论文部分内容阅读
SOA是一种标准化接口的分布式计算模型,基于Web服务平台无关性的特点允许服务功能通过动态组合支撑不同种类的应用业务,但是服务运行的动态性、复杂性和跨组织的松耦合性使服务系统面临严重的攻击威胁。针对分布式环境中服务全生命周期安全防护的应用需求,提出了一种可迁移的Web服务安全防护方法,不仅能够在服务节点正常运行过程中通过安全防护模块支撑服务的认证、访问控制和攻击检测,而且能够对服务迁移的全过程进行安全增强,实现无缝的安全防护能力,为安全服务环境的设计完善提供了一种可行思路。
SOA is a standardized interface distributed computing model. Web services platform based on the independence of features allows service functions through dynamic portfolio support for different types of application services, but the dynamic nature of service operations, complexity and cross-organizational loose coupling The service system faces a serious threat of attack. Aiming at the application requirements of service life-cycle security in distributed environment, this paper proposes a migratable Web services security protection approach that can not only support service authentication, access control and attacks during the normal operation of service nodes, Detection, but also can enhance the security of the whole process of service migration and realize the seamless security protection capability, which provides a feasible idea for the design and improvement of the security service environment.