8/6/2019 Dch v Web

1/34

Dch v Web (Web Service) c coi l mt cng ngh mang n cuc cch

mng trong cch thc hot ng ca cc dch v B2B (Business to Business)

v B2C (Business to Customer). Gi tr c bn ca dch v Web da trn

vic cung cp cc phng thc theo chun trong vic truy nhp i vi hthng ng gi v h thng k tha. Cc phn mm c vit bi nhng

ngn ng lp trnh khc nhau v chy trn nhng nn tng khc nhau c th

s dng dch v Web chuyn i d liu thng qua mng Internet theo

cch giao tip tng t bn trong mt my tnh. Tuy nhin, cng ngh xy

dng dch v Web khng nht thit phi l cc cng ngh mi, n c th kt

hp vi cc cng ngh c nh XML, SOAP, WSDL, UDDI Vi s

pht trin v ln mnh ca Internet, dch v Web tht s l mt cng ngh

ng c quan tm gim chi ph v phc tp trong tch hp v pht

trin h thng. Chng ta s xem xt cc dch v Web t mc khi nim n

cch thc xy dng.

1. Gii thiu cng ngh

Theo nh ngha ca W3C (World Wide Web Consortium), dch v Web l

mt h thng phn mm c thit k h tr kh nng tng tc gia cc

8/6/2019 Dch v Web

2/34

ng dng trn cc my tnh khc nhau thng qua mng Internet, giao din

chung v s gn kt ca n c m t bng XML. Dch v Web l ti

nguyn phn mm c th xc nh bng a ch URL, thc hin cc chc

nng v a ra cc thng tin ngi dng yu cu. Mt dch v Web c tonn bng cch ly cc chc nng v ng gi chng sao cho cc ng dng

khc d dng nhn thy v c th truy cp n nhng dch v m n thc

hin, ng thi c th yu cu thng tin t dch v Web khc. N bao gm

cc m un c lp cho hot ng ca khch hng v doanh nghip v bn

thn n c thc thi trn server.

Trc ht, c th ni rng ng dng c bn ca Dch v Web l tch hp cc

h thng v l mt trong nhng hot ng chnh khi pht trin h thng.

Trong h thng ny, cc ng dng cn c tch hp vi c s d liu

(CSDL) v cc ng dng khc, ngi s dng s giao tip vi CSDL tin

hnh phn tch v ly d liu. Trong thi gian gn y, vic pht trin mnh

m ca thng mi in t v B2B cng i hi cc h thng phi c kh

nng tch hp vi CSDL ca cc i tc kinh doanh (ngha l tng tc vih thng bn ngoi bn cnh tng tc vi cc thnh phn bn trong ca

h thng trong doanh nghip).

Di y, chng ta s xem qua nhng khi nim v cch thc c bn nht

xy dng mt dch v Web trong tch hp v pht trin h thng.

2. c im ca Dch v Web

a) c im

- Dch v Web cho php client v server tng tc c vi nhau ngay c

trong nhng mi trng khc nhau. V d, t Web server cho ng dng trn

8/6/2019 Dch v Web

3/34

mt my ch chy h iu hnh Linux trong khi ngi dng s dng my

tnh chy h iu hnh Windows, ng dng vn c th chy v x l bnh

thng m khng cn thm yu cu c bit tng thch gia hai h iu

hnh ny.- Phn ln k thut ca Dch v Web c xy dng da trn m ngun m

v c pht trin t cc chun c cng nhn, v d nh XML.

- Mt Dch v Web bao gm c nhiu m-un v c th cng b ln mng

Internet.

- L s kt hp ca vic pht trin theo hng tng thnh phn vi nhng

lnh vc c th v c s h tng Web, a ra nhng li ch cho c doanh

nghip, khch hng, nhng nh cung cp khc v c nhng c nhn thng

qua mng Internet.

- Mt ng dng khi c trin khai s hot ng theo m hnh client-server.

N c th c trin khai bi mt phn mm ng dng pha server v d nh

PHP, Oracle Application server hay Microsoft.Net

- Ngy nay dch v Web ang rt pht trin, nhng lnh vc trong cuc sng

c th p dng v tch hp dch v Web l kh rng ln nh dch v chn

lc v phn loi tin tc (h thng th vin c kt ni n web portal tm

kim cc thng tin cn thit); ng dng cho cc dch v du lch (cung cp

gi v, thng tin v a im), cc i l bn hng qua mng, thng tin

thng mi nh gi c, t gi hi oi, u gi qua mnghay dch v giao

dch trc tuyn (cho c B2B v B2C) nh t v my bay, thng tin thu

xe- Cc ng dng c tch hp dch v Web khng cn l xa l, c bit

trong iu kin thng mi in t ang bng n v pht trin khng ngng

cng vi s ln mnh ca Internet. Bt k mt lnh vc no trong cuc sng

cng c th tch hp vi dch v Web, y l cch thc kinh doanh v lm

8/6/2019 Dch v Web

4/34

vic c hiu qu bi thi i ngy nay l thi i ca truyn thng v trao

i thng tin qua mng. Do vy, vic pht trin v tch hp cc ng dng vi

dch v Web ang c quan tm pht trin l iu hon ton d hiu.

b) u v nhc im

u im:

+ Dch v Web cung cp kh nng hot ng rng ln vi cc ng dng

phn mm khc nhau chy trn nhng nn tng khc nhau.

