TIAN Yu-hong,WANG Ze-bing,FENG Yan

DOI: https://doi.org/10.3969/j.issn.1000-7024.2006.24.029

2006-01-01

Abstract:The Java virtual machine(JVM)is used more frequently as the basic engine behind dynamic web services.With the proliferation of network attacks on these network resources,much work are done to provide security for the network environment.Little effort has been placed on securing a Java web server where the attacker has a valid login to the host machine.After describing the vulnerabilities in Java's security mechanisms,an extended security system based on Java 2 security architecture is introduced.It also explains the runtime status of system.The increased assurance of correct system operation and the integrity of Java application server are provided.

Di Wu,Yabo Dong,Jian Lin,Miaoliang Zhu

DOI: https://doi.org/10.1007/11563952_52

2005-01-01

Abstract:The fast development of E-Commerce and information technology brings much higher requirements for enterprise informationization. Because of the differences in platforms, development languages and standards etc, enterprise application integration (EAI) has become the important form of enterprise informationization to support complex business processes. Web services have emerged as the next generation of integration technology which provides the power to support interoperability. However EAI doesn’t just present new interoperability challenges; it also presents serious privacy and security challenges. This paper presents security architecture of Web Services based EAI which uses distributed Single Sign On authentication and distributed Role-based Access Control authorization. The basic concept and prototype system of the security architecture are described in detail.

胡伟清,童春杰,陈德人,李子臣,寇卫东

DOI: https://doi.org/10.3785/j.issn.1008-973X.2004.11.011

2004-01-01

Abstract:A common digital watermark system does not provide watermark inserting and detecting services on Internet. In order to make wider application of digital watermark, a new scheme to make traditional watermark available as Web Services was presented. It was based upon Web Services for inserting watermark and detecting watermark and used simple object access protocol (SOAP) to exchange messages between service requester and service provider. Based on digital certificate and extensible markup language (XML) encryption and digital signature technology, a secure interaction between the requester and the provider was provided. This scheme reduces cost and protects digital products effectively on open networks.

Bao Liu,Minhua Shi,Deren Chen

2001-01-01

Abstract:Web Services are self-contained, modular applications that can be described, published, located, and invoked over a network, generally, the Web. Yet the problem emerges as different Web Services interoperate each other. In this paper we recommend the Simple Object Access Protocol (SOAP)[1] as the communication standard in the Web Services Architecture to solve the problem.First, we describe what is Web Services and present the architecture of it. Then, according to the challenge that Web Services faces, we address the key enabling technologies of which SOAP be composed. SOAP has many advantages that other binary protocols, such as Java RMI, do not have. Finally, by introducing an E-business model based on the integration of SOAP, UDDI [2], MQ [3] etc., we show the manner and flow of SOAP to implement Web Services architecture.

高俊娜,于继万,朱华飞,潘雪增

2004-01-01

Abstract:In current SIP protocol,to interact with other domain services,a node need multi-authentication processes. This paper integrates SAML into SIP protocol which well extends SIP authentication mechanism between multi-domains. It makes full use of SAML capability based on XML to bring an easy method to implement single sign-on(SSO).

Jin-yong LIU,Ruo-feng TONG,Jin-xiang DONG

DOI: https://doi.org/10.3969/j.issn.1001-3695.2005.10.018

2005-01-01

Abstract:Workflow systems now face a difficulty that most Workflow Management Systems (WfMS) only support few enterprises' existing applications and this problem has been the supreme bottleneck. Without uniform standard of integration, deployments of WfMS must be limited by exterior applications. So bringing a new application-independent integration framework forward becomes an urgent affair of WfMS. This paper imports Web Service and Enterprise Application Integration (EAI) into the reference model of WfMC and introduces our extended workflow model which can support Web Service and other heterogeneous applications. A WfMS prototype based on the extended workflow model and its deployment into the Management Information System of a virtual enterprise are also presented.

Jingfan Tang,Zhijun He

DOI: https://doi.org/10.1109/cscwd.2006.253075

2006-01-01

Abstract:This paper presents a novel model to support security in dynamic cooperation of cross-enterprise services. With the extended WSDL description and through the replication technique, the service replica can be dynamically deployed and executed on the optimum cross-enterprise server, which is selected from the registered servers in the enhanced UDDI center according to the server evaluation function. In order to ensure the safety and dynamically sharing of the cross-enterprise resources among the Web services, a security mechanism of trusted right delegation is introduced

Mh Shi,Dr Chen,Lj Zhang

2002-01-01

Abstract:With the advent of dynamic e-business and its open standards-based supporting technologies, valuable legacy applications that support essential business processes in enterprises can join this new area of distributed computing. In this paper, we introduce a framework for enterprise integration with universal web services model. We propose an integration framework based on the Software Integration Markup Language (SIML), which is an XML based markup language designed to describe e-business applications and enterprise integration.

