dịch vụ web
TRANSCRIPT
-
8/6/2019 Dch v Web
1/34
Dch v Web (Web Service) c coi l mt cng ngh mang n cuc cch
mng trong cch thc hot ng ca cc dch v B2B (Business to Business)
v B2C (Business to Customer). Gi tr c bn ca dch v Web da trn
vic cung cp cc phng thc theo chun trong vic truy nhp i vi hthng ng gi v h thng k tha. Cc phn mm c vit bi nhng
ngn ng lp trnh khc nhau v chy trn nhng nn tng khc nhau c th
s dng dch v Web chuyn i d liu thng qua mng Internet theo
cch giao tip tng t bn trong mt my tnh. Tuy nhin, cng ngh xy
dng dch v Web khng nht thit phi l cc cng ngh mi, n c th kt
hp vi cc cng ngh c nh XML, SOAP, WSDL, UDDI Vi s
pht trin v ln mnh ca Internet, dch v Web tht s l mt cng ngh
ng c quan tm gim chi ph v phc tp trong tch hp v pht
trin h thng. Chng ta s xem xt cc dch v Web t mc khi nim n
cch thc xy dng.
1. Gii thiu cng ngh
Theo nh ngha ca W3C (World Wide Web Consortium), dch v Web l
mt h thng phn mm c thit k h tr kh nng tng tc gia cc
-
8/6/2019 Dch v Web
2/34
ng dng trn cc my tnh khc nhau thng qua mng Internet, giao din
chung v s gn kt ca n c m t bng XML. Dch v Web l ti
nguyn phn mm c th xc nh bng a ch URL, thc hin cc chc
nng v a ra cc thng tin ngi dng yu cu. Mt dch v Web c tonn bng cch ly cc chc nng v ng gi chng sao cho cc ng dng
khc d dng nhn thy v c th truy cp n nhng dch v m n thc
hin, ng thi c th yu cu thng tin t dch v Web khc. N bao gm
cc m un c lp cho hot ng ca khch hng v doanh nghip v bn
thn n c thc thi trn server.
Trc ht, c th ni rng ng dng c bn ca Dch v Web l tch hp cc
h thng v l mt trong nhng hot ng chnh khi pht trin h thng.
Trong h thng ny, cc ng dng cn c tch hp vi c s d liu
(CSDL) v cc ng dng khc, ngi s dng s giao tip vi CSDL tin
hnh phn tch v ly d liu. Trong thi gian gn y, vic pht trin mnh
m ca thng mi in t v B2B cng i hi cc h thng phi c kh
nng tch hp vi CSDL ca cc i tc kinh doanh (ngha l tng tc vih thng bn ngoi bn cnh tng tc vi cc thnh phn bn trong ca
h thng trong doanh nghip).
Di y, chng ta s xem qua nhng khi nim v cch thc c bn nht
xy dng mt dch v Web trong tch hp v pht trin h thng.
2. c im ca Dch v Web
a) c im
- Dch v Web cho php client v server tng tc c vi nhau ngay c
trong nhng mi trng khc nhau. V d, t Web server cho ng dng trn
-
8/6/2019 Dch v Web
3/34
mt my ch chy h iu hnh Linux trong khi ngi dng s dng my
tnh chy h iu hnh Windows, ng dng vn c th chy v x l bnh
thng m khng cn thm yu cu c bit tng thch gia hai h iu
hnh ny.- Phn ln k thut ca Dch v Web c xy dng da trn m ngun m
v c pht trin t cc chun c cng nhn, v d nh XML.
- Mt Dch v Web bao gm c nhiu m-un v c th cng b ln mng
Internet.
- L s kt hp ca vic pht trin theo hng tng thnh phn vi nhng
lnh vc c th v c s h tng Web, a ra nhng li ch cho c doanh
nghip, khch hng, nhng nh cung cp khc v c nhng c nhn thng
qua mng Internet.
- Mt ng dng khi c trin khai s hot ng theo m hnh client-server.
N c th c trin khai bi mt phn mm ng dng pha server v d nh
PHP, Oracle Application server hay Microsoft.Net
- Ngy nay dch v Web ang rt pht trin, nhng lnh vc trong cuc sng
c th p dng v tch hp dch v Web l kh rng ln nh dch v chn
lc v phn loi tin tc (h thng th vin c kt ni n web portal tm
kim cc thng tin cn thit); ng dng cho cc dch v du lch (cung cp
gi v, thng tin v a im), cc i l bn hng qua mng, thng tin
thng mi nh gi c, t gi hi oi, u gi qua mnghay dch v giao
dch trc tuyn (cho c B2B v B2C) nh t v my bay, thng tin thu
xe- Cc ng dng c tch hp dch v Web khng cn l xa l, c bit
trong iu kin thng mi in t ang bng n v pht trin khng ngng
cng vi s ln mnh ca Internet. Bt k mt lnh vc no trong cuc sng
cng c th tch hp vi dch v Web, y l cch thc kinh doanh v lm
-
8/6/2019 Dch v Web
4/34
vic c hiu qu bi thi i ngy nay l thi i ca truyn thng v trao
i thng tin qua mng. Do vy, vic pht trin v tch hp cc ng dng vi
dch v Web ang c quan tm pht trin l iu hon ton d hiu.
b) u v nhc im
u im:
+ Dch v Web cung cp kh nng hot ng rng ln vi cc ng dng
phn mm khc nhau chy trn nhng nn tng khc nhau.
+ S dng cc giao thc v chun m. Giao thc v nh dng d liu da
trn vn bn (text), gip cc lp trnh vin d dng hiu c.
+ Nng cao kh nng ti s dng.
+ Thc y u t cc h thng phn mm tn ti bng cch cho php cc
tin trnh/chc nng nghip v ng gi trong giao din dch v Web.
+ To mi quan h tng tc ln nhau v mm do gia cc thnh phn
trong h thng, d dng cho vic pht trin cc ng dng phn tn.
+ Thc y h thng tch hp, gim s phc tp ca h thng, h gi thnhhot ng, pht trin h thng nhanh v tng tc hiu qu vi h thng ca
cc doanh nghip khc.
Nhc im:
+ Nhng thit hi ln s xy ra vo khong thi gian cht ca Dch v Web,
giao din khng thay i, c th li nu mt my khch khng c nngcp, thiu cc giao thc cho vic vn hnh.
+ C qu nhiu chun cho dch v Web khin ngi dng kh nm bt.
+ Phi quan tm nhiu hn n vn an ton v bo mt.
-
8/6/2019 Dch v Web
5/34
3. Kin trc ca Dch v Web
Dch v Web gm c 3 chun chnh: SOAP (Simple Object Access
Protocol), WSDL (Web Service Description Language) v UDDI (Universal
Description, Discovery, and Integration). Hnh 1 m t chng giao thc ca
dch v Web, trong UDDI c s dng ng k v khm ph dch v
Web c miu t c th trong WSDL. Giao tc UDDI s dng SOAP
ni chuyn vi UDDI server, sau cc ng dng SOAP yu cu mt dch
v Web. Cc thng ip SOAP c gi i chnh xc bi HTTP v TCP/IP.
-
8/6/2019 Dch v Web
6/34
Hnh 1. Chng giao th c ca
dch v Web.
Chng giao thc dch v Web l tp hp cc giao thc mng my tnh c
s dng nh ngha, xc nh v tr, thi hnh v to nn dch v Web
tng tc vi nhng ng dng hay dch v khc. Chng giao thc ny c 4
thnh phn chnh:
- Dch v vn chuyn (Service Transport): c nhim v truyn thng ip
gia cc ng dng mng, bao gm nhng giao thc nh HTTP, SMTP, FTP,
-
8/6/2019 Dch v Web
7/34
JSM v gn y nht l giao thc thay i khi m rng (Blocks Extensible
Exchange Protocol- BEEP).
- Thng ip XML: c nhim v gii m cc thng ip theo nh dng
XML c th hiu c mc ng dng tng tc vi ngi dng. Hinti, nhng giao thc thc hin nhim v ny l XML-RPC, SOAP v REST.
- M t dch v: c s dng miu t cc giao din chung cho mt dch
v Web c th. WSDL thng c s dng cho mc ch ny, n l mt
ngn ng m t giao tip v thc thi da trn XML. Dch v Web s s
dng ngn ng ny truyn tham s v cc loi d liu cho cc thao tc v
chc nng m dch v Web cung cp.
- Khm ph dch v: tp trung dch v vo trong mt ni c ng k, t
gip mt dch v Web c th d dng khm ph ra nhng dch v no
c trn mng, tt hn trong vic tm kim nhng dch v khc tng tc.
Mt dch v Web cng phi tin hnh ng k cc dch v khc c th
truy cp v giao tip. Hin ti, UDDI API thng c s dng thc hin
cng vic ny.
-
8/6/2019 Dch v Web
8/34
Kin trc su hn c m t trong Hnh 2:
Trong , tng giao thc tng tc dch v (Service Communication
Protocol) vi cng ngh chun l SOAP. SOAP l giao thc nm gia tng
vn chuyn v tng m t thng tin v dch v, cho php ngi dng triu
gi mt dch v t xa thng qua mt thng ip XML. Ngoi ra, cc dch
v c tnh an ton, ton vn v bo mt thng tin, trong kin trc dch v
Web, chng ta c thm cc tng Policy, Security, Transaction, Management.
4. Cc thnh phn ca Dch v Web
a) XML eXtensible Markup Language
-
8/6/2019 Dch v Web
9/34
L mt chun m do W3C a ra cho cch thc m t d liu, n c s
dng nh ngha cc thnh phn d liu trn trang web v cho nhng ti
liu B2B. V hnh thc, XML hon ton c cu trc th ging nh ngn ng
HTML nhng HTML nh ngha thnh phn c hin th nh th no thXML li nh ngha nhng thnh phn cha ci g. Vi XML, cc th c
th c lp trnh vin t to ra trn mi trang web v c chn l nh
dng thng ip chun bi tnh ph bin v hiu qu m ngun m.
