| SOA as a architecture that resolving problems of software reuse and integration,has been widely studied and applied.Service is the core concept of SOA.Security attributes consist of security-demand, security-mechanism, security-environment,security-ability etc.Invoking service is the precondition by matching of security-atrribute between service,But service description can't give expression to security-atrribute sufficiently.It can't satisfy the needs of description and application for service security-atrribute.This paper analyzes the differences of the security mechanism,and mainly focuses on the meaning of security attributes,security attributes description method and the protection of the security attributes.The main work is reflected in the following areas:Firstly,paper summarizes the currently methods of service description,proposes a service security attribute description methodl.This method can express static constraints,behavior constraints,condition constraints,property constraints and attachments of service security attributes.The description method is convenient for understanding security attributes.Secondly,paper proposes a service registration and discovery model based on expending UDDI model that adds the extract-module,checke-module and match-module for service security attributes.Paper provides a arithmetic for service security attributes checking.Thirdly,based on analyzing security of the EQ-OCBE,paper proposes a security-enhanced SEEQ-OCBE that avoiding Man-in-middle attack.It enhances the security of sensitive information in security attributes.Finally,paper designs and implements a system that supports the security attributes registration and discovery. This system check the availability of method of service security attributes and the protection mechanism of sensitive information in security attributes.The result shows the availability of method of service security attributes and the protection mechanism of sensitive information in security attributes. |
PDF Full Text Request