Why applying standards to Web services is not enough

The Importance of design and security of web services applications, are discussed. The role of traditional standards is to meet the market demand for uniformity among the vendors. The developers need to understand the security standards and limitations and drawbacks to fully secure their web services. The common pitfalls related to standards are security, use of wrong standards and ignorance of authentication of the standards. Large number of web services security standards are available to developers, including SSL (Security Sockets Layer), WS-Security, Digital Signature Services, XML-encryption, XML-signature, eXtensible Acces Control Markup Language, Security Assertion Markup language, and the XML key management Specification, to make them understand the fineness of web services applications. Dynamic testing tools can detect some operational misconfigurations that a static tool probably would not be able to identify and have the benefits of being language independent.