This document provides an overview of web services security. It discusses the main concerns of authentication, authorization, confidentiality and integrity. It presents a framework for web services security and describes how security can be implemented at the transport, message and application levels. Various usage scenarios for web services are explored, and the security implications of scenarios like enterprise application integration, reusing existing business logic, and business partner collaboration are examined. Emerging standards for web services security are also overviewed.