Service ecosystems provide distributed evolutionary capabilities allowing services to recombine and evolve in sustainable environments. Web services play a crucial role in service ecosystems since they support interoperable machine-to-machine interactions and help in developing new services from existing services by using a variety of composition languages. Business Process Execution Language (BPEL) has recently emerged as the de-facto standard for Web service composition. From the security perspective, Web service providers may require different authentication mechanisms to securely invoke their services. The integration of different authentication mechanisms complicates the global authentication scheme of BPEL-based processes and raises a challenge in adopting BPEL in service ecosystems. In this work, we propose the Security Service concept to define activity single sign-on (ASSO) for federated identify-based authentication. The Security Service allows the integration of heterogeneous authentication mechanisms in the context of multiple service providers. We also extend the <invoke> activity to ensure non-intrusive extension of BPEL language and implement the Security Service in a peer-to-peer network.