Do dch v Web l s kt hp ca nhiu thnh phn khc nhau nn n s
dng cc tnh nng v c trng ca cc thnh phn giao tip. XML l
cng c chnh gii quyt vn ny v l kin trc nn tng cho vic xy
dng mt dch v Web, tt c d liu s c chuyn sang nh dng th
XML. Khi , cc thng tin m ha s hon ton ph hp vi cc thng tin
theo chun ca SOAP hoc XML-RPC v c th tng tc vi nhau trong
mt th thng nht.
b)WSDL Web Service Description Language
WSDL nh ngha cch m t dch v Web theo c php tng qut ca
XML, bao gm cc thng tin:
- Tn dch v
- Giao thc v kiu m ha s c s dng khi gi cc hm ca dch v
Web
- Loi thng tin: thao tc, tham s, nhng kiu d liu (c th l giao din
ca dch v Web cng vi tn cho giao din ny).
Mt WSDL hp l gm hai phn: phn giao din (m t giao din v
phng thc kt ni) v phn thi hnh m t thng tin truy xut CSDL. C
-
8/6/2019 Dch v Web
10/34
hai phn ny s c lu trong 2 tp tin XML tng ng l tp tin giao din
dch v v tp tin thi hnh dch v. Giao din ca mt dch v Web c
miu t trong phn ny a ra cch thc lm th no giao tip qua dch v
Web. Tn, giao thc lin kt v nh dng thng ip yu cu tng tcvi dch v Web c a vo th mc ca WSDL.
WSDL thng c s dng kt hp vi XML schema v SOAP cung
cp dch v Web qua Internet. Mt client khi kt ni ti dch v Web c th
c WSDL xc nh nhng chc nng sn c trn server. Sau , client
c th s dng SOAP ly ra chc nng chnh xc c trong WSDL.
c) Universal Description, Discovery, and Integration (UDDI)
c th s dng cc dch v, trc tin client phi tm dch v, ghi nhn
thng tin v cch s dng v bit c i tng no cung cp dch v.
UDDI nh ngha mt s thnh phn cho bit cc thng tin ny, cho php
cc client truy tm v nhn nhng thng tin c yu cu khi s dng dch
v Web.
- Cu trc UDDI :
+ Trang trng White pages: cha thng tin lin h v cc nh dng chnh
yu ca dch v Web, chng hn tn giao dch, a ch, thng tin nhn
dng Nhng thng tin ny cho php cc i tng khc xc nh c
dch v.
+ Trang vng Yellow pages: cha thng tin m t dch v Web theo nhng
loi khc nhau. Nhng thng tin ny cho php cc i tng thy c dch
v Web theo tng loi vi n.
+ Trang xanh Green pages: cha thng tin k thut m t cc hnh vi v
-
8/6/2019 Dch v Web
11/34
cc chc nng ca dch v Web.
+ Loi dch v tModel: cha cc thng tin v loi dch v c s dng.
Nhng thng tin v dch v Web c s dng v cng b ln mng s
dng giao thc ny. N s kch hot cc ng dng tm kim thng tin ca
dch v Web khc nhm xc nh xem dch v no s cn n n.
d) SOAP Simple Object Access Protocol
Chng ta hiu c bn dch v Web nh th no nhng vn cn mt vn
kh quan trng. l lm th no truy xut dch v khi tm thy?
Cu tr li l cc dch v Web c th truy xut bng mt giao thc l Simple
Object Access Protocol SOAP. Ni cch khc chng ta c th truy xut
n UDDI registry bng cc lnh gi hon ton theo nh dng ca SOAP.
SOAP l mt giao thc giao tip c cu trc nh XML. N c xem l cu
trc xng sng ca cc ng dng phn tn c xy dng t nhiu ngn
ng v cc h iu hnh khc nhau. SOAP l giao thc thay i cc thng
ip da trn XML qua mng my tnh, thng thng s dng giao thc
HTTP.
Mt client s gi thng ip yu cu ti server v ngay lp tc server s gi
nhng thng ip tr li ti client. C SMTP v HTTP u l nhng giao
thc lp ng dng ca SOAP nhng HTTP c s dng v chp nhn
rng ri hn bi ngy nay n c th lm vic rt tt vi c s h tngInternet.
Cu trc mt thng ip theo dng SOAP
-
8/6/2019 Dch v Web
12/34
Thng ip theo nh dng SOAP l mt vn bn XML bnh thng bao
gm cc phn t sau:
- Phn t gc envelop: phn t bao trm ni dung thng ip, khai bo vn
bn XML nh l mt thng ip SOAP.
- Phn t u trang header: cha cc thng tin tiu cho trang, phn t
ny khng bt buc khai bo trong vn bn. Header cn c th mang nhng
d liu chng thc, nhng ch k s, thng tin m ha hay ci t cho cc
giao dch khc.
- Phn t khai bo ni dung chnh trong thng ip body, cha cc thng
tin yu cu v thng tin c phn hi.
- Phn t a ra cc thng tin v li -fault, cung cp thng tin li xy ra
trong qa trnh x l thng ip.
Mt SOAP n gin trong body s lu cc thng tin v tn thng ip, tham
chiu ti mt th hin ca dch v, mt hoc nhiu tham s. C 3 kiu thng
bo s c a ra khi truyn thng tin: request message(tham s gi thc
thi mt thng ip), respond message (cc tham s tr v, c s dng khi
yu cu c p ng) v cui cng l fault message (thng bo tnh trng
li).
Kiu truyn thng: C 2 kiu truyn thng
- Remote procedure call (RPC): cho php gi hm hoc th tc qua mng.