+ S dng cc giao thc v chun m. Giao thc v nh dng d liu da

trn vn bn (text), gip cc lp trnh vin d dng hiu c.

+ Nng cao kh nng ti s dng.

+ Thc y u t cc h thng phn mm tn ti bng cch cho php cc

tin trnh/chc nng nghip v ng gi trong giao din dch v Web.

+ To mi quan h tng tc ln nhau v mm do gia cc thnh phn

trong h thng, d dng cho vic pht trin cc ng dng phn tn.

+ Thc y h thng tch hp, gim s phc tp ca h thng, h gi thnhhot ng, pht trin h thng nhanh v tng tc hiu qu vi h thng ca

cc doanh nghip khc.

Nhc im:

+ Nhng thit hi ln s xy ra vo khong thi gian cht ca Dch v Web,

giao din khng thay i, c th li nu mt my khch khng c nngcp, thiu cc giao thc cho vic vn hnh.

+ C qu nhiu chun cho dch v Web khin ngi dng kh nm bt.

+ Phi quan tm nhiu hn n vn an ton v bo mt.

8/6/2019 Dch v Web

5/34

3. Kin trc ca Dch v Web

Dch v Web gm c 3 chun chnh: SOAP (Simple Object Access

Protocol), WSDL (Web Service Description Language) v UDDI (Universal

Description, Discovery, and Integration). Hnh 1 m t chng giao thc ca

dch v Web, trong UDDI c s dng ng k v khm ph dch v

Web c miu t c th trong WSDL. Giao tc UDDI s dng SOAP

ni chuyn vi UDDI server, sau cc ng dng SOAP yu cu mt dch

v Web. Cc thng ip SOAP c gi i chnh xc bi HTTP v TCP/IP.

8/6/2019 Dch v Web

6/34

Hnh 1. Chng giao th c ca

dch v Web.

Chng giao thc dch v Web l tp hp cc giao thc mng my tnh c

s dng nh ngha, xc nh v tr, thi hnh v to nn dch v Web

tng tc vi nhng ng dng hay dch v khc. Chng giao thc ny c 4

thnh phn chnh:

- Dch v vn chuyn (Service Transport): c nhim v truyn thng ip

gia cc ng dng mng, bao gm nhng giao thc nh HTTP, SMTP, FTP,

8/6/2019 Dch v Web

7/34

JSM v gn y nht l giao thc thay i khi m rng (Blocks Extensible

Exchange Protocol- BEEP).

- Thng ip XML: c nhim v gii m cc thng ip theo nh dng

XML c th hiu c mc ng dng tng tc vi ngi dng. Hinti, nhng giao thc thc hin nhim v ny l XML-RPC, SOAP v REST.

- M t dch v: c s dng miu t cc giao din chung cho mt dch

v Web c th. WSDL thng c s dng cho mc ch ny, n l mt

ngn ng m t giao tip v thc thi da trn XML. Dch v Web s s

dng ngn ng ny truyn tham s v cc loi d liu cho cc thao tc v

chc nng m dch v Web cung cp.

- Khm ph dch v: tp trung dch v vo trong mt ni c ng k, t

gip mt dch v Web c th d dng khm ph ra nhng dch v no

c trn mng, tt hn trong vic tm kim nhng dch v khc tng tc.

Mt dch v Web cng phi tin hnh ng k cc dch v khc c th

truy cp v giao tip. Hin ti, UDDI API thng c s dng thc hin

cng vic ny.

8/6/2019 Dch v Web

8/34

Kin trc su hn c m t trong Hnh 2:

Trong , tng giao thc tng tc dch v (Service Communication

Protocol) vi cng ngh chun l SOAP. SOAP l giao thc nm gia tng

vn chuyn v tng m t thng tin v dch v, cho php ngi dng triu

gi mt dch v t xa thng qua mt thng ip XML. Ngoi ra, cc dch

v c tnh an ton, ton vn v bo mt thng tin, trong kin trc dch v

Web, chng ta c thm cc tng Policy, Security, Transaction, Management.

4. Cc thnh phn ca Dch v Web

a) XML eXtensible Markup Language

8/6/2019 Dch v Web

9/34

L mt chun m do W3C a ra cho cch thc m t d liu, n c s

dng nh ngha cc thnh phn d liu trn trang web v cho nhng ti

liu B2B. V hnh thc, XML hon ton c cu trc th ging nh ngn ng

HTML nhng HTML nh ngha thnh phn c hin th nh th no thXML li nh ngha nhng thnh phn cha ci g. Vi XML, cc th c

th c lp trnh vin t to ra trn mi trang web v c chn l nh

dng thng ip chun bi tnh ph bin v hiu qu m ngun m.

