|Transport Level Security||Message Level Security|
|Secures point to point communication.
E.g: Your browser to Apache server
|Secures end to end to end communication.
E.g. Sales Order Request application to Database updating application
|Not transparent thorough multiple transport protocols,||Transparent through any number of transports since it is handled at an above layer|
|Cannot specify different part of the message to secured idifferently||Can specify which part to sign, which part to encrypt in the message, Specially useful when you have a large message and you really want to secure a small portion.|
|Relatively easy to attack.||Relatively difficult to attack. Since the unsecured path in the message flow is minimum,|
|In Web Services we found this is followed by transmitting SOAP over HTTPS.||In Web Services you can follow message level security by adhering to WS-Security specification.|
You can find a descriptive post about the Transport Level security vs Message Level Security on http://www.xyzws.com/scdjws.do?cat=scdjws&smenu=WSGEN&article=4.