Kiu ny c khai thc bi nhiu dch v Web.
- Document: c bit n nh kiu hng thng ip, n cung cp giao
tip mc tru tng thp, kh hiu v yu cu lp trnh vin mt cng sc
hn.
-
8/6/2019 Dch v Web
13/34
Hai kiu truyn thng ny cung cp cc nh dng thng ip, tham s, li
gi n cc API khc nhau nn vic s dng chng ty thuc vo thi gian
v s ph hp vi dch v Web cn xy dng.
Cu trc d liu: Cung cp nhng nh dng v khi nim c bn ging nh
trong cc ngn ng lp trnh khc nh kiu d liu (int, string, date) hay
nhng kiu phc tp hn nh struct, array, vector nh ngha cu trc d
liu SOAP c t trong namespace SOAP-ENC.
M ha: Gi s service rquester v service provider c pht trin trong
Java, khi m ha SOAP l lm th no chuyn i t cu trc d liuJava sang SOAP XML v ngc li, bi v nh dng cho Web Service
chnh l XML. Bt k mt mi trng thc thi SOAP no cng phi c mt
bng cha thng tin nh x nhm chuyn i t ngn ng Java sang XML
v t XML sang Java bng c gi l SOAPMappingRegistry. Nu
mt kiu d liu c s dng di mt dng m ha th s c mt nh x
tn ti trong b ng k ca mi trng thc thi SOAP .
5. An ton cho dch v Web
Dch v Web lin kt v tng tc vi cc ng dng qua Internet, chnh v
vy bo mt l mt vn c quan tm khi cc cng ty tin ti kt hp
ng dng vi mt dch v Web. Vic m bo an ton cho dch v Web l
mt vn quan trng, c bit i vi nhng dch v lin quan n trao i
tin t, thng tin t th trng chng khon hay dch v bn hng qua mng
(lin quan n tr tin bng ti khon v c yu cu thng tin c nhn ca
ngi dng).
-
8/6/2019 Dch v Web
14/34
Trc khi c WS-Security (bo mt cho dch v Web) th ngha thng
thng ca an ton dch v Web l bo mt knh truyn d liu. Hin nay,
n c thc hin cho nhng SOAP/HTTP da trn c ch truyn thng
ip bng cch s dng giao thc HTTPS. Khng ch l an ton mctruyn thng ip, HTTPS cn cung cp s an ton ti ton b gi d liu
HTTP.
Mc d HTTPS khng bao gm tt c cc kha cnh trong chun an ton
chung cho dch v Web nhng n cung cp mt lp bo mt kh y
vi nh danh, chng thc, tnh ton vn thng ip hay tin cy.
- m bo an ton cho dch v Web:
Khi nim v WS-Security: y l mt chun an ton bao trm cho SOAP,
n c dng khi mun xy dng nhng dch v Web ton vn v tin cy.
Ton vn c ngha l khi c mt giao dch hay khi truyn thng tin, h thng
v thng tin s khng b chn, giao dch s khng b mt cng nh khng th
c ngi ly cp c d liu trn ng truyn. WS-security c thit kmang tnh m nhm hng ti nhng m hnh an ton khc bao gm PKI,
Kerberos v SSL. N cng a ra nhiu h tr cho cc c ch an ton khc,
nhiu khun dng ch k v cng ngh m ha, m bo s an ton, ton
vn thng ip v tnh tin cy ca thng ip. Tuy nhin, WS-security cng
cha th m bo c tt c yu cu v bo mt v an ton thng tin, n
ch l mt trong nhng lp ca gii php an ton cho dch v Web.
Tnh ton vn to ra mt ch k s ha XML da trn ni dung ca thng
ip. Nu d liu b thay i bt hp php, n s khng cn thch hp vi
ch k s ha XML . Ch k ny c to ra da trn kha m ngi gi
-
8/6/2019 Dch v Web
15/34
thng ip to ra, do ngi nhn ch nhn thng ip khi c ch k s
dng v ni dung ph hp. Ngc li s c mt thng bo li. Vic chng
thc c thc hin gia client v server l cch chng thc rt c bn (s
dng nh danh ngi dng v mt khu).
WS-security ch l mt trong nhng lp an ton v bo mt cho dch v
Web, v vy cn mt m hnh an ton chung ln hn c th bao qut c
cc kha cnh khc. Cc thnh phn c thm c th l WS-Secure
Conversation Describes,WS-Authentication Describes,WS-Policy Describes
hay WS-Trust Describes. Chng s thc hin vic m bo an ton hn cho
h thng khi trao i d liu, m v ng cc phin lm vic cng nh qun
l d liu cn chng thc v chnh sch chng thc.
6. Xy dng mt dch v Web
C 4 giai on chnh xy dng mt dch v Web l xy dng, trin khai,
tin hnh v qun l, trong :
- Giai on xy dng bao gm pht trin v chy th ng dng dch v Web,
xy dng cc chc nng v nh ngha dch v. C hai cch khc nhau
tin hnh trong giai on ny, l Red-path- solod v Blue-path-dashed.
