【作者】 彭强兵；

【导师】 张超英；

【作者基本信息】 广西师范大学 ， 计算机软件与理论， 2006， 硕士

【摘要】 论文以为广西师范大学成人教育学院开发的成人高等教育管理信息系统(以下简称成教管理信息系统)为基础,结合Web Services技术,构建了基于Web Services的成教管理信息系统架构。真正实现了Web Services安全、事务在企业级架构中的应用,从而使Web Services真正从实验室走向市场。结合系统需求,提出了基于分类的访问控制:UCP(user,class,permission)访问控制模型,并实现了该模型在成教管理信息系统中的应用。论文首先总结了Web Services的最新技术发展,介绍软件开发方法的演变过程,包括SOA模型及其演化。接着以Web Services协议栈为框架,一层一层地介绍Web Services相关标准和规范,分析了Web Services协议栈发展过程。因为Web Services是一个不断发展的技术,论文分析了Web Services的发展现状,提出Web Services技术的挑战与展望。利用UML工具,论文总结了系统开发过程中的需求分析与设计。在基于Web Services成教管理信息系统需求分析的基础上,分析了传统的C/S结构在开发成教管理信息系统中的不足,并结合Web Services分布式技术,提出了面向服务体系架构的思想,构建了基于Web Services的成教管理信息系统的有效设计与实现方案。文章用两个章节介绍Web Services的高级应用:实现了系统中的Web Services安全和Web Services原子事务,真正实现了商业级Web Services的应用。在安全方面论文给出了系统的安全需求,介绍了Web Services安全路标、WS-I组织的基本安全概要和Web Services安全支持工具的相关知识,最后重点介绍了WS-Security在成教管理信息系统中的具体实现方案,包括:应用UserName,完整性和机密性。在事务方面主要提出成教管理信息系统原子事务的需求,给出具体的实现方案,并且分析了幕后的先行课设置原子事务流程。系统的另一个安全性需求是访问控制需求,成教管理信息系统在权限控制方面既有操作上的控制,又有时间和数据对象上的控制,传统的RBAC模型难以满足该要求。论文提出了基于分类的访问控制:UCP访问控制模型,并实现了该模型在系统中的应用。该模型比传统的RBAC模型增加一维,很好地解决了本系统访问控制的要求。论文中解决的关键问题:总结了Web Services技术的最新发展动态,构建了基于Web Services的成教管理信息系统的架构。基于面向服务体系架构的思想,采用面向对象技术和UML建模方法进行了整个系统的需求分析和设计。安全和事务是Web Services高级主题,但相关规范的支持还不及时。论文真正实现了把Web Services安全和Web Services原子事务应用到商业中去,从而实现企业级的Web Services更多还原

【Abstract】 Combined the technology of Web Services, the architecture of MIS for adult high education was constructed. WS-Security and WS-AT were used in business-level architecture, which made the Web Services go into the market from the laboratory. According to the demand of the MIS for adult high education, the concepts and techniques of class-based access control namely, UCP (user, class, permission) access control models were proposed in this thesis. Furthermore, the application of the model in the MIS was realized.The newest technologies about Web Services were summarized in the view of development in this thesis. The evolution of software development method including SOA model was described. Then, the bottom-up introduction of the Web Services standards and specifications were introduced, and the development of Web Services protocols stack was analyzed. The rapid evolution during the last few years has resulted in some challenges that were pointed out in the document.On the basis of the requirements analysis of MIS for adult high education based on Web Services, the disadvantage of system structure based on the traditional Client/ Server was analyzed. Combined the distributed technology of Web Services, the schemes of the design and realization of MIS for the Web Services were constructed, and the idea of SOA was proposed.Especially, this dissertation focuses on the high level application of Web Services, which are WS-Security and WS-Atomic Transaction. This thesis analyses the logic security requirement of the MIS, the message security includes WS-Security roadmap and WS-I Security Profile are introduced. Then this thesis presents an application of WS-Security in the MIS that includes Username, integrity and confidentiality. Also, after describing the WS-Atomic Transactions, This paper explores how it works in the MIS and analyzes the transaction flow behind the scenes.The other security requirement of the MIS was access control, besides the operation objects, there were time objects and data objects in the access control of the MIS for adult high education. For the traditional RBAC model, it’s difficult to satisfy the requirement brought forward above. So, UCP access control model was presented by this thesis. Compared to traditional RBAC model, UCP access control model added a dimension, which met the security requirement of the MIS.更多还原