簡易檢索 / 詳目顯示

研究生: 蔣招政
Chao-Chen Chiang
論文名稱: 在SOA架構下支援程序實體安全的研究
A Framework to Support Process Instance Security in SOA
指導教授: 黃冠寰
Hwang, Gwan-Hwan
學位類別: 碩士
Master
系所名稱: 資訊工程學系
Department of Computer Science and Information Engineering
論文出版年: 2009
畢業學年度: 97
語文別: 中文
論文頁數: 64
中文關鍵詞: BPELWeb Service程序實體安全容錯WS-Security
英文關鍵詞: BPEL, Web Service, Process instance security, Fault tolerance, WS-Security
論文種類: 學術論文
相關次數: 點閱:170下載:2
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • Web Service 是可程式化的實體,提供了特定的功能項目,並可供多個可能不同且使用常見網際網路標準(如 XML 及 HTTP) 的系統存取。Web Service 主要依賴 XML 和其他網際網路標準的廣泛接受度來解決先前無法解決的許多問題,進而建立支援應用程式互通性的基礎結構。
    BPEL(Business Process Execution Language)是流程執行語言的標準。BPEL扮演著服務之間合作的指揮者,描述了流程控制如分支、迴圈、平行處理、訊息處理及關連性、例外處理等。BPEL是一個用XML來描述系統流程的方法,把不同的web services連結在一起而產生新的解決方案。這樣的組合方式與從前用程式把服務串在一起的方式相比較,顯的更有彈性且更容易管理。使用者可以透過不同的組合方式快速改變或產生新的解決方案。BPEL對於程序實體容錯(process instance fault tolerance)仍有限且對於Security悉借助WS-Security,然而WS-Security只針對Web Service而設計無法提供全方位的功能。
    為了解決上述問題而提出一套framework達到程序實體容錯,程序身份確認性(process authentication),程序資料隱密性(process confidentiality),程序資料完整性(process message integrity),程序內容不可否認性(process non-repudiation) 功能。

    Web Service is a programmable entity provided the specific function and will also be available use of different common Internet standards (such as XML and HTTP) to access the system. Web Service mainly relies on XML and other broad acceptance Internet standards to solve many problems that previously can not be solved, and then establish the infrastructure to support interoperability of applications.
    BPEL(Business Process Execution Language) is a execution language standard and play a orchestrator between services, and describes the process control, such as branch, loop, parallel processing, information processing and related, the exception handling. BPEL is a business process approach using XML to describe, and generate new solutions by linking different web services together. This combination of these ways compare to the methods programming the services together, the former is significantly more flexible and easier to manage. Users can make use of different combinations to rapid change or create new solutions.
    BPEL for the process instance fault tolerance is still limited and Security handling is base on WS-Security, however, WS-Security is only designed for the Web Service can not provide a full range of features. To conquer these problems and we propose a framework to achieve process instance fault tolerance, process authentication, process confidentiality, process message integrity, process non-repudiation function.

    中文摘要 I Abstract II 附表目錄 V 附圖目錄 VI 1.Introduction 1 1.1 SOA 1 1.2 Web Services 3 1.3 SOA Web Services 5 1.4 SOA Security 7 1.5 Process Instance Security 8 1.6 BPEL 11 1.7 Dynamic behavior in workflow security issue 14 1.8 Our framework 21 2.Related Works 25 3.A framework to support process instance security in SOA 29 3.1 SDL 35 3.1.1 Header section 35 3.1.2 Key definition section 36 3.1.3 Workflow definition section 36 3.1.4 Serialization definition section 37 3.1.5 Digital signature section 48 3.2 Fault Recovery Model 50 3.3 Failover Model 51 4.Implementation and experimental result 53 5.Conclusions & Future work 57 Reference 59 Appendix A. 62 Appendix B. 64

