Abstract
Along with the development of Internet, Web Services technology is a new branch of Web application program, and it has become a hotspot in computer science. However, it has not made great progress in research on Web Services security. Traditional security solutions cannot satisfy the Web Services security require of selective protection, end-to-end security and application layer security. Web Services technology needs a solution integrated in Web Services framework to realize end-to-end security. Based on cryptography and Web Services technology and according to W3C, XML encryption specification, XML digital Signature specification and WS-Security, which proposed by IBM and Microsoft, a new Web services security model based on message layer is put forward in this paper. The message layer is composed of message handlers. It is inserted into the message processing sequence and provides transparent security services for Web Services. To verify the model, a Web Services security system is realized on, net platform. The implementation version of the model can provide various security services, and has advantages such as security, scalability, security controllability and end-to-end security in message level.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
Banerjee A, Corera A. Net Remoting Architecture.C# Web Services—Building Web Services with. NET Remoting and ASP. NET. Beijing: Tsinghua Press, 2002. 114–159 (Ch).
Shi Wei-peng, Yang Xiao-hu. SOAP-Based Fundamental Security Specification of Web Service (WS-Security).Computer Application Research, 2003,20(2): 100–102, 105 (Ch).
Zhang Shuang, Shi Hao-shan. Study on The VPN System Realization Technique.Computer Engineering, 2002,28(8): 276–278 (Ch).
Chen Wei-wei, Wang Qing-xian. FireWall Technology and Vulnerability Analysis.Computer Applications, 2003,23 (10): 46–48 (Ch).
Neuman B, Ts’o T Kerberos. An Authentication Service for Computer Networks.IEEE Communication Magazine, 1994,32(9): 33–38.
Zhu Yu, Deng Xiao-yan, Shao Pei-nan. A Solution Based on XMI to Application Security.Computer Engineering, 2003,29(9): 180–181, 203 (Ch).
Microsoft. Security in a Web Services World: A Proposed Architecture and Roadmap.http://www-900.ibm.com/developerWorks/cn/Webservices/ws-secmap/index_eng.shtml, 2002.
Bartel M, Boyer J. XML-Signature Syntax and Processing.http://www.w3.org/TR/2001/PR-xmldsig-core- 20010820/, 2001.
Atkinson B, Della-Libera G. Web Services Security(WS-Security).http://www-900.ibm.com/developerWorks/cn/ Webservices/ws-security/index-eng.shtml. 2002.
Imamura T, Dillaway B. XML Encryption Syntax and Processing.http://www.w3.org/TR/xmlenc-core/, 2001.
Author information
Authors and Affiliations
Corresponding author
Additional information
Biography: WANG Cui-ru (1954-), female, Professor, research direction: database and information management system.
Rights and permissions
About this article
Cite this article
Cui-ru, W., Zheng-wei, X., He-jin, Y. et al. Design and implementation of Web services security based on message layer. Wuhan Univ. J. Nat. Sci. 9, 755–759 (2004). https://doi.org/10.1007/BF02831676
Received:
Issue Date:
DOI: https://doi.org/10.1007/BF02831676