| Web Services is a cross-platform technology which can be applied on the communication for point to point application programs. With the development of computing technology and information technology, Web Services is becoming more important to promote the Internet technology rapidly developing. Web Services has promoted the integration of distributed systems and heterogeneous systems. Web Services has been widely used in e-commerce and e-government and other fields. Emerging technologies, trend in a wide range of applications and the traditional security technologies can not be completely copied into the new areas, so the security of Web Services has become the focus of people's attention and developed many new standards to protect the security of Web Services.This article describes the Web services as well as traditional security technologies, knowledge, analysis of the contents of WS-Security specification and principles method. WS-Security contains a package of protocols about authentication, confidentiality and integrity to which provide a message-level security services. WS-Security specification is an open specification that can absorb different security techniques to Web Services security. Different with the SSL using all-channel encryption, WS-Security provides fine-grained security, more flexible and efficient. Different Web Services application platform, according to their own security needs, rely on WS-Security specifications to build the most suitable model of security protection.Based on the platform of zero yards in the Web services part of the actual situation of the specific security requirements, in the WS-Security based on the combination and the combination of role-based access control policy designed security model, to achieve the protection of Web services messaging full and confidentiality, as well as authentication and access control. |
PDF Full Text Request