摘要
Web服务具有分布性和异构性的特点,在网络环境中,会使其安全性变得复杂而多样,如何保障Web服务的安全性已成为国内外密切关注的重要课题。数字信封通过私钥与公钥进行匹配来保护加密密钥的安全,可有效地保证数据传输的真实性和完整性。对Web服务的常用协议和当前面临的主要攻击进行了分析,在此基础上,设计了一个基于数字信封的Web服务安全模型,并运用WSE实现了该模型,实验证明,该模型可以保证数据的完整性、不可否认性、机密性等多种安全特性。
Web services is distributed and heterogeneous,and in Internet environment,this property will cause it’s security complicated and various.How to ensure that Web services is secure becomes an important study which is paid close attention to at home and abroad.Digital envelope,whose private key must match with public key,could efficiently ensure data transmittion is reality and integral.This paper firstly analyse the common protocol and normal attack aims at Web services.And then,a Web service security model based on digital envelope is designed.Finally,the model is implemented in WSE.Experiment proves that,this model could ensure data is integral,incontestable,confidential,and so on.
出处
《计算机安全》
2013年第5期60-65,共6页
Network & Computer Security
基金
北京市属高等学校科学技术与研究生教育创新工程建设项目(PXM2012_014213_000037)
