| Web Services is a new platform which can establish the distribute application procedure to operate with each other, and an application procedure offering API that can be used by other application via the web. Web services being new generation distribute type technique, because its characteristic of loosen-coupling, cross-platform and cross-language, it has already received more likes and the supports of many business enterprises. Though Web services have many advantages, but also exists some weakness, for example the bad safety is its main weakness. Web services become this realm's main current technique increasingly, but the prior condition is to resolve its safety problem.WS- Security provides a set of safety mechanisms for the SOAP messages exchanging. WS-Security adopts the structure of the SOAP messages, and the safety provided is the safety expansion of the SOAP safety criterion. WS-Security criterion self did not provide a complete safe solution, just being a no-perfect criterion, it still need the further improvement.Now Web services technique is still placed in just the stage of the start, having a lot of related techniques that have become some hot-point research in IT industry, and the research of Web Services safety is an important hot point. Along with changing to the dynamic electronic commerce more and more strongly, the advantages of Web Services become to show more in each layer at the foundation of IT configuring. However, this kind of change wants to obtain the success, most of key is to establish a clear, complete and standard method to insure new with the complete, secret of the current electronic commerce property with safety.The safe model of Web Services has a lot, but now not an united standard, IBM and Microsoft suggested an relatively safe criterion of WS- Security, this criterion is to bases on the XML encryption and decryption solution. WS-Security is provide a set of safe mechanisms for a SOAP messages exchanging.WS- Security adopts the structure of SOAP messages, its safety is of expansion of SOAP safety. Stage in renewal being placed in continuously of this criterion, its safety is not perfect. Moreover, the safety system that in past Web service is based on encryption system and no symmetry encryption system, for using symmetry encryption system there is the problem of exchanging keys, and after using no symmetry encryption system the problem that password circularresolved, but realizing complication.This paper introduced the related technique in Web service and the password technique. In this paper, With the safety of Web Services highly, the author probes into the related technique in Web service and the password technique, and deeply studying the safety of Web service; With the technology of XML and SOAP, the author discuss XML safety criterion and SOAP safety criterion in detail, and have made some effecting improvement of WS-Security theoretically. And developped an all new safe passage and its application -Internet Booking System.
|
PDF Full Text Request