The Research And Implementation Of Security Configuration Tool Based On WS-Security In Multi-party Collaboration Application

The application of Multi-party Collaboration involves cooperation and interaction among several parts and systems, and a complete business process may also involves a number of sub-processes, as a consequence of which, the process of international trading is very complicated. Currently, The application of Multi-party Collaboration are based on SOA technology like Web Service, while the stacking is based on XML and SOAP protocols. Web Services are autonomous, loosely coupled, which are open to several trading-related parts. Then, the adoption of SOA technology suggests that objects on the internet can easily get access to theses service interface, which may be an illegal access. Therefore, security is the first consideration in application of Multi-party Collaboration.To guarantee the security in trading cooperation is to ensure the safety of joined Web Services. Current web security mechanisms, such as SSL, Https, cannot meet demands. But WS-Security provides an extensible framework, which enable users freely combine Web Service protocols, application layer protocols with various encryption technology and security models. Then realize message integrity, confidentiality and authentication under the Web Service environment by embedding security mechanisms, like XML signature, XML encryption and security tokens, in SOAP message. The current security configuration tool based on WS-Security provides infrastructures of Web Service Security technically. However, the configuration of these tools is so complicated that requires users to have rich security knowledge; meanwhile during the configuration of security policies, users are not able to figure out the context of practical business process. Therefore, this paper proposes a security policy model combined with business process, and implements its corresponding configuration tool using GMF. With the help of this tool, business users can configure Web Service security policy based on predefined security policy model within a visual business process, and then the security policies are converted to WS-Security Policy documents and dispatched to WS-Security policy engines like Rampart.