I am in process of deploying a commercial solution that uses webservices over HTTP as the primary mechanism of interaction between client and server. Is there a writeup available somewhere which can guide me on the steps that I could to make sure that security issues are taken care of in such an installation.