Security for webservice.

Question

Hi all I need some information about web service security. For example I have created a web service which get sensitive information from my database and kept those in dataset. And finally I have deployed this web service in the IIS server. And this webservice will be consumed by some other application which lies in different server. In my webservice I have not provided any security. Now I want to give security to my web service. In this regard what type of security I should give and how can I do this security with one example pls????? Your help is always appreciated. Thanks Rahul

Mahesh Chand · Answer

Is your Web Service consumed within an Intranet or available to public on the Internet? If they are within the Intranet first thing you would want to do is secure the Intranet using a Firewall. For Internet based consumers you can use SSL and make the service SSL enabled so all consumer applications must have SSL. If your Web service is available to public then you need to encrypt and decrypt the data.