Yuan Shuhong,Zhu Miaoliang,Yun Xia,Wu Di

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.01.048

2008-01-01

Abstract:Traditional Enterprise Application Integration(EAI) solutions lacking the support of the united standard have difficulties in resolving the main security problems such as authentication and authorization.To solve these problems,a brand new application integration security architecture based on Web Services WSSA-EAI is proposed.Web Services are applied to create general access interface,and SSO(Single Sign On) authentication and RBAC(Role-based Access Control)authorization are combined.A united EAI security architecture which is easy for maintenance is presented..

CHENG Bo,FU Hua-ling,YANG Guo-wei,TUO Xian-guo

DOI: https://doi.org/10.3969/j.issn.1006-5911.2005.08.008

2005-01-01

Computer Integrated Manufacturing Systems

Abstract:To solve the information security of integrated enterprise for the service-oriented architecture, a flexible service-oriented information security mechanism constructed on the distributed J2EE(Java to enterprise edition) enterprise integration platform was proposed. On the one hand, the implementation of the Simple Object Access Protocal (SOAP) encryption and signature based on the extended eXtensible Markup Language(XML) specifications in the security mechanism were acheived. On the other hand, the multi-roles and task instances migration based dynamic secure access control model was built, and key implementation technologies were also described in detail which including multi-roles customization, dynamic tasks authorization, and the authorization and authentication among multi-roles. In the end, a security solution schema on how to apply the flexible information security mechanism into the power enterprise integration environment was provided.

X Peng,Wy Zhao,E Ye

DOI: https://doi.org/10.1007/978-3-540-24679-4_104

2004-01-01

Abstract:Web service based data exchange has been the trend of EAI. We can create Proxies to expose existing systems as web services. There have been some tools that can help users to construct web services on the basis of existing systems. However, authority control and dynamic service configuration are not taken into account in the process of construction. In this paper we present an EAI-Oriented unified authentication model, and then put forward the serviceitems-based authority control and dynamic service configuration management in the construction of EAI-oriented web service architecture. Tool support in the process of construction is also discussed.

Shuangxi Huang

2003-01-01

Computer Integrated Manufacturing Systems

Abstract:With the deep-going exploitation of enterprise informationalization, the sharing and inter-operating between different applications have become the bottleneck of implementing enterprise informationalization. Through the analysis to current methods of Enterprise Application Integration (EAI), a Web service based EAI architecture is proposed. The integration mechanism and model of Web service based EAI are provided to show how the Web service is used in EAI. Finally, an integration platform prototype system is developed, and a series of enabling services are provided to support the enterprise integration.

Wenbin Jiang,Hao Dong,Hai Jin,Hui Xu,Xiaofei Liao

DOI: https://doi.org/10.1007/978-3-642-37015-1_23

2013-01-01

Abstract:Web service technologies have been widely used in diverse applications. However, there are still many security challenges in reliability, confidentiality and data nonrepudiation, which are prominent especially in some Web service systems that have massive resources in diverse forms. An enhanced mechanism for secure accesses of Web resources is presented and implemented based on the combination of modules of identity authentication, authorized access, and secure transmission to improve the security level of these systems. In the identity authentication, the highly safe and recognized authentication method U-Key is used. For the aspect of authorized access, the integration of an improved Spring Security framework and J2EE architecture is applied to ensure authorized access to Web resources, while the security interceptor of Spring Security is extended and a series of security filters are added to keep web attacks away. Moreover, some improvements of the XML encryption and XML decryption algorithm are made to enhance the security and speed of data transmission, by means of mixing RSA and DES algorithm. The above security mechanism has been applied to an online virtual experiment platform based on Web services named VeePalms. The experimental results show that most security problems with high severity in the system have been solved and medium-low severe problems degreased dramatically.

Hai Liu

2004-01-01

Abstract:With the inceasing development of computer technology, e stablishing Open Enterprise Application Integration System has been an important solution for enterpr ises to establish new systems rapidly to integrate different, distributed application. By contrasting the tradi tional EAI Solving scheme (CORBA)with the solving scneme based on the new technology of Web Service, this paper discusses how to establish Open Enterprise Application Integration System and points out the advantages of Web Service Solving scheme.

