Soap-based Web Services Security Communication Mechanism Study

In recent years, Web Services are evolving and gaining wide acceptance as a standard for distributed computing. Its primary goal is to build a universal technology layer that is independent of platforms and languages, based on existing heterogenous platforms. Depending on this technology layer, applications based on different platforms can implement link and integration each other. Without doubt, it will accelerate integration of different kinds of business and enterprise systems, reduce cost and improve benefit.When organizations are starting to rely on Web Services to conduct their core business, Security of Web Services becomes clearly critical. Security is a complex problem, but principal security is security of Web Services communications based on SOAP protocol. Common mechanisms for secure communications, such as SSL, TLS, IPSec and so on, are suitable for protecting data security at transport layer or network layer, but can not meet special security requirements of SOAP communications. Thus they are unsuitable for securing SOAP messages at application layer and unable to ensure the security of Web Services communications.In this paper, we mainly research the security of Web Services, especially the security of Web Services communications. Firstly, We research several layers protocol of Web Services; Secondly, We review security requirements of Web Services in the round, especially ones of Web Services communications. Thirdly, we put forward a security model based on SOAP .In extended SOAP model, we use the third party certification framework based on public cipher system. In addition, we put forward a role-based access control model for Web Services (WS-RBAC). On the design and implementation mechanisms of this security model, the first presentation includes WSDL Generator, Web Services publishing tool and Certificate Server. Then, SOAP Security Toolkit, a core of this security model, is particularly presented. Finally, we carefeully discuss the design and implementation mechanisms of WS-RBAC model.