http://www.theserverside.net/tt/articles/showarticle.tss?id=WCFSecurityLearningGuide&asrc=EM_NLN_1854092&uid=2484565
WCF Security Information
WCF Security Terminology
Security Briefs: Security in Windows Communication Foundation
Programming WCF Security
WCF Security Features
Security Overview
Security Concepts
Common Security Scenarios
Bindings and Security
Securing Services and Clients
Authentication
Authorization
Federation and Issued Tokens
Auditing Security Events
Security Guidance and Best Practices
WCF Security Articles
The Claims-Based Security Model Part 1 (Michele Leroux Bustamante)
Securing your WCF service (Willian Tay)
Warning: XSS attack in PDF URLs (Ted Neward)
Getting the Client Identity (Nicholas Allen)
Transport Encryption and Signing (Nicholas Allen)
Amplified Flooding Attacks (Nicholas Allen)
Disabling Security Timestamps (Nicholas Allen)
Securing Custom Headers, Version 1 (Nicholas Allen)
Securing Custom Headers, Version 2 (Nicholas Allen)
Asymmetric tokens and Mixed-Mode Security (Govind Ramanathan)
HTTP/POX Programming Basics (Steve Maine)
Partial Trust support for WCF in Orcas (Steve Maine)
Code for custom Encoder Binding Elements (Kenny Wolf)
WCF: Security Sessions and Service Throttling (Matevz Gacnik)
WCF Security Webcasts
Choosing the right Authentication and Authorization in Windows Communication Foundation: Part One
Choosing the right Authentication and Authorization in Windows Communication Foundation: Part Two
Indigo Security in a Nutshell
WCF Demos and Downloads
Test Windows Communication Foundation using Microsoft Virtual Labs
WCF Overviews, Demos and Downloads
WCF Security Extensions