Turnkey Security Models Description
AnonymousOverCertificate In this model, any anonymous client can achieve message-level encryption by using the server's public X.509 certificate.
Kerberos The client and the server use Kerberos tokens for message-level encryption and/or authentication. This solution requires a Kerberos Domain Controller (KDC) or a custom token provider.
MutualCertificate This model provides for authentication and message-level encryption through the exchange of a client X.509 certificate and a Server X.509 certificate.
UsernameOverTransport As the name suggests, authentication is done through a supplied username and password, and message-level security is implemented through SSL.
UsernameOverCertificate Like the UsernameOverTransport, a username and password are supplied for authentication, but an X.509 server certificate is used for message-level encryption instead of SSL.

Table 1 Choose a WSE 3.0 Turnkey Security Model.
The WSE 3.0 toolkit lets you use several out-of-the-box security solutions to simplify making your Web services more secure. For a more detailed listing, see the precompiled help documentation installed with WSE 3.0.