GVHD: SVTH:

Nguyn Vn Hong
Trn Th Ngc Nguyn Minh Phng

Mc lc
A. Li m u B. Ni dung I. Web Service II. Vn bo mt trn thng tin III. An ton cho Web Service A. Kt lun

Li m u
T trc cng nguyn con ngi a phi quan tm ti vic lm th no m bo an ton b mt cho cc ti liu, vn bn quan trng, c bit l trong lnh vc qun s, ngoi giao. Ngy nay vi s xut hin ca my tnh, cc ti liu vn bn, giy t v cc thng tin quan trng u c s ha v x l trn my tnh. T nhng ngay u ca Internet, ngi ta a quan tm n tnh an ton trong trao i thng tin. Mc d, khng co s an toan tuyt i, nhng nhng phat trin trong lnh vc nay thi rt nhanh va mang li nhiu thnh qu vi ay l vn cp bch ca nhiu doanh nghip. C th ni ngy nay ngoi vic nghin cu lm sao to ra mt web services tt mang li nhiu li ch th vic nghin cu lm sao mang li s an ton cho web services cng la mt trong nhng vn quan trng nht.

Ni dung
I. Web Service
Theo nh ngha ca W3C (World Wide Web Consortium), Web service l mt h thng phn mm c thit k h tr kh nng tng tc gia cc ng dng trn cc my tnh khc nhau thng qua mng Internet, giao din chung v s gn kt ca n c m t bng XML. Web service l mt tp cc phng thc c thc hin thng qua mt phng thc URL v c s dng to cc ng dng phn tn.

nh ngha Web service

c im ca web service
Khng ph thuc vo ngn ng lp trnh, truy cp bt kz ng dng no H tr thao tc gia cc thnh phn khng ng nht, chi ph pht trin thp v d bo tr C kh nng ng dng rng trn cc nn tng, giao thc v nh dang d liu da trn vn bn nn d dng hiu, nng cao kh nng ti s dng To mi quan h tng tc gip cho vic pht trin d dng Thc y h thng tch hp, gim s phc tp ca h thng, h gi thnh hot ng, pht trin h thng nhanh v tng tc hiu qu vi h thng ca cc doanh nghip khc,

c im

u im

Nhng thit hi ln s xy ra vo khong thi gian cht ca Web service, giao din khng thay i, c th li nu mt my khch khng c nng cp, thiu cc giao thc cho vic vn hnh. Nhc im C qu nhiu chun cho Web service khin ngi dng kh nm bt., cn n vn an ton v bo mt

Cu trc tng quan ca Web service

SOAP

WSDL

L giao thc thay i cc thng ip da trn XML qua mng my tnh, thng thng s dng giao thc HTTP

nh ngha cch m t Web service theo c php tng qut ca XML. WSDL thng c s dng kt hp vi XML schema v SOAP cung cp Web service qua Internet

UDDI

Simple Object Access Protocol Giao thc truy cp i tng n gin)

Web Service Description Language Ngn ng m t cc dch v Web

Universal Description, Discovery and Integration - Tch hp, khm ph v m t a nng.

nh ngha mt s thnh phn cho bit cc thng tin ny, cho php cc client truy tm v nhn nhng thng tin c yu cu khi s dng Web service.

Cu trc tng quan ca Web service

Web Services l mt cch chun tch hp cc ng dng trn nn web (Web-based applications). Cc ng dng c th s dng cc thnh phn khc nhau to thnh mt dch v, Cc thnh phn ny c gi bi phng thc SOAP (Khc phng thc POST, GET) nn khng b gp phi firewall khi truy xut cc thnh phn bn ngoi my ch.

Quy trnh xy dng Web service

xy dng mt web service , chng ta cn thc hin cc bc sau: Bc 1 : nh ngha v xy dng cc chc nng , cc dch v m servive s cung cp (s dng ngn ng Java chng hn). Bc 2 : To WSDL cho service Bc 3 : Xy dng SOAP server cho service Bc 4 : ng k WSDL vi UDDI registry cho php cc client c th tm thy v truy xut. Bc 5 : Client nhn file WSDL v t o xy dng SOAP client c th kt ni vi SOAP server Bc 6 : Xy dng ng dng pha client (chng hn s dng Java) v sau o gi thc hin service thng qua vic kt ni ti SOAP server.

