摘要
Web服务被广泛应用于校园数据集成当中,其安全问题也日益受到重视。在分析现有的安全解决方案SSL/TLS存在的缺陷的基础上,以教务管理信息系统和财务管理信息系统的数据共享服务为背景,研究了WS-Security及以其为基础的WS-Secure-Conversation、WS-Trust等规范。结合SSL/TLS优势,设计了基于WS-*的Web服务安全模型,并在.NET平台上使用WSE3.0实现了该模型,对于数字化校园及企业信息集成的安全解决方案有参考价值。
Web services are widely used in campus's data integration,and some of its security issues are paid increasing attention.The deficiencies of some existing web services security solutions such as SSL/TLS are analyzed in this article.On requirements of sharing data among educational administration and financial management information systems,the WS-Security and other specifications based on it such as WS-Secure Conversation and WS-Trust are also explained.Combined with the advantage of SSL/TLS,the web services security model based on the WS-* is designed and realized with WSE3.0 on.NET platform,and this has referenced value for the security solution of digital campus and enterprise data integration.
出处
《计算机应用与软件》
CSCD
2010年第6期274-276,280,共4页
Computer Applications and Software