Vi Red- path-solod, chng ta s xy dng mt dch v Web mi t trng
thi ban u hoc vi mt dch v c sn. T , xy dng nh ngha
service (WSDL) vi cc i tng, hm chc nng m chng ta mong
mun. Nu theo cch Blue-path-dashed, dch v Web s c xy dng t
u hoc t mt nh ngha dch v WSDL. S dng WSDL ny, xy dng
hoc sa i li m thc hin cc yu cu mong mun trong dch v
Web.
-
8/6/2019 Dch v Web
16/34
- Giai on trin khai: cng b nh ngha dch v, xy dng WSDL v trin
khai m thc thi ca dch v Web. Trin khai dch v Web ti mt ng dng
pha server, sau s cng b dch v Web trn mng Internet cc client
c th nhn thy. S dng UDDI registry cng b ln mng.
- Giai on tin hnh: tm kim v gi thc thi dch v Web bi nhng
ngi dng mun s dng dch v.
- Qun l: Qun l v qun tr dch v, duy tr s n nh ca dch v, cp
nht thng tin mi, sa li khi n xy ra
xy dng mt dch v Web, chng ta cn hiu c nhng vic phi lm
v nn bt u t u. C 3 cch tip cn ch yu xy dng nn mt dch
v Web, c th t mt ng dng c (bottom-up); t mt nh ngha dch
v, WSDL pht sinh mt ng dng mi (top-down) hoc c th t mt
nhm cc dch v Web hin c, kt hp li vi nhau to nn cc chc
nng mi hoc m rng thm chc nng. Nhng hng tip cn ny da
trn nhng g m chng ta c, ty thuc vo yu cu ca h thng, trong ti a vic s dng li cc chc nng, cc thnh phn, mun c
xy dng.
Qui trnh xy dng mt dch v Web bao gm cc bc sau:
1. nh ngha v xy dng cc chc nng, cc dch v m dch v s cung
cp (s dng ngn ng Java chng hn).2. To WSDL cho dch v
3. Xy dng SOAP server
4. ng k WSDL vi UDDI registry cho php cc client c th tm thy
v truy xut.
-
8/6/2019 Dch v Web
17/34
5. Client nhn file WSDL v t xy dng SOAP client c th kt ni
vi SOAP server
6. Xy dng ng dng pha client (chng hn s dng Java) v sau gi
thc hin dch v thng qua vic kt ni ti SOAP server.
La chn mt ngn ng, xy dng cc tin trnh nghip v v chng ta bt
u to nn mt dch v Web nh mun. Sau l cung cp dch v Web
ny trn Internet.
7. Tch hp dch v Web theo chun
c th thnh cng vi dch v Web chng ta phi quan tm n kh
nhiu vn , bao gm vic trin khai, gim st v tch hp h thng. Doanh
nghip khng nhng phi pht trin mt ng dng dch v Web mi m cn
phi tch hp cc ng dng nghip v ph tr ca h trong kin trc Dch v
Web. Cng vi vic trin khai v tch hp, nhng nh kinh doanh v nhng
ngi s dng k thut cng cn c kh nng gim st, trin khai ton din
m bo hot ng kinh doanh hiu qu v tin cy.
- Gim st (monitoring): Cn h tr c mc cng c v c s h tng
gim st cc dch v Web chy nh th no qua ton b mng, t mt chi
nhnh con ca mt cng ty trn mng ti cc chi nhnh khc trong cng ty
hay giao tip vi doanh nghip khc. Kt hp thng bo theo s kin vi cc
li trong lung nghip v cho nhng ngi dng khng c kinh nghim
gim st dch v Web v cc dch v k tha khc.
- Xc nh ng i d liu (Data routing): Vic thit lp ng i ca d
liu gia nhng thnh phn ca dch v Web hng ti ti a ha kh nng
s dng li. Nu coi mt thnh phn (component) l mt i tng th mi
-
8/6/2019 Dch v Web
18/34
th hin (instance) ca n s khng quan tm n cc th hin khc ca cng
thnh phn . Nhng th hin ca cng mt thnh phn c th d dng
c s dng li trong cc ng dng phn tn khc bi v chng hon ton
c lp v khng ph thuc ln nhau.
- Trin khai (Deployment): Trin khai cc dch v Web c kh nng nng
cp, iu khin v cu hnh cc thnh phn t xa thng qua mng phn tn.
- Qun l (Management): C th xy dng theo kin trc P2P (Peer-to-Peer).
Cc hot ng chnh nh thc thi cc thnh phn, nh tuyn d liu, x l
lung cng vic v chuyn i d liu c thc hin ti cc im cui camng. Server s tp trung gii quyt cc hot ng khc nh qun l, iu
khin s kin, chng thc bo mt v qun tr.
- Cu hnh v qun l phin bn (Configuration and version management):
S dng cc cng c linh hot qun l cc phin bn khc nhau ca dch
v Web, cho php cc phin bn c nng cp v iu khin t mt cng
c qun l tp trung. Kt hp gia ng dng v mng gip cc k s trinkhai c th iu khin cc thnh phn chy trn nn tng h thng phn cng
c th bn trong mng.
- Bo mt (Security): cc chun m nh HTTP, XML, SOAP, WSDL v
chun bo mt JSM c s dng rng ri khin chng tr thnh l tng
xy dng cc ng dng web. u tin, dch v Web s dng nhng cng
ngh ny ging nh firewall, SSL v cc chng nhn s. Dch v Web th
h sau ny s kt hp vi nhng cng ngh c kh nng bo mt cao hn,
ging nh m ha XML v chng nhn s XML.
