Research Of Security Mechanism On Web Services Application

Web Services is completely service-oriented technology architecture for distributed applications, and it has been widely used in various areas of the application system development with its excellent scalability, low coupling and platform independence. But its existing security mechanisms mainly focus on the security model and security technology, so it is not perfect enough to ensure the overall application-level Web Services security. Therefore, the security of Web Services has important theoretical and applied value, and in this context this paper is to extend and optimize the existing security mechanisms, and then propose a general security mechanism model of Web Services to strengthen the security of Web services as a whole. The research work and innovations are as follows.Firstly, this paper conducts in-depth research and analysis on the Web Services architecture and its existing security mechanisms. There is a comprehensive introduction to Web Services architecture and its core technical specifications SOAP, WSDL and UDDI, and this paper conducts the research on the existing security and WS-Security specification of Web Services, from the data integrity, confidentiality and authentication summarizes its security vulnerabilities.In the mastery of the existing security mechanism and its vulnerabilities of Web Services, based on the security requirements in the distributed applications, this paper analyzes the security problems which must be resolved in the process of building the distributed applications. To resolve these problems, this paper expands and optimizes the WS-Security security specifications, and proposes a security mechanism model which can satisfy the security needs of the distributed applications. The security mechanism model includes five aspects. The first is to design the safety of the network structure which can provides safe, reliable environment for system operation. The second is essential expansion and optimization for WS-Security standard, through which the security mechanism model can realize multi-encryption and multi-signature. Based on the optimized WS-Security, the security mechanism model realizes the SOAP message encryption and authentication in both directions with the combination of X.509 and password licensing. The forth is to encapsulate the user password information into SOAP header in order to achieve the user's session verification. The last is the role authorization mechanism, which sets three sub-roles between the roles and system privileges to link every user and system permissions, so it can lower the complexity of the roles and system authority.In the next part, the security mechanism model was achieved based on the combination of a subsystem instance of the Electric System Architecture and the implementation techniques of Web Services (Apache CXF). In order to verify the effectiveness of the security mechanism, this paper conducts the effectiveness testing of the modules related to the security of the system instance and the performance comparison testing through the deployment of appropriate Web services without security measures, which both further validate the security mechanism model is fully effective and feasible in the distributed applications.Finally, this paper summarizes the proposed security mechanism model of Web Services, and brings forward the future research plans.