Do dch v Web l s kt hp ca nhiu thnh phn khc nhau nn n s

dng cc tnh nng v c trng ca cc thnh phn giao tip. XML l

cng c chnh gii quyt vn ny v l kin trc nn tng cho vic xy

dng mt dch v Web, tt c d liu s c chuyn sang nh dng th

XML. Khi , cc thng tin m ha s hon ton ph hp vi cc thng tin

theo chun ca SOAP hoc XML-RPC v c th tng tc vi nhau trong

mt th thng nht.

b)WSDL Web Service Description Language

WSDL nh ngha cch m t dch v Web theo c php tng qut ca

XML, bao gm cc thng tin:

- Tn dch v

- Giao thc v kiu m ha s c s dng khi gi cc hm ca dch v

Web

- Loi thng tin: thao tc, tham s, nhng kiu d liu (c th l giao din

ca dch v Web cng vi tn cho giao din ny).

Mt WSDL hp l gm hai phn: phn giao din (m t giao din v

phng thc kt ni) v phn thi hnh m t thng tin truy xut CSDL. C

8/6/2019 Dch v Web

10/34

hai phn ny s c lu trong 2 tp tin XML tng ng l tp tin giao din

dch v v tp tin thi hnh dch v. Giao din ca mt dch v Web c

miu t trong phn ny a ra cch thc lm th no giao tip qua dch v

Web. Tn, giao thc lin kt v nh dng thng ip yu cu tng tcvi dch v Web c a vo th mc ca WSDL.

WSDL thng c s dng kt hp vi XML schema v SOAP cung

cp dch v Web qua Internet. Mt client khi kt ni ti dch v Web c th

c WSDL xc nh nhng chc nng sn c trn server. Sau , client

c th s dng SOAP ly ra chc nng chnh xc c trong WSDL.

c) Universal Description, Discovery, and Integration (UDDI)

c th s dng cc dch v, trc tin client phi tm dch v, ghi nhn

thng tin v cch s dng v bit c i tng no cung cp dch v.

UDDI nh ngha mt s thnh phn cho bit cc thng tin ny, cho php

cc client truy tm v nhn nhng thng tin c yu cu khi s dng dch

v Web.

- Cu trc UDDI :

+ Trang trng White pages: cha thng tin lin h v cc nh dng chnh

yu ca dch v Web, chng hn tn giao dch, a ch, thng tin nhn

dng Nhng thng tin ny cho php cc i tng khc xc nh c

dch v.

+ Trang vng Yellow pages: cha thng tin m t dch v Web theo nhng

loi khc nhau. Nhng thng tin ny cho php cc i tng thy c dch

v Web theo tng loi vi n.

+ Trang xanh Green pages: cha thng tin k thut m t cc hnh vi v

8/6/2019 Dch v Web

11/34

cc chc nng ca dch v Web.

+ Loi dch v tModel: cha cc thng tin v loi dch v c s dng.

Nhng thng tin v dch v Web c s dng v cng b ln mng s

dng giao thc ny. N s kch hot cc ng dng tm kim thng tin ca

dch v Web khc nhm xc nh xem dch v no s cn n n.

d) SOAP Simple Object Access Protocol

Chng ta hiu c bn dch v Web nh th no nhng vn cn mt vn

kh quan trng. l lm th no truy xut dch v khi tm thy?

Cu tr li l cc dch v Web c th truy xut bng mt giao thc l Simple

Object Access Protocol SOAP. Ni cch khc chng ta c th truy xut

n UDDI registry bng cc lnh gi hon ton theo nh dng ca SOAP.

SOAP l mt giao thc giao tip c cu trc nh XML. N c xem l cu

trc xng sng ca cc ng dng phn tn c xy dng t nhiu ngn

ng v cc h iu hnh khc nhau. SOAP l giao thc thay i cc thng

ip da trn XML qua mng my tnh, thng thng s dng giao thc

HTTP.

Mt client s gi thng ip yu cu ti server v ngay lp tc server s gi

nhng thng ip tr li ti client. C SMTP v HTTP u l nhng giao

thc lp ng dng ca SOAP nhng HTTP c s dng v chp nhn

rng ri hn bi ngy nay n c th lm vic rt tt vi c s h tngInternet.

Cu trc mt thng ip theo dng SOAP

8/6/2019 Dch v Web

12/34

Thng ip theo nh dng SOAP l mt vn bn XML bnh thng bao

gm cc phn t sau:

- Phn t gc envelop: phn t bao trm ni dung thng ip, khai bo vn

bn XML nh l mt thng ip SOAP.

- Phn t u trang header: cha cc thng tin tiu cho trang, phn t

ny khng bt buc khai bo trong vn bn. Header cn c th mang nhng

d liu chng thc, nhng ch k s, thng tin m ha hay ci t cho cc

giao dch khc.

- Phn t khai bo ni dung chnh trong thng ip body, cha cc thng

tin yu cu v thng tin c phn hi.

- Phn t a ra cc thng tin v li -fault, cung cp thng tin li xy ra

trong qa trnh x l thng ip.

Mt SOAP n gin trong body s lu cc thng tin v tn thng ip, tham

chiu ti mt th hin ca dch v, mt hoc nhiu tham s. C 3 kiu thng

bo s c a ra khi truyn thng tin: request message(tham s gi thc

thi mt thng ip), respond message (cc tham s tr v, c s dng khi

yu cu c p ng) v cui cng l fault message (thng bo tnh trng

li).

Kiu truyn thng: C 2 kiu truyn thng

- Remote procedure call (RPC): cho php gi hm hoc th tc qua mng.

Kiu ny c khai thc bi nhiu dch v Web.

- Document: c bit n nh kiu hng thng ip, n cung cp giao

tip mc tru tng thp, kh hiu v yu cu lp trnh vin mt cng sc

hn.

8/6/2019 Dch v Web

13/34

Hai kiu truyn thng ny cung cp cc nh dng thng ip, tham s, li

gi n cc API khc nhau nn vic s dng chng ty thuc vo thi gian

v s ph hp vi dch v Web cn xy dng.

Cu trc d liu: Cung cp nhng nh dng v khi nim c bn ging nh

trong cc ngn ng lp trnh khc nh kiu d liu (int, string, date) hay

nhng kiu phc tp hn nh struct, array, vector nh ngha cu trc d

liu SOAP c t trong namespace SOAP-ENC.

M ha: Gi s service rquester v service provider c pht trin trong

Java, khi m ha SOAP l lm th no chuyn i t cu trc d liuJava sang SOAP XML v ngc li, bi v nh dng cho Web Service

chnh l XML. Bt k mt mi trng thc thi SOAP no cng phi c mt

bng cha thng tin nh x nhm chuyn i t ngn ng Java sang XML

v t XML sang Java bng c gi l SOAPMappingRegistry. Nu

mt kiu d liu c s dng di mt dng m ha th s c mt nh x

tn ti trong b ng k ca mi trng thc thi SOAP .

5. An ton cho dch v Web

Dch v Web lin kt v tng tc vi cc ng dng qua Internet, chnh v

vy bo mt l mt vn c quan tm khi cc cng ty tin ti kt hp

ng dng vi mt dch v Web. Vic m bo an ton cho dch v Web l

mt vn quan trng, c bit i vi nhng dch v lin quan n trao i

tin t, thng tin t th trng chng khon hay dch v bn hng qua mng

(lin quan n tr tin bng ti khon v c yu cu thng tin c nhn ca

ngi dng).

8/6/2019 Dch v Web

14/34

Trc khi c WS-Security (bo mt cho dch v Web) th ngha thng

thng ca an ton dch v Web l bo mt knh truyn d liu. Hin nay,

n c thc hin cho nhng SOAP/HTTP da trn c ch truyn thng

ip bng cch s dng giao thc HTTPS. Khng ch l an ton mctruyn thng ip, HTTPS cn cung cp s an ton ti ton b gi d liu

HTTP.

Mc d HTTPS khng bao gm tt c cc kha cnh trong chun an ton

chung cho dch v Web nhng n cung cp mt lp bo mt kh y

vi nh danh, chng thc, tnh ton vn thng ip hay tin cy.

- m bo an ton cho dch v Web:

Khi nim v WS-Security: y l mt chun an ton bao trm cho SOAP,

n c dng khi mun xy dng nhng dch v Web ton vn v tin cy.

Ton vn c ngha l khi c mt giao dch hay khi truyn thng tin, h thng

v thng tin s khng b chn, giao dch s khng b mt cng nh khng th

c ngi ly cp c d liu trn ng truyn. WS-security c thit kmang tnh m nhm hng ti nhng m hnh an ton khc bao gm PKI,

Kerberos v SSL. N cng a ra nhiu h tr cho cc c ch an ton khc,

nhiu khun dng ch k v cng ngh m ha, m bo s an ton, ton

vn thng ip v tnh tin cy ca thng ip. Tuy nhin, WS-security cng

cha th m bo c tt c yu cu v bo mt v an ton thng tin, n

ch l mt trong nhng lp ca gii php an ton cho dch v Web.

Tnh ton vn to ra mt ch k s ha XML da trn ni dung ca thng

ip. Nu d liu b thay i bt hp php, n s khng cn thch hp vi

ch k s ha XML . Ch k ny c to ra da trn kha m ngi gi

8/6/2019 Dch v Web

15/34

thng ip to ra, do ngi nhn ch nhn thng ip khi c ch k s

dng v ni dung ph hp. Ngc li s c mt thng bo li. Vic chng

thc c thc hin gia client v server l cch chng thc rt c bn (s

dng nh danh ngi dng v mt khu).

WS-security ch l mt trong nhng lp an ton v bo mt cho dch v

Web, v vy cn mt m hnh an ton chung ln hn c th bao qut c

cc kha cnh khc. Cc thnh phn c thm c th l WS-Secure

Conversation Describes,WS-Authentication Describes,WS-Policy Describes

hay WS-Trust Describes. Chng s thc hin vic m bo an ton hn cho

h thng khi trao i d liu, m v ng cc phin lm vic cng nh qun

l d liu cn chng thc v chnh sch chng thc.

6. Xy dng mt dch v Web

C 4 giai on chnh xy dng mt dch v Web l xy dng, trin khai,

tin hnh v qun l, trong :

- Giai on xy dng bao gm pht trin v chy th ng dng dch v Web,

xy dng cc chc nng v nh ngha dch v. C hai cch khc nhau

tin hnh trong giai on ny, l Red-path- solod v Blue-path-dashed.

