摘要
首先简要介绍了基于应用层和角色访问控制的Web服务安全的必要性,然后给出了一种基于WS-Se-curity协议和角色访问控制的Web服务安全设计方案,最后给出了该方案在.NET下的部分实现。当Web服务有Soap的中介体参与时,它需要的是端对端的消息安全,而传统的安全技术只能用来保护点时点的Web服务安全。为提供端对端的Web服务安全,在WS-Security协议和角色访问控制的基础上,本文提出了一种安全解决方案,并且给出了该方案在.NET下的部分实现。
Firstly, this paper briefly introduces the necessity of Web Service security on application layer, then it describes one kind of web service security design based on ws - security and role-based access control, finally it put forward part realization of this design using . NET. When Soap intermediaries taking part in Web Services, it needs end to end security, whereas traditional secure technology can only provide Web Services point to point security. To Solve this problem, on the basis of WS-Security and RBAC, this paper describes a security solution and puts forward part im plemention of this solution using dotnet.
出处
《微计算机应用》
2005年第1期30-33,共4页
Microcomputer Applications
