(3.235.25.169) 您好!臺灣時間:2021/04/18 04:35
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:張宇軒
論文名稱:網路服務安全之操作模型及其語言設計
論文名稱(外文):An Operational Model and Language Support for Securing Web Services
指導教授:黃冠寰黃冠寰引用關係
學位類別:碩士
校院名稱:國立臺灣師範大學
系所名稱:資訊教育學系
學門:教育學門
學類:專業科目教育學類
論文種類:學術論文
論文出版年:2007
畢業學年度:95
語文別:英文
論文頁數:87
中文關鍵詞:網路服務安全性可延伸性標記語言簡單物件存取協定網路服務描述語言文件安全語言
外文關鍵詞:Web ServicesSecurityXMLSOAPWSDLDSL
相關次數:
  • 被引用被引用:0
  • 點閱點閱:67
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
在這篇論文之中,我們提出了一個操作模型,用來支援網路服務(Web Services)的安全性。這操作模型除了滿足基本的安全需求,包括驗證,機密性,完整性及不可否認性外,它也提供了元素層次加密(element-wise encryption)及以時序為基礎的元素次層數位簽章(temporal-based element-wise digital signature)的安全機制。此外,我們所提出的操作模型支援一個具彈性的金鑰規格大綱,可以用來定義三種不同類型的金鑰,分別為靜態金鑰,動態選擇金鑰,以及採用數位簽章的金鑰。服務請求者可以決定使用金鑰的身份,而不需事先和服務提供者協商。在我們所提出來的操作模型中,設計出二種方法,可以用來減少系統開發與維護的成本:(1)我們定義了一個網路服務安全語言(Web Services Security Language,WSSL),將網路服務中的服務實作與安全政策的規格分開。(2)藉由為網路服務安全語言設計的應用程式界面(Application Programming Interface, API)來支援我們所提供的操作模型。最後,實作所提出的系統並且量測其效能,以展示其操作模型的可行性。
In this paper, we propose an operational model to support the security of Web services. In addition to satisfying the basic security requirements, including authentication,
confidentiality, data integrity, and nonrepudiation, the proposed model supports security mechanisms such as element-wise encryption and temporal-based element-wise digital signatures. Furthermore, the proposed model supports a flexible key specification scheme called explicit key definition, which can be used to define three different types of keys: static keys, dynamically selected keys, and keys applied to digital signatures. The service requester can determine the identity of the keys used without negotiating with the service provider. The proposed operational model is designed to reduce the costs of system development and maintenance in two ways: (1)by separating service implementation and specification of the security policy for Web services, and (2) by using a specially designed application programming interface to support the proposed operational model. The implementation and experimental results demonstrate the feasibility of the proposed system.
CHINESE ABSTRACT.........................I
ABSTRACT............................... II
TABLE OF CONTENTS..................... III
LIST OF FIGURES ........................IV
LIST OF TABLES..........................VI
1 Introduction...........................1
1.1. Background and motivation.......... 1
1.2. The overview of the operation model ..... 3
2 Related Work.................................9
2.1. XML (eXtensible Markup Language)......... 9
2.2. DSL (Document Security Language)......... 10
2.3. SOAP (Simple Object Access Protocol) .... 12
2.4. WSDL (Web Service Description Language) ....... 13
2.5. WS-Security (Web Services Security) ........... 14
2.6. WS-SecurityPolicy ( Web Services Security Policy )..16
3 Syntax of the WSSL................................ 18
3.1. Key Definition .................................19
3.2. Algorithm Definition ...........................23
3.3. Security Pattern................................24
3.4. Communication Protocol .........................25
3.4.1. Request elements .............................25
3.4.2. Response elements ............................27
4 Syntax of the Secured SOAP Document .............. 29
5 WSSL API...........................................33
5.1. The methods and attributes of class WSSLTransform...33
5.1.1. Environment Settings............................34
5.1.2. Securing and unsecuring processes.............. 37
5.1.3. Needed keys setting ......................... 40
5.1.4. Signature verification.......................46
5.1.5. Error handling ..............................47
5.2. The client-side proxy ........................ 49
5.3. The server-side proxy......................... 52
6 Implementation and Experimental Results.......... 56
7 Conclusions and Future Work...................... 60
Appendix A ....................................... 64
Appendix B ....................................... 80
1. “Web Services Architecture, W3C Working Group Note 11 February 2004.”
http://www.w3.org/TR/ws-arch/.
