(最新)安全web服务模型的研究与实现

《(最新)安全web服务模型的研究与实现》由会员上传分享，免费在线阅读，更多相关内容在行业资料-天天文库。

1、息进行加密，从而在客户机和服务器之间建立一个安全代理。它的特点是配置简单，可以完全脱离事务处理，基本满足了安全的几个要求:机密性、授权、完整性、真实性、不可否认性。由于它可以完全独立于事务，且是一个完全基于开放源代码的系统，相对于基于WS一Security安全规范的复杂系统来说要简便得多，可以利用来为一些简单Web服务做安全保护。关键字:Web服务、SOAP,XML数字签名、XML数字加密ResearchandImplementofSecurity-WebServiceModelMajor:ComputerApplicationTechnologyPostgra

2、duate:QiuShuxiongSupervisor:ProLLiZhishuWebServicetechnologyisincreasinglygivenatentioninITfieldtoday.ItisconsideredthatWebserviceistheintegrationofthenewgenerationapplicationandthewaytonewbusinessmode,andimportantapproachofcontactbetweencompanies.Butitisshowbyinvestigatingthatthesec

3、urityofWebservicehasbeenthehighestatentionofmanycompany.Andsecuremechanismofwebserviceisverycomplex,MostofWebservicemustuseverysimpleandguardwaytodeploy.ManylatentatackaimedatWebsiteisrelatewithWebserviceduetousingWebtechnologybyWebservice.ManyafairdataarecollectedinSOAPmessage,onacc

4、ountofconcisionisgotenbyusingXML,instructionanddatastructurecanbetransformintoreadableformat.Securityisgetingveryimportantforsimplyusingandtamperingwiththeunprotecteddatabyanyone.NowthethreefieldsthatneedsecureWebserviceis:identityvalidation/authorization,transportlayerand即plicationl

5、ayer.RelativetosecurityofWebservice,WS-SecuritySpecificationwasbroughtforwardbyIBM,MicrosoftandVeriSignetc.Itprovidemanysecuritymodelandencryptiontechnology.ButWS-SecuritySpecificationnowisindevelopingprocess,manycontentinitmustbestrengthen,atthesametimeitisexcessivelyheavyandcomplic

6、atedincommonlyWebserviceapplication.manyfunctioninWS-Securitynowcan'tbeuse,suchasroboticizedpolicyprotocoletc.thesefunctionhavenouseformostofcompany.Companyshoulddeploythesecuremechanismthatsuitablysatisfyitssecurerequirement.ThispaperpresentsasimpleSecuritymodelofWebservice,themodel

7、isoutofafair,TomakeuseofspecialtyofHandlertechnologyinSOAPmessage.SOAPmessageareencapsulated.Themodelcanprovideauthorization,XMLDigitalSignature,XMLDigitalEncryption.SecurityProxycanbefoundedbetweenclientandserver.Thespecialtiesofthemodelaresimple,easydeployingandbeingindependentofaf

8、air,themodel