Method for improving safety of Web service

A web service and security technology, applied in the field of network communication technology and network security, can solve problems such as malicious attacks by hackers on the server side, and achieve the effect of improving security, reducing possibility, and reducing the possibility of attack.

Inactive Publication Date: 2010-02-03
深圳市励拓软件有限公司
View PDF0 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0030] The technical problem to be solved by the present invention is to provide a method for improving the security of Web services, which overcomes the defect that the server of XML-based Web services in the prior art is vulnerable to malicious attacks by hackers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for improving safety of Web service
  • Method for improving safety of Web service

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] Below according to accompanying drawing and embodiment the present invention will be described in further detail:

[0049] Such as figure 2 As shown, the steps in which the Web service client of the present invention initiates a request to the server are as follows:

[0050] 1) The client initiates a session ID request to the server, and the format of the sent request packet is as follows:

[0051]

[0052]

[0053]

[0054]

[0055] user

[0056]

[0057] 9ba29aa50c786fa395a3afb981

[0058]

[0059] 20090101225501

[0060]

[0061]

[0062] The loginpass in the request packet is a password MD5 string generated by using the user password plaintext + timestamp (timestamp) using the MD5 encryption algorithm, and the client uses the generated data packet to send a request to the server;

[0063] 2) The server judges whether the user name and password are correct, the user information is invalid, and returns a failure message ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for improving the safety of Web service, which comprises the following steps: generating a request data packet comprising a first message digest generated by encrypting a user password by using a hash algorithm at a client side, and sending the data packet into a server side; using the hash algorithm to encrypt the stored user password by the service side, and generating a second message digest; comparing the first message digest with the second message digest by the server side, generating and storing a session identifier if the first message digest and the second message digest are same, using a symmetric encryption algorithm to encrypt the session identifier by taking the stored user password as a secret key, and sending the session identifier to the client side; using the symmetric encryption algorithm to decrypt the session identifier by taking the user password as the secret key by the client side to obtain a plaintext of the session identifier, and using the plaintext of the session identifier to send a session request to the server side; firstly judging whether the session identifier which is same as the session identifier in the session request exists or not in a memory by the service side, processing the session request and eliminating the session identifier if so, and returning a processing result.

Description

technical field [0001] The invention relates to the field of network communication technology and network security technology, in particular to a method for improving the security of Web services. Background technique [0002] Web service is a cross-platform, cross-language Internet information transmission technology, and different development technologies can be used to realize the development of Web services. The data transmitted in the Web service exists in the XML format, and most applications use the SOAP (Simple Object Access Protocol, Simple Object Access protocol) protocol packet as a binding on the HTTP protocol to call the Web service. HTTP is a protocol used by web browsers. As long as you can use a web browser to browse the web, no matter whether the invoked web service is in a local area network or on the other side of the earth, there will be no problems in calling due to firewalls. Today, with the prevalence of the Internet, Web services have also become pop...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L9/30
Inventor 刘国炯张代军
Owner 深圳市励拓软件有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap