| The Web services technology is an important content in the application and development of current networks. It must also deeply affect the development of next generation of networks. Web services technology has characteristic of distributed computing and processing, and it providers more help to the rapid development and deployment of current electronic commerce systems. This desertion studies the outline of Web services security.Web services security has more development in foreign and place a more research. The related organizations and institutions also make many development. They have developed some Web services security standards based on Web services standards, and provided some reference implication. Web services security is based on the theory of encryption and PKI, compound many kinds of security technology and so can secure the application. To study and research this theory and standards, we can grasp the basic thinking about the current web services security. This desertion summarizes the basic encryption theory and the technology of PKI, and also summarizes some Java platform security which is the basic of other security. It also describes the framework of WS-Security.WS-Security security mechanism is mainly fulfilled by means of a further extension of SOAP message, due to the fact that SOAP is used in the transporting process of confidential information. Currently, XML encryption and XML digital signature is primarily used in the protection of XML documents. Hence, extension of SOAP message through the application of above two achieves a user-defined encryption and digital signature of SOAP message. This desertion develop a security web services based on the web services engineer named Axis provided by apache, compounding a tool named WSS4J provided also by apache. At last, it gives the test result and the shortcoming. |
PDF Full Text Request