Mc ch ca Web service
Ngy nay Web service ang rt pht trin, nhng lnh vc trong cuc sng c th p dng v tch hp Web service l kh rng ln nh dch v chn lc v phn loi tin tc (h thng th vin c kt ni n web portal tm kim cc thng tin cn thit); ng dng cho cc dch v du lch (cung cp gi v, thng tin v a im), cc i l bn hng qua mng, thng tin thng mi nh gi c, t gi hi oai, u gi qua mnghay dch v giao dch trc tuyn (cho c B2B v B2C) nh t v my bay, thng tin thu xe.

Vn v mt bo mt trn thng tin

Tri qua nhiu th k, hng lot cc giao thc v c ch a c to ra nhm ap ng nhu cu an ton v bo mt thng tin. An ton thng tin a thay i rt nhiu trong thi gian gn ay. Trc kia hu nh ch c nhu cu bo mt thng tin, nay i hi thm nhiu yu cu mi nh an ninh my ch v trn mng. i vi mi h thng thng tin mi e da v hu qu tim n l rt ln

i vi mi h thng thng tin mi e da v hu qu tim n l rt ln, n c th xut pht t nhng nguyn nhn nh sau:
T pha ngi s dng: xm nhp bt hp php, n cp ti sn c gi tr. Trong kin trc h thng thng tin: t chc h thng k thut khng c cu trc hoc khng mnh bo v thng tin. Ngay trong chnh sch bo mt an ton thng tin: khng chp hnh cc chun an ton, khng xc nh r cc quyn trong vn hnh h thng. Thng tin trong h thng my tnh cng s d b xm nhp nu khng c cng c qun l, kim tra v iu khin h thng. Nguy c nm ngay trong cu trc phn cng ca cc thit b tin hc v trong phn mm h thng v ng dng do hng sn xut ci sn cc loi rp in t theo nh trc, gi l bom in t. Nguy him nht i vi mng my tnh m l tin tc, t pha bn ti phm. Tt nhin, mc tiu ca bo mt khng ch nm gi gn trong lnh vc bo v thng tin m cn nhiu phm tr khc nh kim duyt web, bo mt internet, bo mt http, bo mt trn cc h thng thanh ton in t v giao dch trc tuyn.

An ton cho Web service

1. An ton cho Web service: T nhng ngay u ca Internet, ngi ta a quan tm n tnh an ton trong trao i thng tin.Mc d, khng co s an toan tuyt i, nhng nhng phat trin trong lnh vc nay thi rt nhanh va mang li nhiu thnh qu vi ay l vn cp bch ca nhiu doanh nghip. Khng co mt mc an ton thich hp, s khai thac thng mi ca Internet thi khng hon ton an ton. Gn ay, cc dch v web a thu ht c ngy cng nhiu mi quan tm chung t pha cng ng. Dch v Web lin kt v tng tc vi cc ng dng qua Internet, chnh v vy bo mt l mt vn c quan tm khi cc cng ty tin ti kt hp ng dng vi mt dch v Web.

nh ngha web service Security

WS-Security l mt chun an ton bao trm cho SOAP v c nhng phn m rng ca SOAP, n c dng khi mun xy dng nhng web service ton vn v tin cy. N c thit k mang tnh m nhm c th hng ti nhng m hnh an toan khac bao gm PKI, Kerberos, va SSL. WS security cung cp nhiu h tr cho nhiu c ch an toan khc nhau, nhiu khun dng ch ky, va nhiu cng ngh ma hoa . N m bo cho tnh an toan, s toan vn thng ip, va tinh tin cy ca thng ip . ws security ch l mt lp trong nhiu lp ca mt gii php an ton web service .

Chng thc trong mt ng dng

Pha client

Pha Server
cu hinh server an ton cn c mt du hiu an toan hp l Ch ro mt callback handler c du hiu an toan trong yu cu va sau o xc nhn no.

Cung cp mt du hiu an toan trong tp tin m ta Ch ro mt callback handler trong tp tin m t

Nhng bc cn thit to s an ton thng tin trong mt ng dng

client va server phi c tnh toan vn thng tin
Pha client
Ch ro nhng thnh phn ca message ma phi c ch ky hay mt du hiu chng thc no o Ch ro mt khoa trn h thng tp tin ma s k ln message Ch ro nhng gii thut s c s dng bi khoa k ln message phi c cu hinh lam cho co hiu lc tnh toan vn ca message phn hi.

