Web services security
Security is a major quality of service (QoS) requirement for QoS enabled web services. You can provide security for web services in several ways, two of which include transport layer security and message level security.
Securing web services at the transport layer
Transport-level security is based on a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) and is used to protect HTTP message contents point to point.
Securing web services at the message level
Message-level security protects the SOAP contents that are contained within an HTTP message for a web service.