Security on the Internet takes many forms. In the context of RESTful web services and this book, we are only interested in two forms of security: firstly, securing access to web services; secondly, accessing web services on behalf of our users.
What we accomplish with securing web services is the calculated control of resources. Even though most web services are publicly available, we still need to control data access and traffic throughput. We can do both by restricting access through subscription accounts. For example, Google's web service API limited the number of queries a registered user could execute daily. Similarly, many other API vendors restrict the access of their APIs.
Security has two essential elements: authentication and authorization.