Communication Security Model Oriented To Web Services

Web services is a standards-based application integration approach, allowing the client to use different services it provides. Web services have been widely accepted by the industry to solve complex problems for users as well as distributed computing and systems across multiple platforms and distributed process. The safety will be applied to Web service and to be between the Web services, or in Web services and the establishment of trust relationships between consumers, will face new challenges, some of which do not pass the safety of traditional methods and techniques to solve. This paper will explore in depth the structure of Web services, security, communications security threats, as well as strategies to help build the Communication Security Model Oriented to Web Services,providing point-to-point security. In order to build the Communication Security Model Oriented to Web Services, we must integrate the security technology of the currently available and the continuous development of the XML security standards and the technology. In this paper, communication security model built with a combination of Web services security (such as message-level security and transport-level security) related to the application of standards and technologies, as well as the safety of a specific process (such as authentication, access control, rules and trust). The use of standards-based on the point-to-point communications security model to ensure the integrity of Web services, confidentiality and security.The model using a single entry point for all inbound and outbound XML messages focus on the implementation of security checks. The import packages the access to the endpoint of all the objectives of service to the Web Services Providers, message interceptor is a gateway controller, the use of identity and access management infrastructure for XML data streams and focus on the implementation of access control security mechanism. To intercept the SOAP / XML message stream to the message checker for safety inspection, by ensuring that communication channels between service endpoint security, to ensure that XML data flow outbound security. In this paper, insert a message through the chain to act as information processors, checker, message processor chain contains a series of Web services for the implementation of message-level security operations, information processing chain including the four basic processor: log processor, Certified processors, authorized processor, abnormal processor. These operations, including checking the user identity, authentication information with the standards, verify signatures, encryption and decryption of data, check the time stamp, related news, analysis XML, element-level inspection data, auditing and logging, exception handling and so on.