Web services use tokens provided by the WS-Security standard to implement
security protocols. We propose several extensions to the WS-Security standard,
including name types, key and random number extensions. The extensions are used
to implement existing protocols such as ISO9798, Kerberos or BAN-Lowe. The
advantages of using these implementations rather than the existing, binary
ones, are inherited from the advantages of using Web service technologies, such
as extensibility and end-to-end security across multiple environments that do
not support a connection-based communication.