    1. Berson, A, Client/Server Architecture, McGraw-Hill, New York, 1996.
    2. T. Erl. Service-Oriented Architecture: Concept, Technology, and Design. Prentice Hall, 2005.
    3. H.A. Reijers and I.T.P.Vanderfeesten. Cohesion and Coupling Metrics for Workflow Process Design. In J. Desel, B. Pernici and M. Weske, editors, Proceedings of the 2nd International Conference on Business Process Management (BPM 2004), Lecture Notes in Computer Science 3080, 290-305. Springer Verlag, Berlin, 2004.
    4. Casati, F., Ilnicki, S., Jin, L.,Krishnamoorthy, V. and Shan, M. (2000):Adaptive and dynamic service composition in eflow.Technical Report, HPL-200039, Software Technology Laboratory, Palo Alto, USA.
    5. UDDI Version2 Specifications - http://www.oasis-open.org/ committees/uddi-spec/doc/tcspecs.htm #uddiv2
    6. Anis Charfi and Mira Mezini,Using Aspects for Security Engineering of Web Service Compositions,Proceedings of the IEEE International Conference on Web Services (ICWS’05)
    7. An Liu, Qing Li, Liusheng Huang, and Mingjun Xiao,A Declarative Approach to Enhancing the Reliability of BPEL Processes,2007 IEEE International Conference on Web Services (ICWS 2007)
    8. Glen Dobson,Using WS-BPEL to Implement Software Fault Tolerance for Web Services,Proceedings of the 32nd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO-SEAA'06)
    9. Web Services Business Process Execution Language Version 2.0,OASIS Standard,11 April 2007
    10. Jim Lau, Lau Cheuk Lung, Joni da S. Fraga,Giuliana Santos Veronese,Designing Fault Tolerant Web Services Using BPEL,Seventh IEEE/ACIS International Conference on Computer and Information Science,2008
    11. Radio Perlman, An Overview of PKI Trust Models,IEEE Network November/December 1999
    12. Tzilla Elrad, Mehmet Aksit, Gregor Kiczales, Karl Lieberherr, Harold Ossher,Discussing aspects of AOP ,Communications of the ACM,Volume 44, Number 10 (2001), Pages 33-38
    13. Pullum, Laura L.,Software Fault Tolerance Techniques and Implementation,ISBN:1580531377
    14. Web Services Description Language (WSDL) 1.1, W3C Note 15 March 2001
    15. Simple Object Access Protocol (SOAP) 1.1,W3C Note 08 May 2000
    16. S.Bajaj, et.al.,Web Services Policy Framework (WS-Policy),September 2004
    17. Web Services Security Policy Language (WS-SecurityPolicy) July 2005 Version 1.1
    18. Web Services Security: SOAP Message Security 1.1(WS-Security 2004), OASIS Standard Specification, 1 February 2006
    19. Hypertext Transfer Protocol -- HTTP/1.1,W3C June, 1999
    20. G.H. Hwang, Y.H. Chang, T.K. Chang, An operational model and language support for securing web services, IEEE International Conference on Web Services, ICWS 2007, 9–13 July 2007,
    21. Gwan-Hwan Hwang, Tao-Ku Chang, “Document Security Language (DSL) V2.0,” Technical report, National Taiwan Normal University, http://www.xml-dsl.com/DSL_Syntax_v2.pdf.
    22. Herbert Zimmermann,OSI Reference Model-The IS0 Model of Architecture for Open Systems Interconnection,IEEE TRANSACTIONS .ON COMMUNICATIONS, VOL. COM-28, NO. 4, APRIL 1980
    23. 服務導向架構 (Service Oriented Architecture) 應用專欄:服務導向架構 (Service Oriented Architecture) 應用,作者:簡西村(台灣微軟開發工具暨平台推廣處資訊平台策略顧問),2004 年 12 月,http://www.microsoft.com/taiwan/msdn/columns/soa/SOA_overview_2004112901.htm
    24. 從原理面探討服務導向架構(SOA),倪文君 叡揚資訊 Architect,http://www.gss.com.tw/tw/eispage/vol52/eispage5202.htm
    25. Web Services介紹,資策會數位教育研究所講師 鄧文焯,http://www.iiiedu.org.tw/knowledge/knowledge20021231_1.htm
    26. S. Vinoski, “CORBA: Integrating diverse applications within distributed heterogenous environments,” IEEE Commun. Mag., pp. 46–55, Feb.1997.
    27. Troy Bryan Downing. Java RMI: Remote Method Invocation. Number 0764580434. IDG Books, 1998.
    28. Chung, P., Huang, Y., Yajnik, S., Liang, D., Shih, J.,Wang, C.-Y., AND Wang, Y. 1998. DCOM and CORBA side by side, step by step, and layer by layer. C++ Rep. 10, 1 (Jan.), 18–29.

    下載圖示
    QR CODE