摘要
SOAP/XML可以自定义标记,能跨越不同的平面,给W eb服务增加安全隐患。为了消除这一隐患,通过利用SOAP消息头,提出了SOAP的安全扩充模型,并提出了采用SOAP安全工具包实现安全模型功能的基本方法。针对权限设置等设计了一个W eb服务访问控制器,将那些无权限的请求去掉。通过对SOAP消息的安全扩充和访问控制处理,提高了W eb服务的健壮性,完善了W eb服务协议栈的架构。
SOAP (Simple object access protocal)/XML ( tains many self-defined tags can be transferred over different Extensible markup language) that conplatforms and leads to sccurity problems in Web services. In order to solve the problem, a secure model of SOAP is presented by use of SOAP header, and a SOAP secure kit is developed for implementation of the model' s functions. A controller of Web services is introduced for permissions. Some requests without permission are cancelled with the controller. With secure extension and access control of SOAP messages, web services are of robusticity and their framework is enhanced.
出处
《南京理工大学学报》
EI
CAS
CSCD
北大核心
2007年第1期66-70,共5页
Journal of Nanjing University of Science and Technology
基金
江苏省教育基金(04KJB520077)
关键词
WEB服务
消息传递
安全通讯
SOAP协议
Web services
message passing
secure communication
simple object access protocol