2. “Extensible Markup Language (XML) 1.0 (Fourth Edition), W3C Recommendation
16 August 2006.” http://www.w3.org/TR/xml/.
3. “SOAP Version 1.2, W3C Recommendation 24 June 2003.”
http://www.w3.org/TR/2003/REC-soap12-part0-20030624/.
4. “Web Services Description Language (WSDL) Version 2.0, W3C Candidate
Recommendation 27 March 2006.” http://www.w3.org/2002/ws/desc/.
5. “Universal Description, Discovery and Integration (UDDI).”
http://www.oasisopen.org/committees/uddi-spec/.
6. “XML Encryption WG,” http://www.w3.org/Encryption/2001/Overview.html.
7. Donald Eastlake, Joseph Reagle, Takeshi Imamura, Blair Dillaway, and Ed Simon,
“XML Encryption Syntax and Processing. W3C Recommendation 10 December
2002,” http://www.w3.org/TR/xmlenc-core/.
8. Donald Eastlake, Joseph Reagle, David Solo, Mark Bartel, John Boyer, Barb Fox,
Brian LaMacchia, and Ed Simon, “XML-Signature Syntax and Processing W3C
Recommendation,” 12 February 2002. http://www.w3.org/TR/xmldsig-core/
9. Gwan-Hwan Hwang and Tao-Ku Chang, “Towards Attribute Encryption and a
Generalized Encryption Model for XML,” The 4th International Conference on
Internet Computing 2003 (IC'03), Las Vegas, Nevada, USA.
10. Gwan-Hwan Hwang, and Tao-Ku Chang, “Document Security Language (DSL)
and an Efficient Automatic Securing Tool for XML Documents,” The 2nd
International Conference on Internet Computing 2001 (IC'01), Las Vegas, Nevada,
USA.CSREA Press, ISBN 1-892512-8-X.
11. Gwan-Hwan Hwang and Tao-Ku Chang, “An Operational Model and Language
Support for Securing XML Documents,” Computers & Security, Volume 23, Issue 6,
pp. 498-529, 2004.
12. “Web Services Security: SOAP Message Security 1.1 (WS-Security 2004), OASIS
Standard Specification, 1 February 2006.”
http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SO
APMessageSecurity.pdf.
13. Susan Duncan and Colin Maxwell, “How to Use JDeveloper 10.1.3 to Secure and
Test a Web Service,” Oracle Corporation,
http://www.oracle.com/technology/products/jdev/howtos/1013/wssecure/10gwssec
urity_howto.html.
14. W C. Kaler and A. Nadalin, “Web Services Security Policy Language
(WS-SecurityPolicy),” version 1.1, joint specification by IBM, Microsoft, RSA
Security,and VeriSign, July 2005;
http://www.ibm.com/developerworks/library/specification/ws-secpol/.
15. Michiaki Tatsubori, Takeshi Imamura, and Yuhichi Nakamura, “Best-Practice
Patterns and Tool Support for Configuring Secure Web Services Messaging.”
Proceedings of the IEEE International Conference on Web Services (ICWS’04).
16. George Coulouris, Jean Dollimore, and Tim Kindberg, “Distributed Systems:
Concepts and Design,” Addison Wesley, the third edition, ISBN: 0201619180.
17. Tao-Ku Chang and Gwan-Hwan Hwang. “An Application Program Interface for
Securing XML Documents.” The 2005 International Conference on Internet
Computing (ICOMP'05), June 27-30, 2005, Las Vegas, USA.
18. “XML Path Language (XPath) Version 1.0, W3C Recommendation 16 November
1999.” http://www.w3.org/TR/xpath.
19. Gosling James, Joy Bill, Steele Guy. “The Java language specification.” 1st ed.
Reading, Massachusetts, USA: Addison-Wesley; 1986..
20. Tao-Ku Chang and Gwan-Hwan Hwang. “An Application Program Interface for
Securing XML Documents.” The 2005 International Conference on Internet
Computing (ICOMP'05), June 27-30, 2005, Las Vegas, USA..
21. Tao-Ku Chang and Gwan-Hwan Hwang, “The Design and Implementation of an
Application Program Interface for Securing XML Documents.” Accepted for
publication in Journal of Systems and Software.
22. “PKCS #1: RSA Cryptography Standard.”
http://www.rsasecurity.com/rsalabs/node.asp?id=2125.
23. Java Keystore. http://java.sun.com/j2se/1.4.2/docs/api/java/security/KeyStore.html.
24. Apache Axis2/Java Version 1.1.1
http://ws.apache.org/axis2/
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