Research On Integrated Security Of Web Service Towards E-commerce System

Web Service technology applied in the e-commerce has become a popular research object in the IT industry since it can offer a new service-oriented distributed processing environment in which interior or exterior commerce colony can assemble various application services through web services and internet to establish new application services. Thanks to the characteristics of encapsulation, loosen-coupling, cross-platform, cross-language and high integration, Web Service can carry through seamless alternation without dependence on platform and language. With the development of criterion with increasing maturiry, the web service system can reduce the complexity of the integration of business operation and save expenses, which makes it a new model of e-commerce.However, compared with other distributed system like CORBA, DCOM and RMI, Web Service is not consummate in security. Since e-commerce is a commercial transaction activity through the network among individuals, enterprises, commercial organizations and bank, and all the transaction information is transferred by network, the confidentiality, integrality, usability and non-repudiation of information in trade must be ensured forcefully. In order to ensure customers to use the e-commerce platform freely, it is very important to make sure that the commercial information will not be stolen, changed, nor imitated. However, there hasn't been a consummate security mode of Web Service at present, so the research on security of Web Service is essential, which directly influences the living space of the web service technology in the domain of e-commerce.This paper begins with the safety of Web Service of the e-commerce system, and then the related technologies of Web Service and the password technology are discussed. The author next offers a deep insight into the security of Web Service. The paper mainly consists of the following aspects:(1) Technologies of XML and SOAP, technologies of encryption, signature, and security communication of XML.(2) Implementation of multi-encryption and multi-signature of XML to improve WS-Security.