摘要
针对如何确保电力企业中各应用系统的安全无缝集成,以及新开发的应用系统快速、安全、灵活地融入,提出了基于Web services的电力企业安全集成解决方案;从信息的安全访问和传输角度出发,分析了现有安全通信解决方案的不足,并通过对国际最新信息技术和信息安全技术规范的研究,设计了基于XML、SOAP、SAML、WS-security的集成安全系统模型。重点对其中的身份认证和安全通信机制问题进行了研究,解决了用户与系统之间、系统与系统之间的安全通信问题,从应用层级别确保了信息的有效性、完整性、机密性和不可否认性。
How to ensure the safe, seamless integration of various application systems, and make the new development application systems to be quickly, safely and flexibly joined, were becoming important problems in the stability and highly efficient operation of electric power enterprise. Aimed at all of the above problems put forward an electric power enterprise safe integration solution based on Web services, analyzed the deficiency of existing secure communication solutions from the point of view of information secure access and transmission, then designed an integration safe system model based on XML, SOAP, SAML, WS-security by researching on the international up to date information technology and the information security techn-ology cflteflon. Researched the authentication and the mechanism of security communication were. It solved the problem of security communication between users and systems, between systems and systems, and ensured the validity, integrality, confidentiality and nonrepudiation of the information from the application layer.
出处
《计算机应用研究》
CSCD
北大核心
2008年第2期533-537,共5页
Application Research of Computers
基金
湖南省自然科学基金资助项目(05JJ30209)
湖南省教育厅优秀青年基金资助项目(05B006)
关键词
电力企业
应用集成
信息安全
WEB服务安全
electric power enterprise
application integration
information security
Web services security (WS-security)
