Abstract: The loosely-coupled property makes web service vulnerable.A method focused on web service invoking is proposed to solve the problem.Firstly, we analyze the control-flow graph of the BPEL document and extract all the operations it involved.Then an operation request graph is created based on the structure activities and the parameter which the operations pass among each other.The operation request graph is regarded as the profile of the anomaly detection model.If user behavior goes against the model, it will be judged as illegal.This method regulates the user behavior by forcing the users to execute the business process according to the BPEL document, so it guarantee the safety of the web service.