[1]张功萱,宋斌,王平立,等.基于SOAP的网络消息安全策略[J].南京理工大学学报(自然科学版),2007,(01):66-70.
 ZHANG Gong-xuan,SONG Bin,WANG Ping-li.Security Policy of Network Messages Based on SOAP[J].Journal of Nanjing University of Science and Technology,2007,(01):66-70.
点击复制

基于SOAP的网络消息安全策略
分享到:

《南京理工大学学报》(自然科学版)[ISSN:1005-9830/CN:32-1397/N]

卷:
期数:
2007年01期
页码:
66-70
栏目:
出版日期:
2007-02-28

文章信息/Info

Title:
Security Policy of Network Messages Based on SOAP
作者:
张功萱;宋斌;王平立;
南京理工大学 计算机科学与技术学院, 江苏 南京 21009
Author(s):
ZHANG Gong-xuanSONG BinWANG Ping-li
School of Computer Science and Technology,NUST,Nanjing 210094,China
关键词:
W eb服务 消息传递 安全通讯 SOAP协议
Keywords:
W eb services message passing secure communication simple object access protocol
分类号:
TP393.08
摘要:
SOAP/XML可以自定义标记,能跨越不同的平面,给W eb服务增加安全隐患。为了消除这一隐患,通过利用SOAP消息头,提出了SOAP的安全扩充模型,并提出了采用SOAP安全工具包实现安全模型功能的基本方法。针对权限设置等设计了一个W eb服务访问控制器,将那些无权限的请求去掉。通过对SOAP消息的安全扩充和访问控制处理,提高了W eb服务的健壮性,完善了W eb服务协议栈的架构。
Abstract:
SOAP ( Simple object access protocal) / XML ( Extensible markup language) that con- tainsmany sel-f defined tags can be transferred over different platform s and leads to sccurity problems inW eb services. In order to solve the problem, a secure model of SOAP is presented by use of SOAP header, and a SOAP secure kit is developed for implementation of the model. s functions. A controller ofWeb services is introduced for perm issions. Som e requestsw ithout perm ission are can- celledw ith the controller. W ith secure extension and access control of SOAP messages, web services are of robusticity and their framework is enhanced.

参考文献/References:

[ 1] 柴晓路, 梁宇奇. W eb Services技术、架构和应用 [M ]. 北京: 电子工业出版社, 2003.
[ 2] 赵强, 乔新亮. J2EE应用开发 (W ebLogic + JBuild- er) [M ]. 北京: 电子工业出版社, 2003.
[ 3] Zhang Gong-xuan, W ang Ping-l.i Transaction of web services based on struts [ A ]. Proceedings of APPT 2005, LNCS 3756, Lecture Notes in Computer Science [ C]. Berlin: Springer-Verlag, 2005. 427- 434.
[ 4] 戚玉松, 钱柱中, 是湘全, 等. 基于 Agent的 W eb服务组合研究 [ J]. 南京理工大学学报, 2006, 30( 3): 315- 319.
[ 5] 石伟鹏, 杨小虎. 基于 SOAP协议的 W eb Service安全基础规范 [ J]. 计算机应用与研究, 2003( 2): 100 - 103.
[ 6] L im S, FoxG, Pallickara S, et a.l W eb service robust gridFTP [ A]. Proceedings of PDPTA. 04 [ C]. Las Vegas, USA: CSREA Press, 2004. 725- 730.
[ 7] Tang Feilong, L iM inglu, Cao Jian, et a.l A model that coordinates short-lived and long-lived transactions for web services [ A ]. Proceedings of PDPTA. 04 [C]. Las Vegas, USA: CSREA Press, 2004. 908 - 914.
[ 8] 花磊, 魏峻, 牛春雷, 等. 动态模板驱动的高性能 SOAP处理 [ J]. 计算机学报, 2006, 29( 7): 1 145- 1 156.

相似文献/References:

[1]张佩云,黄 波,孙亚民.一种基于语义匹配的Web服务混合选择机制[J].南京理工大学学报(自然科学版),2007,(06):689.
 ZHANG Pei-yun,HUANG Bo,SUN Ya-min.Hybrid Selection Mechanism for Web Services Based on Semantic Matching[J].Journal of Nanjing University of Science and Technology,2007,(01):689.
[2]戚玉松,钱柱中,是湘全.基于Agent的Web服务组合研究[J].南京理工大学学报(自然科学版),2006,(03):315.
 QI Yu-song~,QIAN Zhu-zhong~,SHI Xiang-quan~.Web Service Composition Based on Mobile-Agents[J].Journal of Nanjing University of Science and Technology,2006,(01):315.
[3]朱俊武,等.面向语义Web服务的本体及融合机制[J].南京理工大学学报(自然科学版),2006,(06):742.
 ZHU Jun-wu,WANG Jian-dong,et al.Ontology and Its Composition Oriented to Semantic Web Service[J].Journal of Nanjing University of Science and Technology,2006,(01):742.

备注/Memo

备注/Memo:
基金项目: 江苏省教育基金 ( 04KJB520077)
作者简介: 张功萱 ( 1961- ), 男, 江西景德镇人, 教授, 博士, 主要研究方向: W eb服务与信息安全, CORBA技术等, E-mail:gongxuan@ mail.njust. edu. cn。
更新日期/Last Update: 2007-02-28