Web Service Security Research Based On Java EE

Since the network technology invention, the network technology has obtained the swift and violent development, particularly after century 90's, Internet in global detonation type is growing. Under this premise, the electronic commerce arises at the historic moment. Is opposite internationally to say. our country information degree is much lower. But our country's electronic commerce development is very quick. The electronic commerce development and the Web service is closely linked. SUN Corporation's Java EE platform is one of Web service main platforms. Java EE platform is Java development platform which SUN Corporation developed, and the before edition is J2EE.The Web service may be understood as a set of standard collections, and it is XML and the HTTP protocol union. XML is the Web service foundation, and formulates by the W3C organization. The simplest understanding of the Web service standard is that transmits the XML data through the HTTP protocol on Web. These two foundational standards also have the different combination to form several kinds of related protocol and standard, for example: SOAP, UDDI and so on. These correlations standards all are the subsets of Web service standard.Along with the Web service technology development, a difficult problem which the Web service system faces is day by day the complex safety control. Also gradually becomes the mainstream of the enterprise distributional application system based on the Java EE to apply the development. While people develop and use the Web service system, also face many questions or the challenges, most essential question of which is the system security.This paper precisely studies the Web service under this situation. First proposed security overhead construction from the overall system, mainly in principle does analyze the security from the overall the necessity and realizes, including from equipment safety control, network security, systematic security and data security, as well as network transmission security and so on security technology.The paper continues to introduce the Web service safety requirement achieved the request, and analyzes the Web service concrete security technology, the identification authentication and authorized, based on the role access control, the data encryption and the digital signature. Paper discusses the Web service security technology, in particularly about elliptic curve encryption algorithm.The paper realizes a safe Web service system, establishing a highly effective security system is an important measure of increasing the bank competitive ability. Therefore, needs to found a network banking system online, and founds Web for it to serve, realizes the certain security rank. The bank basic request is the operational channel security, the request must be able to guarantee the customer and the bank benefit cannot be threatened. So sign with the XML encryption security technology.Finally summarizes about the Web service security technology, and foresees the electronic commerce perspective.