| Emergence of Web promotes the development of Internet and application basedon Internet. However, it makes the limitation of current HTML becoming more andmore distinct, which cannot support the extensibility, structuralism and dataverification that is required by large scope web application. For solving this problem,W3C distributed the XML 1.0 and recommended it as reference standard in Februaryof 1998. As a new open standard of data representation, XML goes beyond of scopethat HTML can reach and bring energy for web application and network computation.Web Services, employing the XML and SOAP, realized the decoupled processinvocation based on "Services"on Internet. In those invocations, XML play the roleof information representation and transaction. Web Service is becoming a new hotspotof cyberspace, and is expected to solve all compute problems, including platformincompatibility, interoperation between legacy system and etc. With the growth ofdata flow and attack on application layer, how to protected XML dataflow becomemore and more important. XML Engine, which is a kind of security gateway based onapplication layer, provides the message-level security communication for XMLdataflow.XML Engine designed in our research project adopts the opening architectureand its security control mechanism can be plugged flexibly and its security services beconfigured dynamically. XML Engine provides the excellent, upgradable framework,the ability of modularizing update, and pluggable modular mechanism, which makethe security modular easy to add and remove. Based on the XML 1.0 and SOAP 1.2specification, a series of technology employed in development: XML, Web Services,and XML Security are analyzed in detail in this thesis. Then methods and steps thatused to design implement XML Engine are presented. At last, based on practicedevelopment, a web application implementation is given out. |
PDF Full Text Request