Research of Session Security Management in E-Commerce System

In view of the limitation of the traditional security technique in web service (WS) session domain, it researched the session security management model based on web service and analyzed the security specifications of WS-Security and WS-Conversation proposed by IBM and Microsoft. In combination with a specific E-Commerce project, it discussed the design of session security model, analyzed the process of session security management and the definition of session message format, proposed a set of high-standard, high-security and loose-coupling solution for web service session security management, which is successfully applied to an E-Commerce system, combining the practice with the theory perfectly