As an important research field ,the security of web service gets more attention recently .By analyzing the se‐curity problems of web service on the SOA ,the security specification of web service for those security issues is sumarized in this paper .The content focuses on the WS‐Security and some other standards relative to it ,additionally describes and com‐pares the SAML protocol for SSO with XACML ,which is used for representing the security policy .%Web 服务的安全作为近年来一个重要研究领域得到了越来越多的重视。论文分析了 SOA 平台下 Web 服务的安全性问题,并对解决这些安全问题的 Web 服务安全规范做了系统的总结。着重描述 WS‐Security 规范以及衍生的其他规范,并对实现跨域单点登陆的 SAML 规范以及描述安全策略的 XACML 进行一定的分析和比较。
展开▼