Hao Zeng,Dianfu Ma,Yongwang Zhao,Zhuqing Li

DOI: https://doi.org/10.1109/ISCC.2013.6754982

2013-01-01

Abstract:With the rapid development of the Internet, web service technology has been extensively used in distributed applications and is highly likely to replace other various technologies for the distributed application development. However, concerning most hard issues of the web services authentication, no proper solutions have been discovered and available for use now. Due to its dynamic and cross-domain characteristics, web services authentication is confronted with new challenges and difficulties. Each service or autonomous domain may have their separate authentication technologies and identity token types. Meanwhile, the same services may adopt different authentication technologies in terms of different application scenarios. Therefore, the difficult question arises as how to design an integrated and flexible architecture to enhance trust in web services. According to our findings, presented in this paper is a policy-based architecture for web services authentication termed PBA4WSA. Compared with the other architectures, the PBA4WSA can better satisfy the characteristics of web services.

DUAN Jiang-tao,WANG Bao-bao

DOI: https://doi.org/10.3969/j.issn.1006-9348.2005.05.073

2005-01-01

Abstract:AbstrcatWith the development of E-commerce, integration and data sharing between Intra-EAI and Inter-EAI have become a great challenge. There is much default in traditional solutions. Web Service is a novel technique to construct distributed platform for enterprise application, which implements interface for providing Inter-operations by web service and integrates different application systems with loose coupling easily. In this paper, the architecture and key techniques and core functions of Web Service are discussed in detail ,and also presented is the frame of Web Service application system, and finally the process of Web Service system is described.

Peng Qi-rui,Wang Cheng,Wu Jing,Li Jun

DOI: https://doi.org/10.1109/icsess.2010.5552305

2010-01-01

Abstract:To integrate distributed information systems in group companies, people favor the Service-Oriented-Architecture (SOA) for its features such as loose-coupling and standardization. But SOA brings security problems. Consequently, an authentication and authorization solution is proposed in this paper. By designing security architecture based on Service-Access-Agent, this solution can simplify the security program, and bring good to the system flexibility and loose coupling, thereby meet the integrated system's requirements for dynamics and agility. This solution has been applied to a project of “national 863 plan”, and shown its validity in engineering practices.

Yao Qin Liu

DOI: https://doi.org/10.4028/www.scientific.net/amm.687-691.1716

2014-01-01

Applied Mechanics and Materials

Abstract:Web service is a distributed Web application model, with platform independence, openness, loose coupling and other features. These features bring convenience to application integration, which also faces many security issues, mainly for computer hardware, applications, buffer overflows, message transmission process and other security threats. XML Web services architecture strengthen the security threats defense through digital signatures, encryption, and a series of measures of WS-Security by the sender, the receiver, the key server and assertion server which consist of SOAP security with characteristics like integrity, confidentiality, etc., effectively guaranteeing the safe operation of the Web services architecture.

Chen Zhao,Yang Chen,Dawei Xu,NuerMaimaiti Heilili,Zuoquan Lin

DOI: https://doi.org/10.1007/11563952_54

2005-01-01

Abstract:In enterprise environment, security becomes increasingly important and costly. Enterprises are struggling to protect the increasing amount of disparate resources. Simple patchwork of security controls no longer suffices. Enterprises require a comprehensive solution that provides centralized security management, from authentication, to authorization and to auditing. To this end, we present a design and implementation of an integrative security management solution for Web-based enterprise applications, WebDaemon. It provides Single Sign-On to multiple Web applications. It also provides restricted access to Web-based content, portals, and Web applications based on Role-Based Access Control (RBAC) policies. The WebDaemon can help enterprises secure all Web resources with consistency of policy management and reduced administrative costs.

Yan Cao,Yan Chen,Yiting Shen

DOI: https://doi.org/10.1007/978-0-387-75902-9_20

2008-01-01

Abstract:At present, most enterprises have a heterogeneous environment of legacy application, which lead to many "information isolated islands", Enterprises become more and more eager to share data in business processes over different systems. Traditional Enterprise Application Integration (EAI) methods usually integrate applications from peer to peer which has many defects. In This paper, a kind of EAI framework based on Web Services (WSEAI) has been put forward, which has nothing with any platform and programming language, so it can make the enterprise applications integrated together without gap. We have been successfully putting the EAI framework in one logistical company's WebGPS system and realized the integration based on Web Services.