Cheng Zhan,Xie Li

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.10.007

2008-01-01

Abstract:Web Service security problem is one of the highlighted topics in information security area recently.This article presents two security mechanisms for Web Services,transport-level security and message-level security.Then the security technology used to implement message-level security is introduces in detail.Finally,it gives a conclusion to Web Service security and proposes a new Web Service layered security model.

Zhang Mi,Cheng Zunping,Ma Ziji,Zang Binyu

DOI: https://doi.org/10.1109/CIT.2005.47

2005-01-01

Abstract:With the emerging applications based on Web Service, end-to-end security becomes more and more important. SSL and current XML security schemas cannot reach the demand of it. This paper proposes a novel security model -- ESM, which integrates some popular XML security schemas and constructs a layered model based on SOAP message transport mechanism. It's aiming at the end-to-end security issues in Web Service environment. Compared with other security models known to us, this model is more comprehensive and flexible.

Hao Zeng,Yong Wang Zhao,Dian Fu Ma

DOI: https://doi.org/10.4028/www.scientific.net/amm.644-650.2943

2014-01-01

Applied Mechanics and Materials

Abstract:With the rapid development of web services technology, the security policies defined in WS-SecurityPolicy are widely used for expressing security properties, capabilities, constraints and requirements of web services. It is well-known that security policies are crucial in the negotiation phase of service discovery and selection. However, such security policies are hard to understand and extremely error-prone, due to the complexity of the WS-SecurityPolicy specification. At the same time, because the WS-SecurityPolicy is described by natural language, there have ambiguity problem. These problem seriously hindered the development of web services policy. Therefore, this paper proposes a web services security policy description model to describe accurately and clearly security policies. The security policy model employs the formal modeling method to convert the policy assertions into the security rules.

Hao Zeng,Dianfu Ma,Yongwang Zhao,Zhuqing Li

DOI: https://doi.org/10.1007/s11761-013-0143-5

2013-01-01

Abstract:Due to the dynamic, heterogeneous and interorganizational nature, different web services and different ports or operations in the same service, even the same services at different times may have their different security requirements because of their different security domains and different business backgrounds. How to design a flexible, fine-grained and comprehensive architecture for web services security processing has become a matter of great urgency. However, no ideal solutions have been worked out for these problems. As a result of our study, we have presented in this paper a policy-based architecture termed policy-based architecture for web services security processing (PBA4WSSP) to meet the dynamic, complete and fine-grained security requirements. In PBA4WSSP, the processing of all security problems is based on security policy in service stage to support flexibly security configuration. Moreover, we have designed a service policy model to describe the fine-grained security requirements. And the conversion method between security policy model and security policy expression has also been described. In addition, a staged complete security processing architecture is provided to reduce the dependency among protocol implementations. Furthermore, with PBA4WSSP, a web service security module has been designed and implemented as well. Eventually, the performance evaluation results amply demonstrate that our system is flexible and usable.

Hao Zeng,Dianfu Ma,Yongwang Zhao,Zhuqing Li

DOI: https://doi.org/10.1109/ISCC.2013.6754982

2013-01-01

Abstract:With the rapid development of the Internet, web service technology has been extensively used in distributed applications and is highly likely to replace other various technologies for the distributed application development. However, concerning most hard issues of the web services authentication, no proper solutions have been discovered and available for use now. Due to its dynamic and cross-domain characteristics, web services authentication is confronted with new challenges and difficulties. Each service or autonomous domain may have their separate authentication technologies and identity token types. Meanwhile, the same services may adopt different authentication technologies in terms of different application scenarios. Therefore, the difficult question arises as how to design an integrated and flexible architecture to enhance trust in web services. According to our findings, presented in this paper is a policy-based architecture for web services authentication termed PBA4WSA. Compared with the other architectures, the PBA4WSA can better satisfy the characteristics of web services.

Zhang Mi,Ma Ziji,Zhu Donglai,Zang Binyu

DOI: https://doi.org/10.3969/j.issn.1000-386X.2007.12.075

2007-01-01

Abstract:Current Web Service cannot meet the demand of end-to-end security in a dynamic environment.Agent technology is used to extend UDDI function to handle the security transaction.A novel distributed security model is constructed.

