中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
SOAP引擎消息附件处理与安全保障技术的研究与实现
作者: 崔晓玲
答辩日期: 2007-06-04
授予单位: 中国科学院软件研究所
授予地点: 软件研究所
学位: 博士
关键词: Web服务 ; SOAP引擎 ; SOAP消息附件 ; SOAP引擎安全保障
其他题名: SOAP Attachment and Security Techniques for SOAP Engine
摘要: 随着 Web 服务的广泛应用和发展,为Web服务提供二进制数据传输能力、并提供安全保障能力是Web服务在商业应用中获得成功的关键因素。SOAP消息附件是当前Web服务传输二进制数据的主流方式,然而,目前现有的SOAP消息附件传输方式基于不同的规范,影响了Web服务的互操作性;而且,到目前为止还没有一种有效的方法对Web服务以及SOAP消息附件提供安全保障支持。 针对Web服务二进制数据传输问题,论文研究了一种高效的SOAP消息附件高效统一处理框架,它通过一组消息附件构造、封装和解析的基础设施,兼容了当前三种主流的SOAP消息附件规范,提高了不同Web服务支撑平台的互操作性;通过扩展现有动态模板生成的数据绑定技术,提高了XML数据和附件对象之间的映射效率,从而有效提高了SOAP消息附件处理的效率。 针对Web服务安全问题,论文研究了SOAP引擎的安全保障机制。其主要特点是:各个安全保障实施单元SIU独立工作,有效降低系统耦合度;引入链式消息处理架构提高了灵活性;对安全配置信息实施分层管理,提高了信息的共享度。该系列机制为SOAP消息提供了有力的安全保障。 在SOAP消息附件处理框架和安全保障机制的基础上,论文还研究了SOAP消息附件安全保障若干关键技术,并提出了一个新型的SOAP消息附件安全保障机制:在不改变客户端和服务器内部结构的前提下,对SOAP消息附件采取安全保护措施;在多中间节点的场景中,SOAP消息附件可以不经过任何中间节点,从客户端直接发送到服务器,减少了SOAP消息附件被攻击可能性,同时也提高了SOAP消息附件执行的效率。 最后,论文讨论SOAP消息附件高效统一处理框架和SOAP引擎安全保障机制在SOAPExpress中的设计和实现,并以此为基础,在SOAPExpress中设计和实现一个高效、安全的SOAP消息附件安全保障机制。论文最后对SOAP消息附件安全性及其处理效率进行测试,测试结果表明,该系统能提高SOAP消息附件处理的效率,并有效保障其安全性。
英文摘要: A significant challenge of successful application of Web Services in enterprise environment is the ability of binary data transport in Web Services and the assurance of Web Services. SOAP attachment is used widely in the binary data transport of Web Services; however, several specifications about SOAP attachment affect the interoperability of Web Services. What’s more, currently there is no effective method to guarantee Web Services and SOAP attachment. To deal with the binary data transport, an efficient SOAP attachment unification supporting technique is presented in this thesis. By the basic establishment of SOAP attachment’s creation, encapsulation and parsing, the technique supports the three dominating SOAP attachment specifications, and improves the interoperability of different Web Services supporting platforms. By extending existent dynamic template creating of data binding, the technique improves the mapping efficiency between XML data and attachment object, so the efficiency of Web services with attachment is highly improved. To deal with the security in Web Services, this thesis provides the technique of security guarantee in SOAP engine. The independent Security Implement Unit is introduced to guarantee SOAP message, which greatly reduces the coupling degree of the system. In the thesis, the interceptor chain is also adopted to enhance the flexibility of message processing; and security configuration information is managed in a hiberarchy to improve the communion of the information. This technique provides a group of security assurances for SOAP message. On the basis of SOAP attachment supporting and security techniques, the thesis provides several SOAP attachment guarantee techniques, and provides a novel security mechanism of SOAP attachment, which guarantee SOAP message without changing client’s and server’s implementations. In the multi-intermediaries scenario, the whole message is divided into two parts and sent respectively: the primary part goes through as the original message path via intermediaries, while the attachments are sent directly from client to server via no intermediary. Therefore, it improves the efficiency of services and reduces the probability of the attachments' being attacked. Lastly, an efficient and secure SOAP attachment framework is proposed, and a prototype of this framework is implemented on the SOAP engine - SOAPExpress and the experiment results show the feasibility of secure attachments in enterprise applications.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/6774
Appears in Collections:中科院软件所

Files in This Item:
File Name/ File Size Content Type Version Access License
10001_200428015029021崔晓玲_paper.doc(9686KB)----限制开放-- 联系获取全文

Recommended Citation:
崔晓玲. SOAP引擎消息附件处理与安全保障技术的研究与实现[D]. 软件研究所. 中国科学院软件研究所. 2007-06-04.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[崔晓玲]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[崔晓玲]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace