WCF 传输与消息
我正在阅读有关 WCF 安全实现的内容,发现有两种类型的安全性:
传输模式和消息模式(或两者)
如果我使用 HTTPS 作为传输模式,如果我也使用消息安全性是否会更安全?我问这个是因为我的理解如下:
HTTPS 使用 SSL 协议来加密消息。
那么为什么要添加 Message Security 并对 SSL 加密消息进行加密呢?或者我误解了东西?
I was reading about WCF security implementations and found out that there are 2 types of security:
Transport Mode and Message Mode (or both)
If I used HTTPS for Transport Mode, is it more secured if I used Message security also? I am asking this because what I understand is as follows:
HTTPS uses SSL protocol which encrypts messages.
So why should I add Message Security and encrypt the SSL encrypted message? Or am I misunderstanding stuff?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
WCF 中的安全性实际上 由几个功能组成。两者之间的区别在于消息的签名和加密方式。
传输安全仅提供点对点的通道安全。这意味着HTTPS仅在客户端和暴露给客户端的服务器之间建立安全通道。但是,如果该服务器只是负载均衡器或反向代理服务器,则它可以直接访问消息的内容。
消息安全提供端到端的通道安全。这意味着安全性是传输数据的一部分,只有预期的目的地才能解密数据(负载均衡器或代理只能看到加密的消息)。在大多数情况下,消息安全性也使用证书来提供加密和签名,但通常速度较慢,因为传输安全性可以使用硬件加速。
在高级场景中,可以组合这些方法。例如,您可以通过 HTTPS 保护与负载均衡器的通信,因为您信任负载均衡器之后的内部网络,但同时您可以对消息进行签名(消息安全),以便您可以证明它没有被更改。
两者之间的另一个区别是传输安全性与单一传输协议相关,而消息安全性独立于传输协议。
消息安全性基于可互操作的协议(但请注意,并非 WCF 中的每个配置都是可互操作的)。 WCF 至少部分支持以下协议:
WCF 还支持 WS-I 基本安全配置文件 1.0,它只是具有规定配置的以前协议的子集。
对于不可互操作的功能,WCF 提供了 Windows 安全性或 TLSNego 和 SPNego 等功能(两者通常应该是可互操作的,但它们在许多 SOAP 堆栈中不可用)用于服务凭据交换。
Security in WCF actually consists of several features. The difference between those two is how are messages signed and encrypted.
Transport security provides only point-to-point channel security. It means that HTTPS establish secure channel only between client and server exposed to client. But if this server is just a load balancer or reverse proxy server it has direct access to content of the message.
Message security provides end-to-end channel security. It means that security is part of transferred data and only intended destination can decrypt the data (load balancer or proxy sees only encrypted message). Message security in most cases also uses certificates to provide encryption and signing but it is usually slower because transport security can use HW acceleration.
In advanced scenarios these methods can be combined. For example you can have communication to your load balancer secured by HTTPS because you trust your internal network after load balancer but in the same time you can have the message signed (message security) so you can prove that it wasn't changed.
Another difference between those two is that transport security is related to single transport protocol whereas message security is independent on transport protocol.
Message security is based on interoperable protocols (but be aware that not every configuration in WCF is interoperable). WCF supports at least partially these protocols:
WCF also supports WS-I Basic Security Profile 1.0 which is just subset of former protocols with prescribed configuration.
For non interoperable features WCF offers features like Windows security or TLSNego and SPNego (both should be generally interoperable but their are not available in many SOAP stacks) for service credentials exchange.
此链接概述了使用或不使用邮件安全性的原因。
基本上,除非无法使用,否则传输安全是首选。
链接摘录:
This link outlines the reasons to use or not to use Message security.
Basically, transport security is preferred unless it cannot be used.
An excerpt fro the link:
在某些情况下,您可能无法进行传输级加密,因此“回退”到消息级加密,这只是比传输级安全性稍差一些。
当然,两者都做会更安全。但当您拥有良好的传输级别安全性时,这有点矫枉过正。
There are also cases where you might not be able to have transport level encryption and thus 'fall back' to message level encryption, which is just a little bit less secure then transport level security.
Doing both will be more secure, sure. But it is a bit of overkill when you have good transport level security.
我想说,在大多数情况下,其中之一就足够了。如果您可以使用传输级安全性,那么这是更好的选择,因为它会加密整个通信,而不仅仅是消息内容。
I would say that it in most cases should suffice with one or the other. If you can use transport level security that is preferable since it encrypts the entire communication, not only the message content.