A Logical Model for Security of Web Services