| In this paper we study the security of Web Services. Firstly, We introduce the concept and principle of Web Services and SOAP Protocol. SOAP plays an important role in the Web Services architecture, however, it also faces many serious security problems.Then we analyze some important technologies of Web Services and how to use these technologies to safeguard the SOAP messages.Secondly, based on these technologies, especially the WS-Security,we design a SOAP Messages Security Framework . Then we and implement the framework with Axis2 and Rampart, moreover, we use the SSL to ensure the transport layer security of SOAP. This framework can be used to achieve the SOAP-Security objectives like confidentiality, integrity, non-repudiation, authentication , authorization and so on,ensuring the SOAP messages both on the message level and transport layer.With good scalability and interoperability, this framework can integrate many other technologies and be used as the basis of Web Services Security. |
PDF Full Text Request