need help with Web Services security

[Tal Mozes <TalM () comsec co il>]

Hi,

 

I'm trying to find the best way to secure Web Services which will run on
.NET and Websphere 5.

I need a secure authentication between the applications, integrity and
confidentiality of the messages.

I know the WS-Security recommendations, but I need something more accurate
that is supported by the two platforms above.

I'm currently thinking about using a Kerberos server (as for Kerberos
tickets) and SSL-2. 

 

What do you think about this method and how complicated is it to implement?

Do you have any other suggestions?

 

Thanks in advance,

Tal.
**************************************************************************************************
The contents of this email and any attachments are confidential.
It is intended for the named recipient(s) only.
If you have received this email in error please notify the system manager or  the 
sender immediately and do not disclose the contents to any one or make copies.

** eSafe scanned this email for viruses, vandals and malicious content **
**************************************************************************************************