A Web service is a software system designed to support interoperable application-to-application interactions over the Internet. Recently, there has been a growing interest in Web service composition, and some languages (e.g., WSBPEL and BPML) for modeling the composition have been proposed. In this paper, we focus on security constraints of Web service composition with semantic Web support, which have not been deeply investigated so far. Based on our prior work, we present a method for modeling security constraints and a brokered architecture, which exploits the REI reasoner, to build composite Web services according to the specified security constraints.