| At present, technologies of SOA (Service Oriented Architecture) and Web services has been widely used in enterprise-class commercial development. And one of the focus problems which hinder the development and spread of SOA and web services is how to choose a safety level between different information. Web services communicate with each other through SOAP (Simple Object Access Protocol) messages. Nowadays, the security mechanisms of SOAP messages exchange mostly based on Transport Layer. Due to technical limitations, there are various drawbacks in transport Layer mechanisms. So it needs to establish a service-oriented security mechanism of SOAP message exchange based on Message Level.This paper mainly focuses on service-oriented message level security mechanism of SOAP message exchange. Firstly, the author introduces some techniques related to SOA, web services and SOAP, and on this basis, studies on security mechanism of message exchange based on Transport Layer and analyses its drawbacks, then raises the necessity of establishing service-oriented message level security mechanism of SOAP message exchange. Secondly, studies on current message level security architecture of web services based on WS standards and points out its defects, then a method that adding an SOAP Dynamic Safe information to SOAP message is proposed to improve current mechanism. Then, the author designs and implements a new security mechanism of message exchange that adding SOAP Dynamic Safe processing modules to existed security architecture of web services, and explains its workflow. Finally, feasibility and executive performance of SOAP Dynamic Safe technique mentioned in this paper is validated and analyzed by a concrete experiment. |
PDF Full Text Request