Chen Zhao,Yang Chen,Dawei Xu,NuerMaimaiti Heilili,Zuoquan Lin

DOI: https://doi.org/10.1007/11563952_54

2005-01-01

Abstract:In enterprise environment, security becomes increasingly important and costly. Enterprises are struggling to protect the increasing amount of disparate resources. Simple patchwork of security controls no longer suffices. Enterprises require a comprehensive solution that provides centralized security management, from authentication, to authorization and to auditing. To this end, we present a design and implementation of an integrative security management solution for Web-based enterprise applications, WebDaemon. It provides Single Sign-On to multiple Web applications. It also provides restricted access to Web-based content, portals, and Web applications based on Role-Based Access Control (RBAC) policies. The WebDaemon can help enterprises secure all Web resources with consistency of policy management and reduced administrative costs.

Fengyu Zhao,Xin Peng,Wenyun Zhao

DOI: https://doi.org/10.1109/icis.2009.80

2009-01-01

Abstract:In service oriented architecture (SOA) environment, the communication and infrastructure security is crucial. The most important specification addressing Web services security is WS-Security, which collaborates with the SOAP message specifications, providing integrity, confidentiality and authentication for Web services. However, WS-Security focuses SOAP message security between trusted partners. In SOA applications, there are other vulnerabilities which can be exploited to attack by anonymous customer or even trusted partners, and these vulnerabilities do not gain enough attention as WS-Security. Among them, denial-of-service (DoS) is one attack cluster, which exhausts computer and network resources and reduces the availability of Web services. Another one is sensitive data leakage in a specific application domain. In this paper, the security of SOA applications is viewed as the security domain and a three-tier domain was divided based on security domain analysis. For each security sub-domain, security requirement scenario and requirements are presented. The security domain models were given which can be used to build up security services for sub-domain. Based on security model and security service assets, which can evolve along with understanding on security domain, the developers can establish the security implementation for SOA application integration.

Bacem Wali,Bernard Gibaud

DOI: https://doi.org/10.48550/arXiv.1210.1179

2012-10-01

Abstract:Despite numerous efforts by various developers, web service composition is still a difficult problem to tackle. Lot of progressive research has been made on the development of suitable standards. These researches help to alleviate and overcome some of the web services composition issues. However, the legacy application wrappers generate nonstandard WSDL which hinder the progress. Indeed, in addition to their lack of semantics, WSDLs have sometimes different shapes because they are adapted to circumvent some technical implementation aspect. In this paper, we propose a method for the semi automatic composition of web services in the context of the NeuroLOG project. In this project the reuse of processing tools relies on a legacy application wrapper called jGASW. The paper describes the extensions to OWL-S in order to introduce and enable the composition of web services generated using the jGASW wrapper and also to implement consistency checks regarding these services.

Software Engineering

Xu Feng,Huang Hao,Wang Zhijian

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.11.010

2008-01-01

Abstract:The archetype of session authentication protocol model is presented to solve the problem of communication security among ses- sion entities in Web services.The security technologies and the shortages of the protocol in key mechanism,anonymous instance and session management are analyzed,and then some improvements and extension are made over the archetype protocol based on DH algorithm.Finally, the new session authentication protocol is used for the management of the communication among session entities in a Web services transaction environment and the authentication in a testing system.The test result reveals that the new session entities authentication protocol can provide a trustful protection for the session process in Web services.

Yuan Shuhong,Zhu Miaoliang,Yun Xia,Wu Di

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.01.048

2008-01-01

Abstract:Traditional Enterprise Application Integration(EAI) solutions lacking the support of the united standard have difficulties in resolving the main security problems such as authentication and authorization.To solve these problems,a brand new application integration security architecture based on Web Services WSSA-EAI is proposed.Web Services are applied to create general access interface,and SSO(Single Sign On) authentication and RBAC(Role-based Access Control)authorization are combined.A united EAI security architecture which is easy for maintenance is presented..

Jianqiang Hu,Changguo Guo,Peng Zou

DOI: https://doi.org/10.1109/ICWS.2005.137

2005-01-01

Abstract:Web service is an Internet-based software component that can shield all sorts of resources on basis of standard protocol stack. It helps to raise the level of abstraction and simplify conventional COTS middleware for resource sharing and cooperation across organization. In this paper, a Web service container framework (WSCF) is presented to offer an effective systematic solution for Web service-based application supporting environment, referencing from CORBA and J2EE system managing architecture and using SOAP interoperation protocol. The proposed framework focuses on addressing problems in two aspects: 1) Web service runtime supporting technologies: unified resource mapping strategy, flexible service adaptation mechanism, and SOAP engine scheduling algorithm; 2) several application supporting services: publication and discovery service, Web service composition service, and security service, etc. In particular, it describes ongoing project StarWebService that has followed WSCF. Finally, some open issues about WSCF are introduced and the future direction of WSCF is pointed out.