基于SPKI的XML Web服务安全性分析

介绍了Web服务的安全性问题,分析了当前Web服务的安全模型和框架.特别对SOAP层的消息安全进行了重点介绍,包括XML加密和XML数字签名,阐述了SOAP安全扩展.介绍了WS-Security规范,在此基础上提议采用SPKI证书作为授权和身份验证的安全性令牌,具体阐述了SPKI安全令牌的结构和在Web服务中的使用优势.最后,形成了一个集XML安全、SOAP安全、UDDI安全和SPKI证书安全为一体的Web服务安全结构.     

基于面向服务架构体系的WEB组合技术应用研究

Web服务是基于XML和HTTPS的一种服务,其通信协议主要基于简单对象访问协议(SOAP),服务的描述通过WSDL、UD-DI来发现和获得服务的元数据。Web服务建好以后,SOAP提供了标准的RPC方法来调用Web service,并意味着下面的Webservice是以对象的方式表示的。SOAP规范定义了SOAP消息的格式,以及怎样通过HTTP协议来使用SOAP。该文基于此,对面向服务架构体系的WEB组合技术应用进行了初步研究。     

Developing Web services for C and C++

gSOAP is a platform-independent development environment for deploying efficient SOAP/XML Web services in C and C++.We implemented the traditional remote procedure calling (RPC stub-skeleton design for gSOAP, producing the RPC stub and skeleton routines for Web service applications at compile time. The RPC stub and skeleton routines are precompiled, which speeds encoding and decoding at runtime. The skeleton routines expose a C and C++ application as a Web service on the Internet and are responsible for binding SOAP/XML request and response messages to the application at runtime.     

用XML签名及SOAP信息头实现安全Web服务

针对Web服务领域在安全方面存在的问题，分析了Web服务安全解决方案的现状，描述了XML签名语法及其处理过程，结合实例阐述了XML签名语法在提高Web服务的安全性上的优越性，并探讨了SOAP(简单对象访问协议)信息头在创建安全Web服务中的作用。     

SOA架构下的强制访问控制模型研究与实现

采用Web Service技术,以TOMCAT为平台构建了一个包含服务提供者、服务使用者及服务注册中心的SOA原型系统。基于BLP模型提出了一种SOA架构下的强制访问控制模型,使用多级安全策略,结合XML加密/解密、SOAP扩展等安全技术,提出并设计了客户端安全代理和XML安全代理网关两个功能模块,将系统的控制点前移,对服务资源及使用者进行细粒度的访问控制,能够很好地满足SOA的安全特性。     

Redundancy-aware SOAP messages compression and aggregation for enhanced performance

Many organizations around the world have started to adopt Web services as well as server farms and clouds hosted by large enterprise and data centers for various applications. Web Services offer several advantages over other communication technologies. However, they have high latency and often suffer from congestion and bottlenecks due to the massive load generated by web service requests from large numbers of end users. SOAP (Simple Object Access Protocol) is the basic XML-based communication protocol of Web services. XML is a verbose encoding language in comparison with other technologies such CORBA and RMI. In this paper, two new redundancy-aware SOAP Web message aggregation models - Two-bit and One-bit XML status tree - are proposed to enable the Web servers to aggregate SOAP responses and send them back as one compact aggregated message in order to reduce the required bandwidth, latency, and improve the overall performance of Web services. XML message compressibility, the Jaccard based clustering technique, and the vector space model are three similarity measurements that are proposed to cluster SOAP messages as groups based on their similarity degree. The clustering based similarity measurements enable the aggregation techniques to potentially reduce the required network traffic by minimizing the overall size of the messages. The experiments show significant performance for both aggregation techniques achieving compression ratios as high as 25 for aggregated SOAP messages.     

Securing SOAP e-services

Remote service invocation via HTTP and XML promises to become an important component of the Internet infrastructure. Work is ongoing in the W3C XML Protocol Working Group to define a common standard, and solutions like SOAP and XML-RPC are already used in a few situations, demonstrating the potential. However, no standard technique for access control security is currently defined for these protocols. In this paper, we propose an approach that relies on the XML structure of SOAP requests to support fine-grained authorizations at the level of individual XML elements and attributes that comprise a SOAP call. The result is a simple yet general technique to specify and enforce fine-grained access control for e-services. Published online: 13 November 2001     

基于Web服务的房地产短信平台的设计与实现

Web服务这一当前最有价值且较新的分布式应用技术越来越受到广泛的关注.分析介绍了Web服务的含义、特点、体系结构以及安全性,并对其核心技术SOAP、WSDL和UDDI进行了探讨与研究.利用Web服务的跨平台可互操作性构建了一个分布式的房地产短信平台,该平台服务器通过XML技术和通讯运营商这种异构平台之间进行频繁地数据交换.最后给出了该短信平台的具体设计和实现方法.     

移动电子政务平台中安全Web服务的研究

在移动电子政务平台中,使用Webservice是常见的部署方案,web服务是自包含、自描述、模块化的应用,可以通过Web调用它部署的服务,但要求慎重考虑安全性,Web服务使用SOAP协议进行消息传送,SOAP以XML格式在信道中传输,存在信息泄露的风险,传送敏感数据时一定要加密。为解决安全性问题提出一种基于．NET平台的解决方案,使用Web服务时,通过授权的用户经过身份验证可以访问网络信息,客户端在登录时,先获取服务端的公钥,再与服务端协商出用于SOAP消息加密用的非对称密钥与对称密钥,并获取加密后的SessionID,利用SOAP头实现身份验证,利用SOAP扩展实现SOAP消息的选择性加密,使移动电子政务安全性得到保障。