论文信息 - Proxy-Based Web Service Security

Proxy-Based Web Service Security

Web services security describes enhancements to SOAP messaging to provide quality of protection through message integrity, message confidentiality, and single message authentication. In this paper, we propose an implementation based on proxy mechanism. We devise an architecture that provides authentication based on PKI and authorization based on PMI to Web service with least influence of the original codes to call Web service. We also provide configuration interface for users to change their default security policy. Our system is independent of any web service server and independent of any programming language. You can you it without or just a bit of modification to your source codes.

Jian Wu | Zhimin Huang

[1] D. Richard Kuhn,et al. A role-based access control model and reference implementation within a corporate intranet , 1999, TSEC.

[2] Giovanni Della-Libera,et al. Web Services Trust Language (WS-Trust) , 2002 .

[3] Donald E. Eastlake,et al. XML-Signature Syntax and Processing , 2001, RFC.

[4] Darren Mundy,et al. Privilege Management Infrastructure , 2005 .

[5] Joel Weise-Sunps,et al. Public Key Infrastructure Overview , 2001 .

[6] Regina Dunlea,et al. Simple Object Access Protocol (SOAP) , 2005 .

[7] Carlos Maltzahn,et al. Reducing the Disk I/O of Web Proxy Server Caches , 1999, USENIX Annual Technical Conference, General Track.

[8] E. Michael Maximilien,et al. Toward autonomic web services trust and selection , 2004, ICSOC '04.

[9] Paul Wing,et al. Using public-key infrastructures for security and risk management , 1999, IEEE Commun. Mag..

[10] D. Eastlake,et al. XML Encryption Syntax and Processing , 2003 .

[11] J. Roy,et al. Understanding Web services , 2001 .

[12] David W. Chadwick. The X.509 Privilege Management Infrastructure , 2003 .

[13] Steven A. Moyer,et al. PIOUS: a scalable parallel I/O system for distributed computing environments , 1994, Proceedings of IEEE Scalable High Performance Computing Conference.