I am looking for information on how to secure web services applications. I am wondering, in particular, if typical SSL is sufficient and, if so, how to properly implement it for web services.

If SSL won't fit the bill, what should I be looking at?

Any articles, product recommendations, etc. would be greatly appreciated, especially from someone who has successfully done this sort of thing ..

Thanks