Abstract: Aiming at security problems faced in the development of Web services, three methods of encryption, digital signature and authorization are put forward. Analyzing and comparing the security functional mechanism of SSL and XML, fusing the security technologies based on SOAP, it presents a solution scheme on security problems. It adopts XML security protocol to guarantee the security of end to end, proves it is feasible to solve some security problems.

Key words: Web services, SOAP, XML, SSL, XML encryption

摘要： 针对Web services发展过程中面临的安全性问题，剖析比较了SSL和XML的安全性作用机制，结合目前所使用的基于SOAP的安全技术，融合加密、数字签名和授权3种方法，给出一个解决安全问题的方案。采用XML安全协议保证端到端的安全，通过实例证明该综合方法是可行的。

关键词: Web services服务, SOAP协议, XML语言, SSL协议, XML加密

CLC Number: 

• TP393