| Today, the applications which based on Web Services have been a hot topic in themodern society, and its security is definitely described as the most significant factor aswell. In recent years, some international organizations released a series ofsecurity-related standards and recommendations, but the current security services arestill exist many safety deficiencies, both the quality of secure transmission and accesscontrol are urged to be improved. On the basis of considering advantages anddisadvantages of conventional methods, a new method has been proposed, whichtaking many factors into account, such as secure data transmission, key distributionand management and authentication, it is similar to the function of having a safetyprocessing while transmitting data,and meanwhile adding the operation of SAML andXKMS. SAML provides both identity assertion and attribute assertion for accesssubject, which combined with the XACML can implement access control. XKMSsimplifies the procedures of the key distribution and management, after both sidesmaking use of public link exchange cryptographic key factor, and then using theprivate key to have a calculation of this factor in order to get the same encryption key.In addition, this thesis also designed a processing course aimed at SOAP message headelements, which responsible for the security of the SOAP messages duringtransmission.Firstly, this thesis introduces infrastructure and safety deficiencies in the Webservices technology; secondly, the knowledge of safety basics is processed, includingthe theoretical basis of security, XML security standards and various security servicesstandards which are formulating; then, It designs and implements a security model ona web service and so do the key techniques; Finally, the model applies to specific Webservices system, and tests the actual performance of this model, meanwhile, thesuggestions of improvement are raised. |
PDF Full Text Request