This question might be better suited to Stack Overflow.
SSL is not vulnerable to MITM, unless the client machine has malicious root CA certificates installed (in which case you can't do anything at all as you might as well assume that the entire client is compromised). If you get a certificate from a proper CA like Verisign you will be assured that any communications with your server will be secure (except in academic situations like quantum computing). If you use an encrypted channel during the authentication phase you can use whatever serialization/communication paradigm you want (REST, Protobuf, etc.).
In other words all you need to do at the end of the day is make sure that the passwords are salted and hashed in your DB, preferably double-salted so that your client 'remember password' functionality can store a salted hash on the hard-drive; instead of a clear-text password.
Alternatively you could look into:
- SRP which doesn't need to occur over a secure medium.
- Mutually-authenticated TLS/SSL (using a client certificate). The nice thing with this is that it enables offline (LAN) scenarios as clients can authenticate with each-other without the presence of your authentication server.
WS-Security is primarily geared toward federated services, i.e. cross-enterprise, (as are most of the WS-I extensions) - which is probably not a concern for you. At any rate the WS-Security has the associated overhead of SOAP (and the underlying frameworks/marshalling needed to handle SOAP calls). SOAP is a very heavy protocol and is probably an very poor choice for game development. I would avoid this entirely.
