mike Shema, Ed Simon, Paul A. Watters and Andrew White
Publisher: Osborne McGraw-Hill
Book Specifications: Soft-cover, 312 pages, no CD-ROM
Category: Web Security
Audience Level: Primarily for software developers and architects deploying XML web services.
Suggested Publisher Price: $49.99USA/$74.95CAN/£31.29 UK
ISBN: 0-07-222471-1
Amazon UK: Web Services Security Web Services Security
Special Discounted Security Forums Price : £27.74 UK GBP -

Synopsis from back cover

Minimize security risks in your system by successfully rolling out secure Web Services with help from this exceptional guide. Web Services Security covers everything network professionals need to know, including details on Web Services architecture, SOAP, UDDI, WSDL, XML Signature, XML Encryption, SAML, XACML, XKMS, and more.

You’ll also get implementation techniques as well as case studies featuring global services provision initiatives such as Alliance project. Practical, comprehensive, and up-to-date, this is a must-have reference for every administrator interested in conquering real-life security challenges through the effective use of Web Services


Working within the Web Services/Web Development field, I was given a copy of the book to review. Prior to receiving this book, my initial thoughts based on the title was that the book would be more geared towards security for web sites and servers including what attacks are used and how to defend against them.

Intended Audience For This Book

This book is intended for software developers, architects, security professionals and network administrators who are responsible for deploying Web Services, who would require more information and knowledge on the security implications


The book starts with a biography of the authors and contributors followed by the content listing. A foreword discussing Web Services by Patrick J. Gannon President & CEO of OASIS Open is next followed by acknowledgements and a brief introduction.

Part 1 – Introduction

Part 2 – XML Security

Part 3 – Security in SOAP: Presenting WS-Security

Part 4 – Security in Web Services Framework

Part 5 – Conclusion

Content Summary


Although most of the book doesn’t apply to what I do in my work, it is nevertheless a very informative and interesting read. The team at McGraw Hill has really put together an overall look on the security of web services, rather than a specific technology and touching on more services that I would ever need to use.

Very well written and in plain English. The book does have technical references that beginners might need further reading to understand. With examples and useful end of chapter checklists the book covers basic security technologies to securing Web Services.

Things I would put against this book is that it lacks practical techniques that could be implemented in a production environment and I found that the case studies were very brief and don’t go into great detail.

I would give Web Services Security 7/10.

Security Forums Discount

The publishers Mcgraw Hill have kindly setup a discount section for Security Forums' users. Discounts can be up to 30% off the RRP and postage is free on all orders over £20 in the UK & Central Europe.

This review is copyright 2003 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.

Networking/Security Forums -> News // Columns // Articles

output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group