Ȩ > Ç¥ÁØÈ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ
Ç¥ÁعøÈ£ | TTAE.OT-10.0109 | ±¸Ç¥ÁعøÈ£ | |
---|---|---|---|
Á¦°³Á¤ÀÏ | 2007-12-26 | ÃÑÆäÀÌÁö | 50 |
ÇѱÛÇ¥Áظí | À¥¼ºñ½º ¾ÈÀüÇÑ ´ëÈ v1.3 | ||
¿µ¹®Ç¥Áظí | WS-SecureConversation 1.3 | ||
Çѱ۳»¿ë¿ä¾à | WS-Security¿¡¼ Á¤ÀÇµÈ ¸ÞÄ¿´ÏÁòÀº ´Ù¼öÀÇ ¸Þ½ÃÁö ±³È¯À» À§ÇØ Á¤ÀÇµÈ ¾ÈÀüÇÑ ¸Þ½Ã
¡ ¹æ¹ýÀ» Á¦°øÇÑ´Ù. WS-SecureConversationÀº ¾ÈÀüÇÑ ÄÁÅýºÆ®ÀÇ È®¸³°ú °øÀ¯, ¼¼¼ÇÅ° À¯µµ ¹æ½Ä¿¡ ´ëÇÑ È®ÀåÀ» Á¦°øÇÑ´Ù. ÀÌ°ÍÀº ¾ÈÀüÇÑ ÄÁÅýºÆ®¸¦ ¼³Á¤ÇÏ°í, º¸´Ù È¿°úÀûÀÎ Å°¿Í ±³È¯µÇ´Â Å°°ü·Ã ³»¿ëÀ» Çã¿ëÇϸç, ÀüüÀûÀÎ ¼º´É°ú °è¼ÓµÇ´Â ±³È¯¿¡¼ÀÇ ¾ÈÀü¼ºÀ» ³ôÀδÙ. WS-Security Ç¥ÁØÀº ¸Þ½ÃÁö ÀÎÁõ ¸ðµ¨¿¡ ÁßÁ¡À» µÎ±â ¶§¹®¿¡, WSSecureConversationÀº ¸¹Àº °æ¿ì¿¡ À¯¿ëÇÏÁö¸¸, Ưº°È÷ ¾î¶² ÇüÅÂÀÇ °ø°Ý¿¡ ´ëºñÇϱ⠿¡ À¯¿ëÇÏ´Ù. µû¶ó¼, º» Ç¥ÁØÀº ¾ÈÀüÇÑ ÄÁÅýºÆ®¿Í ±×ÀÇ »ç¿ë¿¡ ´ëÇØ ¼Ò°³Çϸç, ÄÁÅýºÆ® ÀÎÁõ¸ðµ¨À» ÅëÇØ ´Ù¼öÀÇ ¸Þ½ÃÁö¸¦ ÀÎÁõÇÏ´Â ±â¹ýÀ» Á¦½ÃÇÑ´Ù. ÇÏÁö¸¸, ¸¸¾à ÀÎÁõÀÌ Á¤»ó ÀûÀÎ ¾ÖÇø®ÄÉÀÌ¼Ç ¸Þ½ÃÁö ±³È¯ Àü¿¡ ÁøÇàµÇ¾î¾ß ÇÑ´Ù¸é ºÎ°¡ÀûÀÎ µ¥ÀÌÅÍ ¼Û½ÅÀ» ¿ä±¸ÇÑ ´Ù. |
||
¿µ¹®³»¿ë¿ä¾à | The mechanisms defined in [WS-Security] provide the basic mechanisms on top of
which secure messaging semantics can be defined for multiple message exchanges. WS-SecureConversation defines extensions to allow security context establishment and sharing, and session key derivation. This allows contexts to be established and potentially more efficient keys or new key material to be exchanged, thereby increasing the overall performance and security of the subsequent exchanges. The [WS-Security] specification focuses on the message authentication model. This approach, while useful in many situations, is subject to several forms of attack. Accordingly, this specification introduces a security context and its usage. The context authentication model authenticates a series of messages thereby addressing these shortcomings, but requires additional communications if authentication happens prior to normal application exchanges. The security context is defined as a new [WSSecurity] token type that is obtained using a binding of [WS-Trust]. |
||
±¹Á¦Ç¥ÁØ | |||
°ü·ÃÆÄÀÏ | TTAE.OT-10.0109_ed15.pdf |