With the technology development and popularization of SOA applications, the security issues of Web services based on SOA have become increasingly prominent. The security of SOAP message is of great importance to Web service security. Currently SOAP message transport mainly depends on the WS-Security standards. However, the WS-Security standards have some drawbacks. The SOAP messages in transport will be attacked by XML injection attacks and other Web attacks. Therefore, this paper designed a new SOAP message security transport mechanism which added the SOAP Validation node into the existing Web services security transport framework based on the WS standards. At last the experiments demonstrate that this security transport mechanism can truly detect some of XML attacks and improve the security of SOAP message.%随着SOA技术的发展与普及应用,基于SOA的Web服务安全问题日益突出,而SOAP消息传输的安全性是决定Web服务安全的重要因素.目前SOAP消息的传输主要依赖于WS安全标准,但由于WS安全标准存在种种缺陷,因此SOAP消息在传输过程中会受到XML注入攻击等Web攻击.提出了一种新的SOAP消息安全传输机制,即在现有的基于WS安全标准的安全传榆机制基础上添加SOAP Validation节点.最后通过实验验证,该安全传输机制能检测出XML注入攻击,提高SOAP消息传输的安全性.
展开▼
