This paper discusses how a new secure perimeter is needed when deploying Web Services. This perimeter is more "porous," in that more gets through, but it also has stronger security requirements. To meet these needs, the perimeter must employ XML encryption, signature, identity; it must resist XDoS attacks, etc.

We will examine several factors that motivate the need for such a perimeter, discuss some considerations to keep in mind when constructing it, and identify some best practices to use in production.