Pha Server
Ch ro nhng thnh phn ca message cn c ky Ch ro mt khoa duyt ch ky ca message n xem c hp l hay khng. Ch ro gii thut ma khoa s dng lam cho co hiu lc tnh toan vn ca message gi n. cung cp thng tin ch k trong message phn hi

Cc hnh thc m bo an ninh dch v web

Bo m an ninh mc truyn ti
L c ch an ninh im ti im (Point to Point), dng cho vic nhn dng v xc thc cc bn, bo m tnh tan vn v bo mt ca thng ip HTTP l giao thc khng an tan, d liu c truyn i dng Text nn d b l. K thut HTTPS cho php xc thc my ch, my ch phi xut trnh chng thc cho trnh khch trnh khch nhn dng my ch Thc t ngi ta thng dng xc thc c s HTTP kt hp vi HTTPS.

Bo m an ninh mc thng ip
L cch tip cn l tt c thng tin lin quan ti an ninh u c gi kn trong SOAP Bo m an ninh mc thng ip i hi s bo v bng th bi tn ngi dng, mt m XML v ch k s. c t bo m an ninh dch v Web (WS-Security) cung cp an ninh mc thng ip Thng c kt hp vi bo m an ninh mc truzn ti.

Nhng thnh phn m rng ca web service security

web service security ch l mt lp trong nhiu lp ca mt gii php an ton web service y , nn cn mt m hinh an toan chung ln hn c th bao ph tt c cc khia cnh an toan khac Trong m hnh ny cc thnh phn quan trng bao gm:

Nhng thnh phn m rng ca web service security

WS-SecureConversation Describes: cho php qun ly va xac nhn message trao i gia cc phn, bao gm s trao i ng cnh an toan , thit lp , dn xut ra nhng session. WS-Authentication Describes: cho php qun ly nhng d liu cn chng thc va chnh sch chng thc. WS-Policy Describes: cho php qun l nhng rang buc ca nhng chinh sach an ton cc im trung gian va u cui WS-Trust Describes: khung cho phep nhng web service an toan trao i , tng tc vi nhau

Mt chun an toan chung cho cc h thng giao dch trn mng thng phi tp trung vo
Identification: nh danh c nhng ai truy cp ti nguyn h thng. Authentication: chng thc t cch truy cp ti nguyn ca ngi mun s dng. Authorization: cho php giao dch khi a xc nhn nh danh ngi truy cp. Integrity: ton vn thng tin trn ng truyn. Confidentiality: an ton, khng ai co th c thng tin trn ng i. Auditing: kim tra, tt c cc giao dch u c lu li kim tra. Non-repudiation: mm do, cho php chng thc hp tnh hp php ha ca thng tin n t mt pha th ba ngoi 2 pha l ngi gi v ngi nhn.

Nhng yu cu trn gip cho h thng an ton hn , trnh c phn no nhng truy cp khng hp l .

Mt chun an toan chung cho cc h thng giao

dch trn mng thng phi tp trung vo
HTTP HyperText Transfer Protocol l giao thc thng s dng nht cho vic trao i thng tin trn Internet ,tuy nhin li la mt giao thc khng an toan, bi vi tt c thng tin c gi di dng vn bn trong mng ngang hng khng an ton. Mt pht trin ca HTTP l HTTPS, n l mt chun an ton cho HTTP , HTTPS cho phep chng thc client va server qua nhng chng thc gia client v server. HTTPS cung cp s an toan ti toan b goi d liu HTTP. Mc d HTTPS khng bao ph tt ca cac khia cnh trong chun an toan chung, nhng no cng a cung cp mt mc bo chng y u vi nh danh va chng thc , s toan vn thng ip, va tin cy. Tuy nhin, authentication, auditing, and non-repudiation cha c cung cp. Bn cnh o , HTTPS l mt giao thc nn khi thng ip i qua HTTP server th li khng an ton.

KT LUN
Ngy nay cng ngh web services a v ang c trin khai v ng dng trong rt nhiu lnh vc khc nhau bao gm c nhng lnh vc nhy cm , i hi tnh an ton cao nh ti chnh , ngn hng ,do o web service cn cung cp mt mc an toan h tr nhng cng vic nh th. s sng ws security v cc thnh phn ca n gip cho thng tin trao i trn web services tr nn an ton hn , tuy nhin vic chn c ch an ton cho web service phi i hi sao cho ngi dng khng cm thy qa phc tp to mt s g b o vic chn c ch an ton no trong ws security th ph thuc nhiu vo loi service v nhng tnh nng m servive ny cung cp Bn cnh o cn mt im cn quan tm o l s an toan khng ch phu thuc vao nhng gii thut, nhng tiu chun, va nhng c ch m ws security mang li , m n cn ty vo thi ca cc cng ty c hiu r tm quan trng ca an ton thng tin khi trin khai cc ng dng , giao dch trn mng hay khng cng rt cn thit.