基于SPKI的XML Web服务安全性分析

Security analysis of XML web service based on SPKI

介绍了Web服务的安全性问题,分析了当前Web服务的安全模型和框架。特别对SOAP层的消息安全进行了重点介绍,包括XML加密和XML数字签名,阐述了SOAP安全扩展。介绍了WS-Security规范,在此基础上提议采用SPKI证书作为授权和身份验证的安全性令牌,具体阐述了SPKI安全令牌的结构和在Web服务中的使用优势。最后,形成了一个集XML安全、SOAP安全、UDDI安全和SPKI证书安全为一体的Web服务安全结构。

Security problems of web service are introduced, and current security model and frame of web service are analyzed. Especially, message security at SOAP layer is described importantly including XML encryption and XML digital signature, and security expansion on SOAP is also expressed. WS-security criterion is presented, and on this basis, SPKI certificate is advised to use as a security token for the authority and identity authentication, Then the structure of SPKI security token and the predominance of being used in the web service are put forward. At last, a security structure is formed, which is composed of XML security, SOAP security, UDDI security and SPKI certificate security.