TR240 Security Recommendations for Web Services based on SOAP or REST R14.5.1

  • Maturity level: Level 4 - Forum Approved
  • Created By: API Project

This document provides recommendations and best practices on all aspects of enterprise security while implementing Web Services and REST interfaces.

Security requirements are becoming more and more important especially in B2x communication. The security guidelines in this paper should help architects and developers to fulfill general common security requirements for interfaces.

This document also provides Service Providers, Product Vendors and System Integrators a set of security guidelines for interfaces to ensure security across the value fabric.

The security requirements outlined in this paper are reusing best practices from different standardization bodies e.g. IETF, OWASP, NIST.

General Information

Document series: TR240
Document version: 14.5.1
Status: TM Forum Approved
Document type: Technical Report, Exploratory Report
Team approved: 08-Dec-2014
IPR mode: RAND
TM Forum Approved: 13-May-2015