The amount of data in the enterprise being exposed as xml via web service interfaces is rapidly expanding across IT infrastructures of the Fortune 500. Traditional approaches to dealing with the security issues of data do not always directly apply to service oriented architectures, and have since driven the need for development of new approaches to address this challenge. Composite Software has developed infrastructure software that provides for the ability to execute federated queries across structured and semi-structured data across the enterprise in a high-performance manner as well as deal with these new security challenges. In the process of developing the technology, numerous challenges were encountered in the area of managing various elements of security across these distributed datasources which included web services. In this discussion, we will review several use cases that drove our r&d efforts in the area of distributed entitlement and review the emerging web service security standards from OASIS and W3C. Finally, we will review our current areas of research of applying some of these principles to a grid deployment of the technology and what new security issues arise in this distributed architecture.