Securing e-Businesses that use Web Services - a Guided Tour Through BOF4WSS

Security in Web services technology itself is a complex and very current issue. When considering the use of this technology suite to support interacting e-businesses, literature has shown that the challenge of achieving security becomes even more elusive. This is particularly true with regard to achieving a level of security beyond just technologies, that is trusted, endorsed and practiced by all businesses involved. In an attempt to address these problems, our research has previously introduced BOF4WSS [1], a business-oriented development methodology, speci?cally geared to guide ebusinesses in de?ning, and achieving agreed security levels across collaborating enterprises. As that work was only an introduction, the aim of this paper is to provide detailed insight into what exactly BOF4WSS advocates and how these activities and processes aid in building security and trust.