| With the growth of information technology and the growing popularity of thenetwork, Service-Oriented Architecture (SOA), as the representative of the software,has become a typical Application form under the open collaboration networkenvironment. On one hand, the SOA is convenient for resource sharing, collaborativecomputing, and system integration, but on the other hand, it also brings a new type ofsecurity issues, such as access control. Traditional identity-based security mechanismscan not fully meet the specific needs of SOA security to achieve large-scale applicationof SOA security deployment, it needs to adapt to environmental features of a newsecurity solution.This paper comes from The National Defense Pre-Research Foundation of China.Considering specific security requirements of SOA, this paper designed a service accessmodel which is based on Synapse gateway proxy and made a research on servicescheduling, end to end message security transmission, cross-domain access and otherissues under this model, and made a deep research on analysis and implementation. Thismodel makes security schedule by taking use of Synapse gateway proxy, invoking theproxy service in proxy center for authenticating, at last, accessing to the requestedresource through the gateway proxy for the authenticated service requesters In order toensure end to end transmission security, this paper introduces the Rampart securitymodule, making use of the encryption, decryption, and digital signature to implementmessage-level security transmission. For cross-domain access, this paper proposes atrust evaluation model which works in distributed SOA environment, then introducesthe conversion factors, the time decay function and so on. It designs a credible valuablemethod basically accurate for reflecting real-world.At last,This paper made a test and analyzed the test results. It proves that themodel can improve the security of SOA effectively and can meet the applicationrequirements basically. |
PDF Full Text Request