摘要
研究了Web服务的安全性,介绍了Web服务的安全性需求,分析了现有安全技术保护Web服务存在的缺点和不足,在此基础上引出了WS-Security规范,并对此规范进行阐述,进而提出了一个Web服务安全性的实现方案,使用WS-Security和其它配合工具在SOAP消息中嵌入安全机制,以解决WS-Security所涉及的3个方面问题,即身份验证、签名、加密。最后使用WSE进行了实现。
The web services security is studied. This requirement of web services security is introduced, the deficiencies and shortcomings of web services security are analyzed, and then specification of WS-security is educed. In addition this specification is explained, a project of web services security is brought forward, which embeds safe mechanism in SOAP message with WS-security and other tools to solved three problems of WS-security, which is authentication signature and encryption. Finally the project is realized with WSE.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第18期4366-4369,共4页
Computer Engineering and Design
基金
河南省普通科技攻关基金项目(0424220023)。
关键词
WEB服务
WEB服务安全
认证
加密
签名
web services
web services security
authentication
encryption
signature