Web services are XML-based distributed computing. It is a new rising technology to replace the existing distributed computing model. Web services must solve the web services security issue. It is necessary to meet the requirement of the security features,such as confidentiality, integrity, non-repudiation, and user authentication and authorization. In this paper, we propose a mechanism to perform the effective user authentication and authorization by using an attribute certificate for secure web services.With the extended WSDL document, XKMS (XML key Management Specification server and a AA (Attribute Authority) server respectively create an user's public key certificate and an attribute certificate.

• 出版日期2010
• 单位中国人民解放军信息工程大学