System and method for secure web service using double enforcement of user authentication

A system and a method for securing a web service by using double enforcement of user authentication are provided to use safe and more effective web services by doing key exchange and user authentication at once without any special transmission policy. A system for securing web service using double enforcement of user authentication included a client, a security management web service server(200) and a web service server(300). The client offers user authentication information to the security management web service server after the first encryption of the user authentication information with a public key and the second encryption of the first encrypted user authentication information with a random matching key. The security management web service server offers the public key to the client. The security management web service server authenticates users by the second decryption with a private key after the first decryption of the encrypted user authentication information offered from the client with the random matching key offered from the client. The web service server encrypts a web service message exchanged with the client with the random matching key offered from the security management web service server when users request a web service.