| 基于WS-Security和角色访问控制的Web服务安全性研究 |
| |
| 引用本文: | 孙国刚,范学峰,刘卫国.基于WS-Security和角色访问控制的Web服务安全性研究[J].微计算机应用,2005,26(1):30-33. |
| |
| 作者姓名: | 孙国刚 范学峰 刘卫国 |
| |
| 作者单位: | 同济大学教育技术与计算中心,上海,200092 |
| |
| 摘 要: | 首先简要介绍了基于应用层和角色访问控制的Web服务安全的必要性,然后给出了一种基于WS-Security协议和角色访问控制的Web服务安全设计方案,最后给出了该方案在.NET下的部分实现。当Web服务有Soap的中介体参一与时,它需要的是端对端的消息安全,而传统的安全技术只能用来保护点对点的Web服务安全。为提供端对端的Web服务安全,在WS-Security协议和角色访问控制的基础上,本文提出了一种安全解决方案,并且给出了该方案在.NET下的部分实现。
|
| 关 键 词: | 角色访问控制 Web服务 WS-Security .NET 端对端 消息安全 应用层 协议 点对点 安全性研究 |
Web Service Security Research Based On WS-Security and RBAC |
| |
| SUN Guogang,FAN Xuefeng,LIU Weiguo.Web Service Security Research Based On WS-Security and RBAC[J].Microcomputer Applications,2005,26(1):30-33. |
| |
| Authors: | SUN Guogang FAN Xuefeng LIU Weiguo |
| |
| Abstract: | Firstly, this paper briefly introduces the necessity of Web Service security on application layer, then it describes one kind of web service security design based on ws - security and role-based access control, finally it put forward part realization of this design using . NET. When Soap intermediaries taking part in Web Services, it needs end to end security, whereas traditional secure technology can only provide Web Services point to point security. To Solve this problem, on the basis of WS-Security and RBAC, this paper describes a security solution and puts forward part im plemention of this solution using dotnet. |
| |
| Keywords: | RBAC WS-Security WS-SecurityPolicy WS-PolicyAttachment Soap ACL |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
