| The open Internet application, together with the service-oriented computing, leads to great changes of Internet-based software system in main shape, production mode and occupation mode under Internet environment. Software service and software service coordination represented by Web service have become a new Web application shape, and how to ensure Web service security is of great importance both in dynamic e-business and in the implementation of cross-organization business integration. However, the current Web service security has problems in secure communication and access control, which are challenges in the field of service-oriented computing. Facing these challenges, this dissertation firstly deeply studies a concept of Web service security and structures an application secuirty hierarchy of Web service. Then, an extended Web services security architecture model, WsSF (Web Service Security Framework), is established based on WS-security specification and RBAC model. Finally, this dissertation gives a performance evluation of these security mechanisms implemented in Web service container and proves the feasibility and validity of WsSF framework. Main works of the dissertation are as follows:(1) For Web services secure communication, the dissertation puts forward a flexibile and extensible Web service security framework called WsSF, which guarantees end-to-end SOAP message security at application layer. For the limitation of existing authentication method (e.g. X.509), the dissertation introduces MAC mechanism to Web services communication, which helps to implement session-level Web services secure communication.(2) For Web services access control, the dissertation chooses RBAC model as a basic model to solve the problem of access control of Web services. Then, it presents WS-BAC (Web services-based access control) model and constructs the mapping from Web services-based access model to XACML language. Combined with WsSF framework, WS-BAC model can control Web services efficiency.(3) For clear clarification of Web services security' functions in typical Web services application modes, the dissertation puts forward a layered architecture of Web service container and then analyizes its secure requirements. As for the responsibility chain of WebsCon (Web services container), some secure mechanisms (including Web services secure communication and access control) are designed and implemented by using some handlers. By an performance... |
PDF Full Text Request