摘要
由于SOA(Service Oriented Architecture,SOA)特有的标准化和可重用能力,使它更容易遇到安全问题并且更难被解决。首先分析了SOA产生安全问题的根源,接着介绍了一个基于SOA安全的框架,这个框架包含两个部分,第一部分是一个对各种发布的Web服务进行安全保护的框架,它确保只有经过认证、授权的用户才能访问某个Web服务,第二部分是一些与安全相关的Web服务。最后,结合了一个金融服务的实际例子,说明如何利用这个框架来实现SOA安全性。
Because of SOA's standardization and reusability,it will meet security problems more easily and are more difficult to solve.This paper first analysis the root of SOA Security issues.Then the paper introduces a framework that based on SOA security.The framework includes two parts.One is the framework that secures deployed Web services,only allowing those authorized person to use the services.Another is some Web services that can provide security support to applications.At last,the article introduces how financial software achieves security by using SOA Security framework.
出处
《计算机安全》
2011年第10期18-22,共5页
Network & Computer Security
