The document proposes an agent-based architecture for secure web service discovery. It evaluates using agents to negotiate a mutually acceptable security policy between a service consumer and provider based on their security requirements. The architecture includes a discovery agent that finds services matching a consumer's criteria. A security agent describes the provider's security needs. The process involves the consumer and provider combining their security policies and the discovery agent returning matched services. The document evaluates the architecture using the ATAM method, identifying quality attributes, risks, and tradeoffs.