資源描述:
《(最新)安全web服務(wù)模型的研究與實現(xiàn)》由會員上傳分享,免費在線閱讀,更多相關(guān)內(nèi)容在行業(yè)資料-天天文庫。
1、息進行加密,從而在客戶機和服務(wù)器之間建立一個安全代理。它的特點是配置簡單,可以完全脫離事務(wù)處理,基本滿足了安全的幾個要求:機密性、授權(quán)、完整性、真實性、不可否認性。由于它可以完全獨立于事務(wù),且是一個完全基于開放源代碼的系統(tǒng),相對于基于WS一Security安全規(guī)范的復(fù)雜系統(tǒng)來說要簡便得多,可以利用來為一些簡單Web服務(wù)做安全保護。關(guān)鍵字:Web服務(wù)、SOAP,XML數(shù)字簽名、XML數(shù)字加密ResearchandImplementofSecurity-WebServiceModelMajor:ComputerApplicationTechnologyPostgra
2、duate:QiuShuxiongSupervisor:ProLLiZhishuWebServicetechnologyisincreasinglygivenatentioninITfieldtoday.ItisconsideredthatWebserviceistheintegrationofthenewgenerationapplicationandthewaytonewbusinessmode,andimportantapproachofcontactbetweencompanies.Butitisshowbyinvestigatingthatthesec
3、urityofWebservicehasbeenthehighestatentionofmanycompany.Andsecuremechanismofwebserviceisverycomplex,MostofWebservicemustuseverysimpleandguardwaytodeploy.ManylatentatackaimedatWebsiteisrelatewithWebserviceduetousingWebtechnologybyWebservice.ManyafairdataarecollectedinSOAPmessage,onacc
4、ountofconcisionisgotenbyusingXML,instructionanddatastructurecanbetransformintoreadableformat.Securityisgetingveryimportantforsimplyusingandtamperingwiththeunprotecteddatabyanyone.NowthethreefieldsthatneedsecureWebserviceis:identityvalidation/authorization,transportlayerand即plicationl
5、ayer.RelativetosecurityofWebservice,WS-SecuritySpecificationwasbroughtforwardbyIBM,MicrosoftandVeriSignetc.Itprovidemanysecuritymodelandencryptiontechnology.ButWS-SecuritySpecificationnowisindevelopingprocess,manycontentinitmustbestrengthen,atthesametimeitisexcessivelyheavyandcomplic
6、atedincommonlyWebserviceapplication.manyfunctioninWS-Securitynowcan'tbeuse,suchasroboticizedpolicyprotocoletc.thesefunctionhavenouseformostofcompany.Companyshoulddeploythesecuremechanismthatsuitablysatisfyitssecurerequirement.ThispaperpresentsasimpleSecuritymodelofWebservice,themodel
7、isoutofafair,TomakeuseofspecialtyofHandlertechnologyinSOAPmessage.SOAPmessageareencapsulated.Themodelcanprovideauthorization,XMLDigitalSignature,XMLDigitalEncryption.SecurityProxycanbefoundedbetweenclientandserver.Thespecialtiesofthemodelaresimple,easydeployingandbeingindependentofaf
8、air,themodel