Research On Agent-based Policy Aware Framework For Web Services Security

Web Services, which are issued in recent years, are a newly Web-oriented development and integration framework for distributed applications. Web Services represent more loosely-coupled distributed application architecture. And they provide an effective way for application to cooperate in an open environment. The systemic modality of the Web Services has changed from a traditional close, static and user acquainted environment to an open, public and dynamic environment. At the same time, the new modality of the software has broken the traditional security assumption. The characters of the Web Services, which are open, collaborative and distributed, are inconsistent with the demand of the system security, which are close, centralized and independent. To guarantee the Web Services normal operation, the access control of the Web Services is employed. Therefore, research on the framework-level security of the Web Services has practical significance.The dissertation aims to study many pivotal technologies in the Web Service security. The current security technologies of Web Services have three limits: one is the lack of flexible, extensible, and loosely-coupled. The other is the limit of the network adaptability and could not adjust according to the dynamic environment. As in open systems, Web Services environment and their own states are ever changing that need to deal with the dynamic characters such as states and behaviors. Three is the lack of the autonomous. Web Services themselves have no ability of interaction. And they can not adjust their own states and behaviors. Based on the above mentioned problems, many pivotal technologies in the Web Services security are discussed and an agent-based policy aware framework for Web Services security (APFWSS) is proposed. Following efforts are presented in this dissertation:①An agent-based policy aware framework for Web Services securityWe proposed an agent-based policy aware framework for Web Services security. With the policy concept, management mechanism and execution mechanism can be separated effectively. Also, by defining high level rules, it can control and adjust Web Services behaviors without terminating their execution and without modifying the related execution mechanism. Moreover, this framework includes context of user and Web Services that makes access control adapt to the changed environment. In addition, the conversation mechanism of agents gives Web Services autonomy and interaction ability.②The ReiT policy language and based on the rules and ontologiesIn APFWSS, the ReiT policy language is based on rules and ontologies. And ReiT is a declarative language that is flexible and extensible. The ReiT policy based on rules and ontologies can express the structural and non-structural knowledge. And it enriches the expression power more than the single one.③Mixer reasoning framework based on the rules and ontologiesAs the characters of the ReiT, we proposed a Mixer reasoning of rules and ontologies. With the mechanism, we make up a deficiency of expression ability of single rules or ontologies in founding knowledge base. And we illustrate an example to verify the validity of the model.④The policy aware BOID agent framework and management architectureIn APFWSS, the behaviors of the Web Services agent are restricted by the internal mental condition and exterior policies. We introduce a policy aware BOID agent framework. At the same time, we propose the policy aware BOID agent management architecture which is implemented by using the JADE platform.⑤The development of the Web Service Security platformA part implementation of the APFWSS is presented. With an instance, the access flow and the execution mechanism is implemented by Java EE are emphasized.