| With the widespread of Internet, more functions are required by Internet. Traditional Internet distributions have not met the requirements, so Web Services are revealed to solve the problem. The differences between Web Services and the traditional net-distribution model are that the traditional object-oriented model based component has the independent object-oriented protocol, but Web Services can use the common internet protocol such as HTTP and SOAP, and so solve the communication problems brought by different model protocols .Therefore, Can Web Services span different languages and models, providing better services for users.But because of more and more application of Web Services, An issue has to be discussed about its security. It is an important question to how to deal with Web Services information's security. So, A Model of Access Control for Web Services Based PMI is designed,PMI(Privilege Management Infrastructure)are described in this article, which protects Web Services resources..PMI that based PKI, manages the privilege authorization by using AC(Attribute Certificate). Then, the problems such as different periods between users'ID and privilege in the PKI are handled down.In this article, the model is presented and the system is implemented, including privilege authorization, access control and so on, after presenting the concepts of Web Services and PMI. It provides SOAP fine-grain access control for Web Services after summing-up the characteristic of PMI, Web Services and XACML. |
PDF Full Text Request