| 基于SPKI的XML Web服务安全性分析 |
| |
| 引用本文: | 王茜,刘启滨.基于SPKI的XML Web服务安全性分析[J].计算机工程与设计,2006,27(9):1637-1639,1651. |
| |
| 作者姓名: | 王茜 刘启滨 |
| |
| 作者单位: | 重庆大学,计算机学院,重庆,400044 |
| |
| 摘 要: | 介绍了Web服务的安全性问题,分析了当前Web服务的安全模型和框架.特别对SOAP层的消息安全进行了重点介绍,包括XML加密和XML数字签名,阐述了SOAP安全扩展.介绍了WS-Security规范,在此基础上提议采用SPKI证书作为授权和身份验证的安全性令牌,具体阐述了SPKI安全令牌的结构和在Web服务中的使用优势.最后,形成了一个集XML安全、SOAP安全、UDDI安全和SPKI证书安全为一体的Web服务安全结构.
|
| 关 键 词: | XMLWeb服务 安全 授权 |
| 文章编号: | 1000-7024(2006)09-1637-03 |
| 收稿时间: | 2005-02-23 |
| 修稿时间: | 2005-02-23 |
Security analysis of XML web service based on SPKI |
| |
| WANG Qian,LIU Qi-bin.Security analysis of XML web service based on SPKI[J].Computer Engineering and Design,2006,27(9):1637-1639,1651. |
| |
| Authors: | WANG Qian LIU Qi-bin |
| |
| Affiliation: | School of Computer, Chongqing University, Chongqing 400044, China |
| |
| Abstract: | Security problems of web service are introduced, and current security model and frame of web service are analyzed. Especially, message security at SOAP layer is described importantly including XML encryption and XML digital signature, and security expansion on SOAP is also expressed. WS-security criterion is presented, and on this basis, SPKI certificate is advised to use as a security token for the authority and identity authentication, Then the structure of SPKI security token and the predominance of being used in the web service are put forward. At last, a security structure is formed, which is composed of XML security, SOAP security, UDDI security and SPKI certificate security. |
| |
| Keywords: | SOAP SPKI |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