-
8/6/2019 Dch v Web
19/34
Nh vy, vi mt dch v Web, vic giao tip v truyn nhn d liu tr nn
d dng v hiu qu hn, ng thi em li chi ph thp hn v tng cng
nhng kh nng giao tip thi gian thc, kt ni vi mi ngi trn khp th
gii. Bn cht ca nn tng cng ngh ny l kin trc hng dch v v spht trin ca dch v Web c tng lai rt kh quan.
AN TON WEB SERVICE
I.Tng quan
T nhng ngy u ca Internet, ngi ta quan tm n tnh an ton trong
trao i thng tin.Mc du, khng c s an ton tuyt i, nhng nhng pht
trin trong lnh vc ny th rt nhanh v mang li nhiu thnh qu v y l
vn cp bch ca nhiu doanh nghi p. Khng c mt mc an ton thch
hp, s khai thc thng mi ca Internet th khng hon ton an ton.Do
nhng gii thut kim chng, s m ha kha thng tin, v ch k s ha
c th l nhng gii php cung cp mt mc an ton.
Chnh v th s an ton ca web service trn mng cng khng th nm
ngoi vn ny , c th ni ngy nay ngoi vic nghin cu lm sao to
ra mt web services tt mang li nhiu li ch th vic nghin cu lm sao
mang li s an ton cho web services cng l mt trong nhng vn quan
trng nht. Tht kh tin tng s dng mt business service nh mua
chng khon hay chuyn tin trc tuyn m li khng c mt s an ton cn
thit.
-
8/6/2019 Dch v Web
20/34
Mt chun an ton chung cho cc h thng giao dch trn mng thng phi
tp trung vo nhng iu sau:
- Identification: nh danh c nhng ai truy cp ti nguyn h thng.
- Authentication: chng thc t cch truy cp ti nguyn ca ngi mun s
dng.
- Authorization: cho php giao dch khi xc nhn nh danh ngi truy
cp.
- Integrity: ton vn thng tin trn ng truyn.
- Confidentiality: an ton, khng ai c th c thng tin trn ng i.
- Auditing: kim tra, tt c cc giao dch u c lu li kim tra.
- Non-repudiation: mm do, cho php chng thc hp tnh hp php ha
ca thng tin n t mt pha th ba ngoi 2 pha l ngi gi v ngi
nhn.
Nhng yu cu trn gip cho h thng an ton hn , trnh c phn no
nhng truy cp khng hp l .
HTTP HyperText Transfer Protocol l giao thc thng s dng nht cho
vic trao i thng tin trn Internet ,tuy nhin li l mt giao thc khng an
ton, bi v tt c thng tin c gi di dng vn bn trong mng ngang
-
8/6/2019 Dch v Web
21/34
hng khng an ton. HTTP thuc v nhm ca nhng nghi thc, nh SMTP,
telnet, v FTP, c thit k trong giai on u ca Internet khi m vn
an ton cha c quan tm n nhiu. Mt pht trin ca HTTP l HTTPS,
n l mt chun an ton cho HTTP , HTTPS cho php chng thc client vserver qua nhng chng thc gia client v server.
Trc khi c web servives security ( WS-Security ) th ngha thng thng
ca an ton web service l bo mt knh truyn d liu . N c thc hin
cho nhng SOAP/HTTP da trn c ch truyn thng ip bng cch s
dng giao thc HTTPS. Khng ging s an ton mc thng ip, HTTPS
cung cp s an ton ti ton b gi d liu HTTP .Bi vy, chng ta khng
c mt ty chn no p dng s an ton c chn lc ch trn nhng thnh
phn ca mt thng ip.
Mc du HTTPS khng bao ph tt c cc kha cnh trong chun an ton
chung, nhng n cng cung cp mt mc bo chng y vi nh
danh v chng thc , s ton vn thng ip, v tin cy. Tuy nhin,
authentication, auditing, and non-repudiation cha c cung cp. Bn cnh
, HTTPS l mt giao thc nn khi thng ip i qua HTTP server th li
khng an ton.
II.An tan web services
Trc ht chng ta xem xt nhng nhn t ri ro nh hng n mc an
ton ca nhng ng dng da trn web service. Chng ta s s dng mt
kch bn rt tin ngn hng qua mng xem xt vn .
-
8/6/2019 Dch v Web
22/34
y l mt ng dng client/server n gin m t mt ngi rt tin (client)
kt ni ti trung tm d liu ca ngn hng s dng mt ng dng web
service thc hin yu cu ca mnh
Hnh 10 ng dng ngi rt tin ngn hng s dng Web service
Nu khng c s an ton no c p dng, th c ba nhn t mo him
chnh:
- Nhng giao dch khng hp php (Unauthorized transactions) : mt ngi
no khng c quyn nhng vn yu cu rt tin. Giao dch ny khng
hp php. Chng ta cm vn ny bng cch s dng c ch chng thc
ca WS - Security. Mt v d ca s chng thc bao gm phi c mt kt
hp user ID/password trong SOAP message.