Vi Red- path-solod, chng ta s xy dng mt dch v Web mi t trng

thi ban u hoc vi mt dch v c sn. T , xy dng nh ngha

service (WSDL) vi cc i tng, hm chc nng m chng ta mong

mun. Nu theo cch Blue-path-dashed, dch v Web s c xy dng t

u hoc t mt nh ngha dch v WSDL. S dng WSDL ny, xy dng

hoc sa i li m thc hin cc yu cu mong mun trong dch v

Web.

8/6/2019 Dch v Web

16/34

- Giai on trin khai: cng b nh ngha dch v, xy dng WSDL v trin

khai m thc thi ca dch v Web. Trin khai dch v Web ti mt ng dng

pha server, sau s cng b dch v Web trn mng Internet cc client

c th nhn thy. S dng UDDI registry cng b ln mng.

- Giai on tin hnh: tm kim v gi thc thi dch v Web bi nhng

ngi dng mun s dng dch v.

- Qun l: Qun l v qun tr dch v, duy tr s n nh ca dch v, cp

nht thng tin mi, sa li khi n xy ra

xy dng mt dch v Web, chng ta cn hiu c nhng vic phi lm

v nn bt u t u. C 3 cch tip cn ch yu xy dng nn mt dch

v Web, c th t mt ng dng c (bottom-up); t mt nh ngha dch

v, WSDL pht sinh mt ng dng mi (top-down) hoc c th t mt

nhm cc dch v Web hin c, kt hp li vi nhau to nn cc chc

nng mi hoc m rng thm chc nng. Nhng hng tip cn ny da

trn nhng g m chng ta c, ty thuc vo yu cu ca h thng, trong ti a vic s dng li cc chc nng, cc thnh phn, mun c

xy dng.

Qui trnh xy dng mt dch v Web bao gm cc bc sau:

1. nh ngha v xy dng cc chc nng, cc dch v m dch v s cung

cp (s dng ngn ng Java chng hn).2. To WSDL cho dch v

3. Xy dng SOAP server

4. ng k WSDL vi UDDI registry cho php cc client c th tm thy

v truy xut.

8/6/2019 Dch v Web

17/34

5. Client nhn file WSDL v t xy dng SOAP client c th kt ni

vi SOAP server

6. Xy dng ng dng pha client (chng hn s dng Java) v sau gi

thc hin dch v thng qua vic kt ni ti SOAP server.

La chn mt ngn ng, xy dng cc tin trnh nghip v v chng ta bt

u to nn mt dch v Web nh mun. Sau l cung cp dch v Web

ny trn Internet.

7. Tch hp dch v Web theo chun

c th thnh cng vi dch v Web chng ta phi quan tm n kh

nhiu vn , bao gm vic trin khai, gim st v tch hp h thng. Doanh

nghip khng nhng phi pht trin mt ng dng dch v Web mi m cn

phi tch hp cc ng dng nghip v ph tr ca h trong kin trc Dch v

Web. Cng vi vic trin khai v tch hp, nhng nh kinh doanh v nhng

ngi s dng k thut cng cn c kh nng gim st, trin khai ton din

m bo hot ng kinh doanh hiu qu v tin cy.

- Gim st (monitoring): Cn h tr c mc cng c v c s h tng

gim st cc dch v Web chy nh th no qua ton b mng, t mt chi

nhnh con ca mt cng ty trn mng ti cc chi nhnh khc trong cng ty

hay giao tip vi doanh nghip khc. Kt hp thng bo theo s kin vi cc

li trong lung nghip v cho nhng ngi dng khng c kinh nghim

gim st dch v Web v cc dch v k tha khc.

- Xc nh ng i d liu (Data routing): Vic thit lp ng i ca d

liu gia nhng thnh phn ca dch v Web hng ti ti a ha kh nng

s dng li. Nu coi mt thnh phn (component) l mt i tng th mi

8/6/2019 Dch v Web

18/34

th hin (instance) ca n s khng quan tm n cc th hin khc ca cng

thnh phn . Nhng th hin ca cng mt thnh phn c th d dng

c s dng li trong cc ng dng phn tn khc bi v chng hon ton

c lp v khng ph thuc ln nhau.

- Trin khai (Deployment): Trin khai cc dch v Web c kh nng nng

cp, iu khin v cu hnh cc thnh phn t xa thng qua mng phn tn.

- Qun l (Management): C th xy dng theo kin trc P2P (Peer-to-Peer).

Cc hot ng chnh nh thc thi cc thnh phn, nh tuyn d liu, x l

lung cng vic v chuyn i d liu c thc hin ti cc im cui camng. Server s tp trung gii quyt cc hot ng khc nh qun l, iu

khin s kin, chng thc bo mt v qun tr.

- Cu hnh v qun l phin bn (Configuration and version management):

S dng cc cng c linh hot qun l cc phin bn khc nhau ca dch

v Web, cho php cc phin bn c nng cp v iu khin t mt cng

c qun l tp trung. Kt hp gia ng dng v mng gip cc k s trinkhai c th iu khin cc thnh phn chy trn nn tng h thng phn cng

c th bn trong mng.

- Bo mt (Security): cc chun m nh HTTP, XML, SOAP, WSDL v

chun bo mt JSM c s dng rng ri khin chng tr thnh l tng

xy dng cc ng dng web. u tin, dch v Web s dng nhng cng

ngh ny ging nh firewall, SSL v cc chng nhn s. Dch v Web th

h sau ny s kt hp vi nhng cng ngh c kh nng bo mt cao hn,

ging nh m ha XML v chng nhn s XML.

