The Research On Security Policy Of Service Oriented Computing

The subject of Service-Oriented Computing (SOC) receives a wide publicity of the industrial and the academia. SOC is a new computing paradigm that utilizes services as the basic constructs to support the development of rapid, low-cost and easy composition of distributed applications even in heterogeneous environments. SOC relies on the Service Oriented Architecture (SOA), which is a way of reorganizing software applications and infrastructure into a set of interacting services. SOA is a flexible set of design principles used during the phases of systems development and integration. A deployed SOA-based architecture will provide a loosely-integrated suite of services that can be used within multiple business domains. SOA defines how to integrate widely disparate applications for an application that is Web based and uses multiple implementation platforms. Rather than defining an API, SOA defines the interface in terms of protocols and functionality. An endpoint is the entry point for such an SOA implementation.SOC supports openness of system in the form of standard. With the development of SOA, the security of SOC becomes a key problem. In nature, security is opposite to openness, so how to build a reasonable balance between accessibility and access restriction is the problem cry for solve to security policy of SOC.With the development of SOA, make a claim for access control. Access control is one of the security technologies and one of the crucial targets of TESEC. Compared with the traditional distributed systems, distributed systems based-SOA possesses a high dynamic performance for tactility of computing environment and the multiformity of the main mode of operation. This asks for access control mechanism can make a decision according to the security environment.The mainly innovative work as followings:1.Analyzed security demands of the SOC,On the basis of the present access control models to be researched,this thesis analyzes the superiorities and its limitations of each kind of model, and make a intensive study for RBAC,TMAC and TBAC.2.According to the characteristics and the demands of access control under the enterprise environment, priority of research is service-oriented access control. Proposed a new service oriented computing access control model based on RBAC (RH-SOCAC).3.This model considers web-based service access control, introduced role hierarchy and depends on the strengths of identification mechanisms as a context-dependent parameter. Furthermore shows how to model for this context-dependent access control by using role-based concepts. By using a BindingContext matching mechanism supported a fine-grained access control.4.Expound the significant effects of the semantic web service for the security of SOC. Characteristic the security policy of web service in the form of ontology, provide semantic description for the security of service computing, so that provides security reasoning and made services have machine understandable semantics.5.This thesis through analysis the security ontology illustrated the description of the semantic web services and extended the OWL-S. And with the policy illustration that implement semantic description of the security services.