- Nhng thng bo khng m ha (Readable messages in clear text-noencryption): s hiu ti khon v s d ti khon trong gi SOAP rt d b
c ln trn mng. Vic l thng tin ny l do thng tin ti khon v s d
c gi qua mng di nh dng vn bn. gii quyt vn ny, thng
tin ny phi c m ha mc knh chuyn thng ip hoc mc thng
http://i227.photobucket.com/albums/dd44/robinsonit1/ar-before.jpg -
8/6/2019 Dch v Web
23/34
ip ( WS - Security).
- Nhng thng ip b thay i hoc mt mt (SOAP message susceptible to
modification-no integrity): Trong qu trnh chuyn thng tin t ngi rttin n trung tm d liu, n c th b chn. V nhng thng tin ny c th
b thay i, v d nh s ti khon l 1234 th b thay i thnh s 9876.Vn
ny dn n thiu s ton vn.
Trong nhng kch bn trn, chng ta m t s an ton lin quan ti nhng
yu cu ca s chng thc, tnh b mt, v s ton vn thng tin. Chng ta s
bn lun v nhng vn ny chi tit trong chng ny v cung cp nhiu
ty chn v vic lm sao bo m trnh cc ri ro trn.
Trc khi c WS-Security, s an ton knh chuyn thng ip rt thng
c s dng. S an ton knh chuyn thng ip ch l n m ha ton
b thng ip, dn n s dng CPU cao hn. Tuy nhin vi WS-Security,
n cung cp nhng cch ti u ha nhng thao tc an ton, m yu cu t
thi gian s dng CPU hn.
-
8/6/2019 Dch v Web
24/34
Hnh 11 p dng cc c ch an ton cho web service
Da vo mc an ton cn thit m mt hoc nhiu hn nhng c ch an ton
ny c th c p dng cho mt ng dng.
1. nh ngha WS Security
WS-Security l mt chun an ton bao trm cho SOAP v c nhng phn
m rng ca SOAP, n c dng khi mun xy dng nhng web service
ton vn v tin cy. N c thit k mang tnh m nhm c th hng ti
nhng m hnh an ton khc bao gm PKI, Kerberos, v SSL. WS security
cung cp nhiu h tr cho nhiu c ch an ton khc nhau, nhiu khun
dng ch k, v nhiu cng ngh m ha . N m bo cho tnh an ton, s
ton vn thng ip, v tnh tin cy ca thng ip . Mc d vy, nhng c
http://i227.photobucket.com/albums/dd44/robinsonit1/ar-first.jpg -
8/6/2019 Dch v Web
25/34
ch ny cng cha th m bo tt c cc kha cnh ca mt gii php an
ton y trong v vn rt nhiu yu cu i hi an ton khc nhau ca
web service. Do , ws security ch l mt lp trong nhiu lp ca mt gii
php an ton web service .
Tnh ton vn an ton c a vo ng dng bo m rng khng ai c
th sa i thng ip trong khi n ang c chuyn.Thc cht tnh ton
vn l n to ra mt ch k s ha XML da vo ni dung ca thng ip.
Nu d liu thng ip b thay i bt hp php, n s khng cn thch hp
vi ch k s ha XML.Mt ch k c to ra da vo mt kha m ngi
gi thng ip to ra. Do ngi nhn ch nhn thng ip khi ch k s
dng v ni dung ph hp. Cn nu khng ph hp th mt thng bo li s
tr v ngi gi.
Trong 2 v d di y, chng ta thy mt SOAP message c v khng c
s chng thc. y thng tin chng thc trong SOAP message bao gm
username v password.
V d 1: SOAP message khng c bo mt
-
8/6/2019 Dch v Web
26/34
xmlns: xsi="http://www.w3.org/2001/XMLSchema-instance">
< soapenv:Body
soapenc:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
< getDayForecast xmlns="http://session.itso">
< theDate xmlns=""xsi:type="xsd:dateTime">2003-09-
05T07:00:00.000Z
< /getDayForecast>
< /soapenv:Body>
< /soapenv:Envelope>
V d 2: SOAP message c bo mt thng qua vic chng thc username
v password
-
8/6/2019 Dch v Web
27/34
-
8/6/2019 Dch v Web
28/34
< theDate xmlns=""xsi:type="xsd:dateTime">2005-09-
05T07:00:00.000Z
< /getDayForecast>
< /soapenv:Body>
< /soapenv:Envelope>
Quan st hai v d trn chng ta thy rng username/password ch l mt
trong nhng cch thc hin vic chng thc gia client v server. C ch
ny cng ch l mt chng thc c bn. Nhng hnh cch khc ca chng
thc l ch k s ha, ID, LTPA, v nhng kiu chng thc khc.
V d 3: SOAP message c bo v ton vn thng qua vic m ha
< wsse:Security
xmlns:wsse="http://schemas.xmlsoap.org/ws/2003/06/secext"
soapenv:mustUnderstand="1">
< Signature>
-
8/6/2019 Dch v Web
29/34
-
8/6/2019 Dch v Web
30/34
< /wsse:Security>
< /soapenv:Header>
Trong v d 3 trn s dng mt c ch chng thc an ton hn so vi cch
chng thc bng cch s dng username/password , trong ni dung cn
chng thc c m ha nhm trnh cho vic c c nhng ni dung
cn chng thc.
