New WS Security Patterns up on GotDotNet
The practices guys have been quite deeply focused on the security aspects of building service oriented systems lately, and have released a CTP document detailing direct authentication patterns (I give my credentials to a service which directly authenticates me against a database or a directory in its own domain), brokered authentication patterns (My credentials get sent to an authentication broker that gives me a token I can present to a bunch of services) and message protection patterns (please keep my service interactions secret and watch out for tampering and spoofing attacks). Really, really useful stuff if you are looking to map concepts to guidance detailing specific implementation.
More recently, they've added a few new patterns to the workspace. The latest offerings include patterns for Service Routing, Message Validation, Replay Detection and Exception Shielding. It's a work in progress, but so far the guidance has been very useful, especially as at the moment I'm in the market for patterns dealing with web service intermediation.
Check them out at the SO patterns workspace on GotDotNet.
