Threats and countermeasures documented SAN FRANCISCO — A report issued Wednesday at the RSA Conference by the Web Services Interoperability (WS-I) organization identifies potential security threats to Web services and suggests solutions for them.At a press conference, WS-I representatives explained the report — Security Scenarios Working Group Draft — was created by profiling what the OASIS Web Services Security (WSS) Technical Committee has released in the form of security specifications.Rich Salz, chief security architect for DataPower and a member of the WS-I Basic Security Profile Working Group, said the purpose of the draft is to narrow down the wide set of recommendations set forth in the various OASIS-approved specifications into a document that serves the needs of the WS-I membership. The draft identifies potential threats and outlines countermeasures based on common scenarios for those architecting and deploying Web services in their organizations. The group hopes to receive feedback on the document immediately.The two-year-old group is also working to create a basic security profile that defines common ways to provide security in Web services. WS-I representatives said the profile will be available within four months. WS-I already has issued a basic profile for deploying Web services which consists of implementation guidelines on how Web services specifications should be used to create interoperable Web services. The Basic Profile covers SOAP 1.1, WSDL 1.1, UDDI 2.0, XML 1.0, and XML Schema specifications. Software Development