摘要： Web Service采用松散的方式将计算服务整合在一起，在电子商务、企业应用系统集成等分布式计算环境中发挥着重要的作用，随着Web Service应用的普及，安全问题也受到了重视。针对利用SSL和防火墙技术实现Web Service安全的不足，本文从Web Service的体系结构入手，将Web Service的安全分为企业处理层安全、Web Service目录及注册层安全、通信层安全 3个层次，并阐明了Web Service不同层次的安全策略和实现方法。

关键词: Web Service, 安全机制, SOAP 安全, UDDI安全

Abstract: Web Service plays an important role in integration of E-Commerce and business application systems in distributed computing environments, which loosely couple the computation services across network. With the development of Web Service in different areas, security issues are being widely focused on. Trough analyzing the Web Service architecture and implementation deficiency of Web service security only by SSL or firewall, this paper divides the Web service security into three levels: business process level, Web service catalog and registry level, and communication level. The different security strategies used in different levels and the corresponding implementation methods are also discussed in detail in the paper.

Key words: Web Service, security mechanisms, SOAP security, UDDI security

中图分类号: 

• TP309