| 基于SOA的SOAP消息交换安全的研究 |
| |
| 引用本文: | 宋瑞,赵强.基于SOA的SOAP消息交换安全的研究[J].科学技术与工程,2009,9(9). |
| |
| 作者姓名: | 宋瑞 赵强 |
| |
| 作者单位: | 哈尔滨理工大学计算机科学与技术学院,哈尔滨,150080 |
| |
| 摘 要: | 在基于SOA的系统集成中,SOAP消息交换是一种必需的核心服务之一.在SOA架构中,关键是要提供消息级别的安全,当多个系统通过SOAP相互通信时,没有一个足够好的方法来避免XML重写攻击.现提出了一个保护SOAP信息完整性的方法.这种方法是基于消息结构信息(SOAP Account)来提供消息完整性的保护.另外,将从当前Web Service的一些安全规范来分析SOAP Account的完整性特点,提出了如何解决SOAP Account本身的安全方法.
|
| 关 键 词: | XML重写攻击 |
Security Research of SOAP Message Exchange Based on SOA |
| |
| SONG Rui,ZHAO Qiang.Security Research of SOAP Message Exchange Based on SOA[J].Science Technology and Engineering,2009,9(9). |
| |
| Authors: | SONG Rui ZHAO Qiang |
| |
| Institution: | School of Computer Science & Technology;Harbin University of Science & Technology;Harbin 150080;P.R.China |
| |
| Abstract: | SOAP message exchange is one of the core services required for system integration in Service Oriented Architecture(SOA)environments.One key concern in a SOA is thus to provide Message Level Security.It is observed that systems are communicating with each other in a SOA over SOAP messages,often without adequate protection against XML rewriting attacks.We will provide a solution to protect the integrity of SOAP messages.This solution was based on the usage of message structure information(SOAP Account)for pre... |
| |
| Keywords: | SOA SOAP Account |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
