It goes without saying that security should play a large role anytime sensitive data is transmitted from one location to another. In a distributed environment, the importance of sending and securing messages cannot be overstated. Communication between the sender and receiver should be protected against so that only authorized parties can access it and each involved party can be confident of the communication's integrity. On a daily basis, most of us lock a door of some sort or other. Moreover, we live in an increasingly digital time where many assets exist in a digital form. Why should we be any more cavalier about securing them than we are about any other asset? Or take the common "he said, she said" phenomenon, when one party claims another party said something the latter party denies. How much time has been wasted by people trying to figure out who's telling the truth (or if either party is telling the truth)?

As you have surely gathered by now, Windows Communication Foundation allows for the communication of messages over many protocols, and the need for securing this communication is great. The whole mantra of Windows Communication Foundation is the ability to reliably, efficiently, and securely communicate SOAP messages over a large number of supported protocols.

This chapter discusses the different security aspects of Windows Communication Foundation and how to take advantage of them. Security is a huge topic, but this chapter focuses on message security ...