Research On Adsm Based On Web Services And Its Application In Authenticating Web Content

With the increasing in-depth and extensive application of computer networks, distributed data systems gradually become the application mode of enterprise information system.More and more departments and enterprises store their internal information in remote entities. For instance, banks, stock exchanges and government departments mostly provide important information such as deposit interest rates, stock quotes and news through domestic and international portals. In this case, the owners and users of the data are no longer the same entities, and data are often transmissed through unreliable calculation entities, which brings huge security threat to the authenticity of data. Authenticated data structure model (ADSM) can solve the query and authentication issues of data in distributed environment. However, the significant drawback with the realization of authenticated data structure is that the clients have to access it using a bulky, proprietary interface. Not only did this require special knowledge on the part of the application developer, but it also required a separate toolkit to be provided for each target operating system and programming language. Additionally, such toolkits used proprietary communications protocols, canonicalizers, and so on.In order to make the client platform of ADSM has greater interoperability, reduce the duplication of code and simplify the verification process of certification information, we designed an ADSM based on Web Services, using XML digital signature to achieve basis' signature and its verification. The new model provides web service interfaces such as data update, data certification and data authentication interface, and we use Apache Tomcat as a service container to achieve the prototype of the new model in java on Eclipse platform.In addition, to solve the authentication issues when data from information center are issued through the third party portals,the paper constructs a web content authentication model, and proposes a new web content authentication FAC technology, which is a very effective manner that can safely verify the key content embedded in a web page and includes an extension of the HTML tag library and a service for publishing and distributing authenticated data. Finally, we present our prototype implementation by means of a browser toolbar and of a distributed authentication web service.