Abstract: In today’s e-business era, organizations are more focusing on Web Services for system integration. Transactions of Web Service are done mainly through plain-text XML formats like SOAP and WSDL, altering them is not a big task. XML Signature and XML Encryption is one way to secure XML documents up to certain level as well as retain the documents structure. Web Service message security cannot be taken as granted. When implementing a web service message security one should know the life cycle of web services and how it is implemented. Also, XML Encryption is described in detail followed by XML Signature. Web services provide us Integrity, privacy, confidentiality, authentication which makes up the building block for web service security. In this, Web services message attacks are discussed and how they can be minimized using different techniques. Web services message security is utmost important in any enterprise application integration and if they are not looked upon seriously then they can bring massive disappointment to the company and to their data as well. We have conducted a survey on Web Service Message Security and our target audience was those people who have some knowledge about Web Services and based on their results we presented our analysis.