| Along with the explosive growth of the Internet, E-commerce has strongly developed.For the reason of the shortage of the traditional distributed computing model ininteroperability, it is difficult to make full use of the resource and data that shared in theInternet. The XML based web service is a possible solution to this problem. It is looselycoupled, independent from platform and programming language, capable of interoperability,and provides an open distributed system that any enterprise and any person in anywhere canmake all kinds of business activities with. But, if want to turn web service into practicality, there are many problems. Security isone of the main obstacles. As web service is running in the open environment of Internetand the kernel technologies of web services such as SOAP, WSDL, UDDI does not directlyprovide security mechanisms that are necessary to give protection to the asset of e-businessenterprise. Without good security, web services will never reach their potential. As the secure communication is an important aspect of the problem of Web servicessecurity, a security model called SecWS is provided as a solution. In this model, messagelevel protection for SOAP communication is offered through encryption and digitalsignature that conform to web services security specifications such as WS-Security, XMLEncryption and XML Signature. As well as making security integration easily, it isunnecessary for other entities of the system to have its own security oriented mechanismsand modules by integrating security processing mechanism into a web service. As the kernel component of the SecWS security model, the SecWS service is developedon .NET platform and Web Services Enhancements for Microsoft .NET (WSE). By usingpipe and filter technology, SOAP messages can be encrypted and digital signed according tothe security specifications. Through this SecWS service, the secure SOAP communicationcan be finally realized.
|
PDF Full Text Request