Meina Zhang,Yang Zhang,Junliang Chen

2013-01-01

Abstract:ESB based execution platform support dynamic service integration in distributed environments. This paper describes the design and implementation of a security service for the ESB based execution platform. The implementation of the service includes two subservices, one is identity authentication subservice and another is access control subservice. Identity authentication service is a cross-domain and distributed meta-service. It uses info card-based authentication to identify users. Access control service determines user's access rights to resources based on security policy. The policy can be configured flexibly by policy editor.

XU Xiangrong,GU Xinjian,YE Zuoliang

DOI: https://doi.org/10.3969/j.issn.1005-2402.2006.09.013

2006-01-01

Abstract:The sharing and inner operating between different applications have become increasingly insistent demands in the process of implementing enterprise informationization. Firstly, the current situation of the existed information systems in the enterprise was analyzed. Secondly, the limitations of the traditional integration techniques were discussed. Thirdly, the advantage of Web services was described and an enterprise application integration framework based on Web services was presented. Finally, an integration example was provided about system integration between product configuration and parts library.

ZHANG Chang-li,LI Shu-yu,HU Zheng-guo,WU Jian

DOI: https://doi.org/10.3969/j.issn.1000-7180.2005.08.014

2005-01-01

Abstract:In this paper, a Web Service based Application Integration solution is presented, which is a suitable solution for the“information island”problem we encountered today. And, two important aspects are focused: the architecture and the security policies used.

Liu Jun,Li Ru-xiao

2008-01-01

Abstract:Web Services is an Internet-standards based distributed computing model, an evolution in the way of architecting, designing, implementing, and deploying e-business solutions. Web Services foster a change from tightly coupled, rigid, and static solutions that focus on implementation technologies, to loosely coupled, flexible, and dynamic solutions focusing on dynamic business models. This article focuses on the main techniques of building Web Service applications and brings forward a practical e-business models.

CUI Jian-Ming,FAN Li-Lin,WANG Xiao-Dong

DOI: https://doi.org/10.3969/j.issn.1672-6871.2006.03.012

2007-01-01

Abstract:Security and reliability of Web Services-based distributed system is introduced.Main technologies of current Web Services data transfer are analyzed and their weak points discussed.On this base,a detailed solution,which is a combination of encryption and digital signature to communicate with customer-end with canonical XML,is put forward.The transfer security of share data and the reliable trust relation between Web Services Server and customer is enhanced by this solution.

Gongxuan Zhang,Guowei Zuo

DOI: https://doi.org/10.1007/978-3-540-24679-4_173

2004-01-01

Abstract:Web service technology is a new technology for the Internet in recent years, and is extensively taken as the important technology in the next generation dynamic e-commerce. But the dynamic e-commerce's development speed is affected by itself security, that's the web service security. In this paper, the backgrounds and concepts of dynamic electronic commerce are introduced, and then its security is discussed. After that, the web service security protocol (WS-Security) is described with an example.

邓绪水,宋庭新,黄必清

DOI: https://doi.org/10.3969/j.issn.1003-4684.2010.02.008

2010-01-01

Abstract:Single sign-on(SSO) is an important part of Enterprise Application Integration(EAI).By analyzing the project needs,a new SSO model based on certificate encryption and Agent Login is proposed.This model not only perfectly matches the original operational system,but also enables a flexible and safety SSO access control.The application of this model to the Enterprise Information Portal is introduced in detail,and some corresponding analyses on technical security are put forward.The current system will be on the Public Services Platform for Population and Reproductive Health at present.

WANG Qiang,CHEN Ping

DOI: https://doi.org/10.3969/j.issn.1673-629x.2005.06.035

2005-01-01

Abstract:AbstrcatWeb service has been got more and more attention by IT industry and enterprises.It is a kind of distributed architecture,which is designed and used to expedite to communicate with several programs among different platforms.It not only changes enterprise's ideas,but also widens channels of enterprise's management,and brings them new models of development.However,because of Web service's openness,there are some problems about security.The paper will put forward mechanism in security and resolvents in tethnology according to Web service's characteristic.