8/6/2019 Dch v Web

19/34

Nh vy, vi mt dch v Web, vic giao tip v truyn nhn d liu tr nn

d dng v hiu qu hn, ng thi em li chi ph thp hn v tng cng

nhng kh nng giao tip thi gian thc, kt ni vi mi ngi trn khp th

gii. Bn cht ca nn tng cng ngh ny l kin trc hng dch v v spht trin ca dch v Web c tng lai rt kh quan.

AN TON WEB SERVICE

I.Tng quan

T nhng ngy u ca Internet, ngi ta quan tm n tnh an ton trong

trao i thng tin.Mc du, khng c s an ton tuyt i, nhng nhng pht

trin trong lnh vc ny th rt nhanh v mang li nhiu thnh qu v y l

vn cp bch ca nhiu doanh nghi p. Khng c mt mc an ton thch

hp, s khai thc thng mi ca Internet th khng hon ton an ton.Do

nhng gii thut kim chng, s m ha kha thng tin, v ch k s ha

c th l nhng gii php cung cp mt mc an ton.

Chnh v th s an ton ca web service trn mng cng khng th nm

ngoi vn ny , c th ni ngy nay ngoi vic nghin cu lm sao to

ra mt web services tt mang li nhiu li ch th vic nghin cu lm sao

mang li s an ton cho web services cng l mt trong nhng vn quan

trng nht. Tht kh tin tng s dng mt business service nh mua

chng khon hay chuyn tin trc tuyn m li khng c mt s an ton cn

thit.

8/6/2019 Dch v Web

20/34

Mt chun an ton chung cho cc h thng giao dch trn mng thng phi

tp trung vo nhng iu sau:

- Identification: nh danh c nhng ai truy cp ti nguyn h thng.

- Authentication: chng thc t cch truy cp ti nguyn ca ngi mun s

dng.

- Authorization: cho php giao dch khi xc nhn nh danh ngi truy

cp.

- Integrity: ton vn thng tin trn ng truyn.

- Confidentiality: an ton, khng ai c th c thng tin trn ng i.

- Auditing: kim tra, tt c cc giao dch u c lu li kim tra.

- Non-repudiation: mm do, cho php chng thc hp tnh hp php ha

ca thng tin n t mt pha th ba ngoi 2 pha l ngi gi v ngi

nhn.

Nhng yu cu trn gip cho h thng an ton hn , trnh c phn no

nhng truy cp khng hp l .

HTTP HyperText Transfer Protocol l giao thc thng s dng nht cho

vic trao i thng tin trn Internet ,tuy nhin li l mt giao thc khng an

ton, bi v tt c thng tin c gi di dng vn bn trong mng ngang

8/6/2019 Dch v Web

21/34

hng khng an ton. HTTP thuc v nhm ca nhng nghi thc, nh SMTP,

telnet, v FTP, c thit k trong giai on u ca Internet khi m vn

an ton cha c quan tm n nhiu. Mt pht trin ca HTTP l HTTPS,

n l mt chun an ton cho HTTP , HTTPS cho php chng thc client vserver qua nhng chng thc gia client v server.

Trc khi c web servives security ( WS-Security ) th ngha thng thng

ca an ton web service l bo mt knh truyn d liu . N c thc hin

cho nhng SOAP/HTTP da trn c ch truyn thng ip bng cch s

dng giao thc HTTPS. Khng ging s an ton mc thng ip, HTTPS

cung cp s an ton ti ton b gi d liu HTTP .Bi vy, chng ta khng

c mt ty chn no p dng s an ton c chn lc ch trn nhng thnh

phn ca mt thng ip.

Mc du HTTPS khng bao ph tt c cc kha cnh trong chun an ton

chung, nhng n cng cung cp mt mc bo chng y vi nh

danh v chng thc , s ton vn thng ip, v tin cy. Tuy nhin,

authentication, auditing, and non-repudiation cha c cung cp. Bn cnh

, HTTPS l mt giao thc nn khi thng ip i qua HTTP server th li

khng an ton.

II.An tan web services

Trc ht chng ta xem xt nhng nhn t ri ro nh hng n mc an

ton ca nhng ng dng da trn web service. Chng ta s s dng mt

kch bn rt tin ngn hng qua mng xem xt vn .

8/6/2019 Dch v Web

22/34

y l mt ng dng client/server n gin m t mt ngi rt tin (client)

kt ni ti trung tm d liu ca ngn hng s dng mt ng dng web

service thc hin yu cu ca mnh

Hnh 10 ng dng ngi rt tin ngn hng s dng Web service

Nu khng c s an ton no c p dng, th c ba nhn t mo him

chnh:

- Nhng giao dch khng hp php (Unauthorized transactions) : mt ngi

no khng c quyn nhng vn yu cu rt tin. Giao dch ny khng

hp php. Chng ta cm vn ny bng cch s dng c ch chng thc

ca WS - Security. Mt v d ca s chng thc bao gm phi c mt kt

hp user ID/password trong SOAP message.

