中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/8955
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41664003      Online Users : 1662
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/8955


    Title: 網路服務安全機制之研究與實作;Study and Implementation of Web Service Security
    Authors: 施宏澤;Horng-jzer Shih
    Contributors: 資訊工程研究所
    Keywords: 網路服務安全;security
    Date: 2009-06-30
    Issue Date: 2009-09-22 11:38:19 (UTC+8)
    Publisher: 國立中央大學圖書館
    Abstract: 近年來網際網路服務(Web Service)技術逐漸被廣泛開發及採用,網際服務提供了以XML為基礎的訊息格式,解決了異質平台溝通及不同應用軟體間整合的問題,而其模組化的結構,也帶來更高的可重用性(Reusability)。 然而,安全性是Web Service成功的必要保證,所以要實現安全之企業級的網路服務,Web Service應該要能滿足以下之安全性基本要求: 1.鑑別性:認證鑑別以確保存取應用程式及資料之人,是經過授權的。 2.機密性:資料在網際網路上傳播時不應該被第三方看到。 3.完整性:雙方必須能夠確定被傳送的資料沒有被篡改。 4.不可否認性:雙方必須能夠確定信息的來源為聲稱者。 透過Web Service模型核心技術之可擴充性,如SOAP、WSDL、SSL傳輸加密、XML數位簽章(XML Digital Signature)以及XML加密(XML Encryption)等基礎技術,允許服務提供者(Service Provider)與服務請求者(Service Requester)開發符合應用程式之安全需求。 本文將分析幾種認證及加密技術,並藉由企業間電子商務活動,如訂單與發票等商業行為,來實作一種安全有效的加解密及數位簽章與認證技術,以實現網路交易之安全性,如鑑別性、機密性、完整性以及不可否認性之要求。 Recently, web service technology is developed and utilized widely. However, the web service security, a significant factor to assure successful web service adoptation, is always overlooked. There are four basic issues must be addressed and satisfied to meet the requirents of web service security: 1. Identification: to authenticate and identify the one who will access web services, or to authorize the application which will interoperate with web services. 2. Confidentiality: the date delivery on the internet would not be explored or intercepted by third party. 3. Integrity: both the transmitter and the receiver must make sure the data on communication is not be tampered. 4. Non-repudiation: both the transmitter and the receiver can recognize that the source of message is the claimer. Based on technogies related to web service security, such as SOAP, WSDL, SSL encryption, XML digital signature, XML encryption, and single sign-on, we build an E-Shop as testbed to fulfill the above issues and demonstrate how to establish a secure service-based application.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File SizeFormat


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明