The concept is to make sure that the data was not tampered with in transit between the sender and the receiver. http://www.packtpub.com/files/oracle-web-services-manager-sample-chapter-6-%20digitally-signing-and-verifying-messages-in-web-services.pdf