| 基于Web Service的安全业务体系结构的设计 |
| |
| 引用本文: | 杨怀洲,李增智.基于Web Service的安全业务体系结构的设计[J].计算机工程,2005,31(20):146-148,158. |
| |
| 作者姓名: | 杨怀洲 李增智 |
| |
| 作者单位: | 西安交通大学计算机系统结构与网络研究所,西安710049 |
| |
| 基金项目: | 国家自然科学基金资助项目(90304006) |
| |
| 摘 要: | 综合应用了Web Service安全标准,混合使用了浏览器到服务器和重写基本任务模块两种应用模式,利用插件服务方法设计了基于Web Services的安全业务体系结构原型,实现了加密、数字签名、授权和验证等方面的安全性。系统采用基于角色的访问控制RBAC实现访问控制策略,基于SAML标准实现认证和授权,利用XML加密和XML数字签名实现SOAP消息和XML文档的加密与签名。
|
| 关 键 词: | Web Service 安全业务体系结构 安全原型 可插入服务 |
| 文章编号: | 1000-3428(2005)20-0146-03 |
| 收稿时间: | 2004-09-06 |
| 修稿时间: | 2004-09-06 |
Design of Security Service Infrastructure Based on Web Service |
| |
| YANG Huaizhou, LI Zengzhi.Design of Security Service Infrastructure Based on Web Service[J].Computer Engineering,2005,31(20):146-148,158. |
| |
| Authors: | YANG Huaizhou LI Zengzhi |
| |
| Abstract: | By the aid of plug-in service,a security service infrastructure prototype is designed based on Web service via exiting XML-based security standards in two application patterns,the browser to server pattern and the rewriting essential task module pattern,which facilitates the security in the aspects of encryption,digital signature,authorization and authentication.In the prototype system,role based access control(RBAC) is used to realize security policies,authorization and authentication functions are designed mainly on security assertion markup language(SAML),XML encryption and signature facilitate the basis security capabilities in SOAP message and XML documents. |
| |
| Keywords: | Web Service Security service infrastructure Security prototype Plug-in service |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
