Study On Web Service Applying Security Structure

With the development and application of the Web service technology, distributed technology and application based Web have been an important direction. Web service SOAP message security communication must be guaranteed in the application layer, however, existing solutions such as SSL/TLS do not adopt to protect message in the application layer. In allusion to the characteristic of web service application schema, this paper study the security of web service applying and propose a security structure based SPKI authorization identity mechanism. This security structure is a supplement to existing web service security architecture. Owing to it is light-weight solution, it is fit for exchanging data between middle and small enterprise or organization. The security structure in this paper has many characteristic contrasting to other system: â‘ light-weight security mode. The security mode based SPKI in the system is distributed and web service is distributed too, simultaneity, data exchange is distributed, so it is right to adopt distributed authorization mechanism for identity. SPKI is a sort of distributed authorization mechanism, which combines authorization certificate and name certificate to realize identity validation and authorization management. â‘¡much better security performance. SPKI is used distributed access control, allow entity has different right on different resource. The authorization can be defined freely in the SPKI certificate, and entity can obtain access right by submitting SPKI certificate. SPKI mechanism makes the design of the applying system more flexible. Security structure in this paper belongs to application layer Security. We expand XML security technology and form a new security procedure from enterprise actuality. Encapsulating the identity function and authorization function in the SOAP header to construct a SOAP message by analyzing the parsing and validating procedure of SOAP engine processing SOAP message. Encapsulating XML security, SOAP security and SPKI certificate security in the SOAP message by making use of characteristic of penetrating firewall of web service. Designing experiment system based web service security structure proposed in the paper and simulating actualizing procedure of SPKI certificate. At last, analyzing and summarize web service security structure based SPKI, analyzing performance of SPKI security structure. Indicating some problem in WS-Security. Web service will be used widely by the amalgamation of different technology in all layers...