- Nhng thng bo khng m ha (Readable messages in clear text-noencryption): s hiu ti khon v s d ti khon trong gi SOAP rt d b

c ln trn mng. Vic l thng tin ny l do thng tin ti khon v s d

c gi qua mng di nh dng vn bn. gii quyt vn ny, thng

tin ny phi c m ha mc knh chuyn thng ip hoc mc thng

http://i227.photobucket.com/albums/dd44/robinsonit1/ar-before.jpg

8/6/2019 Dch v Web

23/34

ip ( WS - Security).

- Nhng thng ip b thay i hoc mt mt (SOAP message susceptible to

modification-no integrity): Trong qu trnh chuyn thng tin t ngi rttin n trung tm d liu, n c th b chn. V nhng thng tin ny c th

b thay i, v d nh s ti khon l 1234 th b thay i thnh s 9876.Vn

ny dn n thiu s ton vn.

Trong nhng kch bn trn, chng ta m t s an ton lin quan ti nhng

yu cu ca s chng thc, tnh b mt, v s ton vn thng tin. Chng ta s

bn lun v nhng vn ny chi tit trong chng ny v cung cp nhiu

ty chn v vic lm sao bo m trnh cc ri ro trn.

Trc khi c WS-Security, s an ton knh chuyn thng ip rt thng

c s dng. S an ton knh chuyn thng ip ch l n m ha ton

b thng ip, dn n s dng CPU cao hn. Tuy nhin vi WS-Security,

n cung cp nhng cch ti u ha nhng thao tc an ton, m yu cu t

thi gian s dng CPU hn.

8/6/2019 Dch v Web

24/34

Hnh 11 p dng cc c ch an ton cho web service

Da vo mc an ton cn thit m mt hoc nhiu hn nhng c ch an ton

ny c th c p dng cho mt ng dng.

1. nh ngha WS Security

WS-Security l mt chun an ton bao trm cho SOAP v c nhng phn

m rng ca SOAP, n c dng khi mun xy dng nhng web service

ton vn v tin cy. N c thit k mang tnh m nhm c th hng ti

nhng m hnh an ton khc bao gm PKI, Kerberos, v SSL. WS security

cung cp nhiu h tr cho nhiu c ch an ton khc nhau, nhiu khun

dng ch k, v nhiu cng ngh m ha . N m bo cho tnh an ton, s

ton vn thng ip, v tnh tin cy ca thng ip . Mc d vy, nhng c

http://i227.photobucket.com/albums/dd44/robinsonit1/ar-first.jpg

8/6/2019 Dch v Web

25/34

ch ny cng cha th m bo tt c cc kha cnh ca mt gii php an

ton y trong v vn rt nhiu yu cu i hi an ton khc nhau ca

web service. Do , ws security ch l mt lp trong nhiu lp ca mt gii

php an ton web service .

Tnh ton vn an ton c a vo ng dng bo m rng khng ai c

th sa i thng ip trong khi n ang c chuyn.Thc cht tnh ton

vn l n to ra mt ch k s ha XML da vo ni dung ca thng ip.

Nu d liu thng ip b thay i bt hp php, n s khng cn thch hp

vi ch k s ha XML.Mt ch k c to ra da vo mt kha m ngi

gi thng ip to ra. Do ngi nhn ch nhn thng ip khi ch k s

dng v ni dung ph hp. Cn nu khng ph hp th mt thng bo li s

tr v ngi gi.

Trong 2 v d di y, chng ta thy mt SOAP message c v khng c

s chng thc. y thng tin chng thc trong SOAP message bao gm

username v password.

V d 1: SOAP message khng c bo mt

8/6/2019 Dch v Web

26/34

xmlns: xsi="http://www.w3.org/2001/XMLSchema-instance">

< soapenv:Body

soapenc:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">

< getDayForecast xmlns="http://session.itso">

< theDate xmlns=""xsi:type="xsd:dateTime">2003-09-

05T07:00:00.000Z

< /getDayForecast>

< /soapenv:Body>

< /soapenv:Envelope>

V d 2: SOAP message c bo mt thng qua vic chng thc username

v password

8/6/2019 Dch v Web

27/34

8/6/2019 Dch v Web

28/34

< theDate xmlns=""xsi:type="xsd:dateTime">2005-09-

05T07:00:00.000Z

< /getDayForecast>

< /soapenv:Body>

< /soapenv:Envelope>

Quan st hai v d trn chng ta thy rng username/password ch l mt

trong nhng cch thc hin vic chng thc gia client v server. C ch

ny cng ch l mt chng thc c bn. Nhng hnh cch khc ca chng

thc l ch k s ha, ID, LTPA, v nhng kiu chng thc khc.

V d 3: SOAP message c bo v ton vn thng qua vic m ha

< wsse:Security

xmlns:wsse="http://schemas.xmlsoap.org/ws/2003/06/secext"

soapenv:mustUnderstand="1">

< Signature>

8/6/2019 Dch v Web

29/34

8/6/2019 Dch v Web

30/34

< /wsse:Security>

< /soapenv:Header>

Trong v d 3 trn s dng mt c ch chng thc an ton hn so vi cch

chng thc bng cch s dng username/password , trong ni dung cn

chng thc c m ha nhm trnh cho vic c c nhng ni dung

cn chng thc.

