The Research Of Mechanisms For Data Exchange Platform Secure Communications Based On Web Service

Now, information of all industries has developed swiftly, but the development of many MIS has been lack for good planning and systematism, as the increase of the different enviroments, it becomes more and more difficult to share data and comes into being an"information isolated island". To be adapted to the enterprises' requirement, more and more application system is developed. More and more information can be acquired. At the same time, we take cognizance of the value of the data, but sometimes the resource can't be well used, data is put in different database, different systems separately, so it's hard to congregate them for analyzing and exhibiting, in the circumstances ,data integration brings out.The advance and development of the PDX Platform provide a good solution for exchanging and sharing data among the isomerous system. But at the same time, it brings tremendous challenge, for different information system. How to assure and maintenance the integration and confidentiality of the information,and how to achieve the cooperate with different systems are all the problems that the PDX Platform need to solve. In general, the security issue include identity authentication, accessing control, dadta confidentiality, data integrality and non-renounce. They are the foundation of the PDX Platform. We can achieve the data exchange and sharing authentically no other than solving thease problems.On the base of summing up the present security mechanism and security technology, combining with the security demands of the PDX Platform, the paper puts forward a security model based on SOAP .In extended SOAP model named RSEE, we use the third party certification framework based on public cipher system. In addition, we put forward a role-based access control model for Web Services (WS-RBAC). On the design and implementation mechanisms of this security model, the first presentation includes WSDL Generator, Web Services publishing tool and Certificate Server. Then, SOAPSecurity Toolkit, a core of this security model, is particularly presented. Finally, we carefeully discuss the design and implementation mechanisms of WS-RBAC model. Finally, through the development of the project, it validates that the security model fulfill the Platform's security demands.