The KIPS Transactions:PartC (정보처리학회논문지C)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Key Information Service Protocol for Secure XML Web Service

안전한 XML 웹 서비스를 위한 키 정보 서비스 프로토콜에 관한 연구

  • 박남제 (한국전자통신연구원 정보보호연구부 능동보안기술연구팀) ;
  • 문기영 (한국전자통신연구원 정보보호연구부 능동보안기술연구팀) ;
  • 손승원 (한국전자통신연구원 네트워크보안연구부)
  • Published : 2003.10.01
Download PDF
⟨ Previous Next ⟩

Abstract

XKMS(XML Key Management Specification), one of XML Security specification, defines the protocol for distributing and registering public keys for verifying digital signatures and enciphering XML documents of web service applications with various and complicate functions. In this paper, we propose XML Key Information protocol service model and implements reference model of protocol component based on standard specification. Also describes the analysis and security method of Key Information Service(XKIS) for Secure XML Web Service,paying attention to the features of XML based security service. This protocol component supported includes public key location by given identifier information, the binding of such keys to edentifier information. This reference model offers the security construction guideline for future domestric e-Business Frameworks.

XML 보안 명세 중 하나인 XML 키 관리 명세(XKMS)는 다양하고 복잡한 기능의 웹 서비스 애플리케이션에서 XML 문서의 서명을 검증하거나 암호화하는 공개키의 관리를 위한 프로토콜을 정의한다. 본 논문에서는 XML 표준 명세를 준수하는 XML 키 정보 프로토콜 서비스 모델을 제시하고, 표준에 근거한 프로토콜 컴포넌트의 참조 모델을 구현하였다. 또한 XML 기반 보안서비스 특성에 착안하여 안전한 XML 웹서비스를 위한 키 정보 서비스에 대한 분석과 보안 방안에 대해 기술한다. 프로토콜 컴포넌트는 식별정보가 주어졌을 때, 필요로 하는 공개키 위치와 식별자 정보, 공개키 연결 기능을 제공한다. 구현된 참조 모델은 향후 국내 e-비즈니스 프레임워크 구성 시 표준적인 보안 모델을 구현할 수 있는 지침을 제공할 것이다.

Keywords

References

  1. W3C Note, 'XML Key Management(XKMS 2.0) Requirements,' May, 2003
  2. W3C Working Draft, 'XML Key Management Specification Version 2.0,' April, 2003
  3. W3C Working Draft, 'XML Key Management Specification Bindings,' April, 2003
  4. W3C Working Draft, 'XKMS Bulk Operation,' August, 2002
  5. W3C/IETF Draft, 'XML-Signature Requirements,' October, 1999
  6. W3C/IETF Recommendation, 'XML-Signature Syntax and Processing,' Feburary, 2002
  7. W3C Recommendation, 'XML Encryption Syntax and Processing,' 2003
  8. W3C Recommendation, 'Decryption Transformation for XML Signature,' 2003
  9. IETF, 'X.509 Certificate and CRL Profile,' RFC2459, Januanry, 1999
  10. IETF, 'Certificate Management Protocol, RFC2510,' March, 1999
  11. IETF, 'Certificate Request Message Format,' RFC2511, March, 1999
  12. RSA Encryption Standard, PKCS #1
  13. 'Password-Based Encryption Standard,' PKCS #5
  14. 'Public-Key Cryptography Standard,' PKCS #7
  15. 'ASN.1 Specification of Basic Notation,' ITU-T X.680
  16. 'ASN.1 Encoding Rules DER,' ITU-T X.690
  17. W3C, 'XML 1.0 Recommendation,' Feburary, 1998
  18. W3C, 'Document Object Model (DOM) Level 1 Specification,' October, 1998
  19. W3C Working Draft, 'SOAP Version 1.2 (1) : Messaging Framework,' June, 2002
  20. W3C Note, 'SOAP: Simple Object Access Protocol 1.1,' May, 2000
  21. W3C Note, 'SOAP Security Extensions: Digital Signature,' Feb., 2001
  22. IETF, 'The TLS Protocol Version, 1.0,' RFC 2246, January, 1999
  23. NlST, 'Key Management Guideline, Part 1 : General Guideline,' 2002
  24. Mark Bartel, Bard Fox, Brian LaMacchia and Ed Simon, 'XML Signature Syntax and Processing,' http://www.w3.org/TR/xmldsig-core/
  25. Takeshi Imamura, Blair Dillaway and Ed Simon, 'XML Encryption Syntax and processing,' http://www.w3.rg/TR/xmlenccore/, 2002
  26. Phillip Hallam-Baker, 'W3C XKMS Workshop position paper,' Proceedings of XKMS Workshop, Redwood City, CA, July, 2001
  27. Blake Dournaee, 'XML Security,' RSA Press, 2002
  28. Donald E, Eastlake, Kitty Niles, 'Secure XML, Pearson addison wesley,' 2003
  29. OASIS, 'Web Service Security,' http://www-106.ibm.com/. Apr, 2002
  30. Mark ONeill, et al., 'Web Service Security,' Osborne, 2003
  31. Jae Seung Lee, Young Soo Kim, Joo young Lee, Ju Han Kim, KyungBum Kim and Seung Won Sohn, 'A Design of the XML Security Platform for Secure Electronic Commerce,' WISA 2000, Seoul, Korea, 2000
  32. Joo Young Lee, Ju Han Kim, Jae Seung Lee, Ki Young Moon, and Hyun-Sook Cho, 'ESES : XML Security for Secure Electronic Commerce,' Proceedings of WISA 2001, Sep, 2001
  33. Nam Je Park et. AI., 'XML Key Management of Secure Electronic Trading,' KIISC Review, ISSN 1598-3978, 13 (3), June, 2003
  34. Nam Je Park, Ki Young Moon, 'EXSO/XKMS Service Platform Infrastructure,' CISC 2003, pp.212-216, 2003