2.Chng thc trong mt ng dng

Ngi pht trin ng dng nn cung cp mt giao din ngi dng thn

thin gip ngi dng nh ngha chng thc d dng cho vic ng

dng web service.Trong mt ng dng c th, chng thc cn thc hin

nhng cng vic sau:

2.1 Pha client:

- Pha client cn cung cp mt du hiu an ton trong tp tin m t ca

client. V d nh l cung cp mt username v password. Du hiu an ton

ny c gi bn trong SOAP message ti server.

- Client cn ch r mt callback handler trong tp tin m t ca client. Mtcallback hander l mt tp tin lp trong ng dn ca client. Vai tr ca

callback handler s ly username v mt khu t b m t trin khai v chen

chng vo trong SOAP message.

8/6/2019 Dch v Web

31/34

2.2 Pha server

- cu hnh server an ton cn c mt du hiu an ton hp l. Nu khng

c du hiu an ton, yu cu s tht bi.

- Server cn ch r mt callback handler c du hiu an ton trong yu

cu v sau xc nhn n.

3. Nhng bc cn thit to s an ton thng tin trong mt ng dng

mt ng dng an ton v tin cy, client v server phi c tnh ton vn

thng tin. Cc bc cu hnh tnh ton vn trong mt ng dng c thc

hin qua cc bc sau :

3.1Pha client :

- Ch r nhng thnh phn ca message m phi c ch k hay mt du hiu

chng thc no . Nhng thnh phn trong message c th c ch k l

phn thn.

- Ch r mt kha trn h thng t p tin m s k ln message. Ch nhng

client c cp quyn mi c quyn s hu kha ny.

- Ch r nhng gii thut s c s dng bi kha k ln message.

- Nu mt client ch i mt s phn hi t server vi thng tin cng yu

cu phi ton vn, th client phi c cu hnh lm cho c hiu lc tnh

ton vn ca message phn hi.

3.2 Pha server

8/6/2019 Dch v Web

32/34

Cu hnh server an ton thng tin cn:

- Ch r nhng thnh phn ca message cn c k. Nu message nkhng c mt ch k hp l, th yu cu s tht bi.

- Ch r mt kha duyt ch k ca message n xem c hp l hay

khng.

- Ch r gii thut m kha s dng lm cho c hiu lc tnh ton vn ca

message gi n.

- Nu c message phn hi li th message cng phi c k, v cung

cp thng tin ch k trong message phn hi.

4.Nhng thnh phn m rng ca ws-security

Do ws security ch l mt lp trong nhiu lp ca mt gii php an ton web

service y , nn cn mt m hnh an ton chung ln hn c th bao

ph tt c cc kha cnh an ton khc nh ng k (logging) v khng t

chi (non-repudiation).

8/6/2019 Dch v Web

33/34

Hnh 12 M hnh an ton cho Web service

Hnh trn cho chng ta thy mt m hnh an ton web service , trong m

hnh ny bao hm nhng thnh phn khc nhau c th trin khai an ton

cho web service hiu qa v y .

Trong m hnh ny cc thnh phn quan trng bao gm:

- WS-SecureConversation Describes: cho php qun l v xc nhn message

trao i gia cc phn, bao gm s trao i ng cnh an ton , thit l p , dn

xut ra nhng session.

- WS-Authentication Describes: cho php qun l nhng d liu cn chng

thc v chnh sch chng thc.

- WS-Policy Describes: cho php qun l nhng rng buc ca nhng chnh

sch an ton cc im trung gian v u cui.

http://i227.photobucket.com/albums/dd44/robinsonit1/ar-last.jpg

8/6/2019 Dch v Web

34/34

- WS-Trust Describes: khung cho php nhng web service an ton trao i ,

tng tc vi nhau.

III. Kt lun

Ngy nay cng ngh web services v ang c trin khai v ng dng

trong rt nhiu lnh vc khc nhau bao gm c nhng lnh vc nhy cm ,

i hi tnh an ton cao nh ti chnh , ngn hng ,do web service cn

cung cp mt mc an ton h tr nhng cng vic nh th . Bn cnh

mt c ca cng ngh web services mang li th vic m bo an ton , tin

cy , ton vn thng tin trao i trn web service cng l mt iu rt quan

trng trong qa trnh xy dng web services ,bng vic s sng ws security

v cc thnh phn ca n gip cho thng tin trao i trn web services tr

nn an ton hn , tuy nhin vic chn c ch an ton cho web service phi

i hi sao cho ngi dng khng cm thy qa phc tp to mt s g b ,

do vic chn c ch an ton no trong ws security th ph thuc nhiu

vo loi service v nhng tnh nng m servive ny cung cp , v d nh

service v giao dch ti chnh ngn hng phi c c ch an ton hiu qa hn

so vi service chn lc v phn loi tin tc hay service cho bit t gi trao

i gia cc loi ngoi t ,. Bn cnh cn mt im cn quan tm l

s an ton khng ch ph thuc vo nhng gii thut, nhng tiu chun, v

nhng c ch m ws security mang li , m n cn ty vo thi ca cccng ty c hiu r tm quan trng ca an ton thng tin khi trin khai cc

ng dng , giao dch trn mng hay khng cng rt cn thit.