2.Chng thc trong mt ng dng
Ngi pht trin ng dng nn cung cp mt giao din ngi dng thn
thin gip ngi dng nh ngha chng thc d dng cho vic ng
dng web service.Trong mt ng dng c th, chng thc cn thc hin
nhng cng vic sau:
2.1 Pha client:
- Pha client cn cung cp mt du hiu an ton trong tp tin m t ca
client. V d nh l cung cp mt username v password. Du hiu an ton
ny c gi bn trong SOAP message ti server.
- Client cn ch r mt callback handler trong tp tin m t ca client. Mtcallback hander l mt tp tin lp trong ng dn ca client. Vai tr ca
callback handler s ly username v mt khu t b m t trin khai v chen
chng vo trong SOAP message.
-
8/6/2019 Dch v Web
31/34
2.2 Pha server
- cu hnh server an ton cn c mt du hiu an ton hp l. Nu khng
c du hiu an ton, yu cu s tht bi.
- Server cn ch r mt callback handler c du hiu an ton trong yu
cu v sau xc nhn n.
3. Nhng bc cn thit to s an ton thng tin trong mt ng dng
mt ng dng an ton v tin cy, client v server phi c tnh ton vn
thng tin. Cc bc cu hnh tnh ton vn trong mt ng dng c thc
hin qua cc bc sau :
3.1Pha client :
- Ch r nhng thnh phn ca message m phi c ch k hay mt du hiu
chng thc no . Nhng thnh phn trong message c th c ch k l
phn thn.
- Ch r mt kha trn h thng t p tin m s k ln message. Ch nhng
client c cp quyn mi c quyn s hu kha ny.
- Ch r nhng gii thut s c s dng bi kha k ln message.
- Nu mt client ch i mt s phn hi t server vi thng tin cng yu
cu phi ton vn, th client phi c cu hnh lm cho c hiu lc tnh
ton vn ca message phn hi.
3.2 Pha server
-
8/6/2019 Dch v Web
32/34
Cu hnh server an ton thng tin cn:
- Ch r nhng thnh phn ca message cn c k. Nu message nkhng c mt ch k hp l, th yu cu s tht bi.
- Ch r mt kha duyt ch k ca message n xem c hp l hay
khng.
- Ch r gii thut m kha s dng lm cho c hiu lc tnh ton vn ca
message gi n.
- Nu c message phn hi li th message cng phi c k, v cung
cp thng tin ch k trong message phn hi.
4.Nhng thnh phn m rng ca ws-security
Do ws security ch l mt lp trong nhiu lp ca mt gii php an ton web
service y , nn cn mt m hnh an ton chung ln hn c th bao
ph tt c cc kha cnh an ton khc nh ng k (logging) v khng t
chi (non-repudiation).
-
8/6/2019 Dch v Web
33/34
Hnh 12 M hnh an ton cho Web service
Hnh trn cho chng ta thy mt m hnh an ton web service , trong m
hnh ny bao hm nhng thnh phn khc nhau c th trin khai an ton
cho web service hiu qa v y .
Trong m hnh ny cc thnh phn quan trng bao gm:
- WS-SecureConversation Describes: cho php qun l v xc nhn message
trao i gia cc phn, bao gm s trao i ng cnh an ton , thit l p , dn
xut ra nhng session.
- WS-Authentication Describes: cho php qun l nhng d liu cn chng
thc v chnh sch chng thc.
- WS-Policy Describes: cho php qun l nhng rng buc ca nhng chnh
sch an ton cc im trung gian v u cui.
http://i227.photobucket.com/albums/dd44/robinsonit1/ar-last.jpg -
8/6/2019 Dch v Web
34/34
- WS-Trust Describes: khung cho php nhng web service an ton trao i ,
tng tc vi nhau.
III. Kt lun
Ngy nay cng ngh web services v ang c trin khai v ng dng
trong rt nhiu lnh vc khc nhau bao gm c nhng lnh vc nhy cm ,
i hi tnh an ton cao nh ti chnh , ngn hng ,do web service cn
cung cp mt mc an ton h tr nhng cng vic nh th . Bn cnh
mt c ca cng ngh web services mang li th vic m bo an ton , tin
cy , ton vn thng tin trao i trn web service cng l mt iu rt quan
trng trong qa trnh xy dng web services ,bng vic s sng ws security
v cc thnh phn ca n gip cho thng tin trao i trn web services tr
nn an ton hn , tuy nhin vic chn c ch an ton cho web service phi
i hi sao cho ngi dng khng cm thy qa phc tp to mt s g b ,
do vic chn c ch an ton no trong ws security th ph thuc nhiu
vo loi service v nhng tnh nng m servive ny cung cp , v d nh
service v giao dch ti chnh ngn hng phi c c ch an ton hiu qa hn
so vi service chn lc v phn loi tin tc hay service cho bit t gi trao
i gia cc loi ngoi t ,. Bn cnh cn mt im cn quan tm l
s an ton khng ch ph thuc vo nhng gii thut, nhng tiu chun, v
nhng c ch m ws security mang li , m n cn ty vo thi ca cccng ty c hiu r tm quan trng ca an ton thng tin khi trin khai cc
ng dng , giao dch trn mng hay khng cng rt cn thit.