Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Trusted Certificate Validation Scheme for Open LBS Application Based on XML Web Services

  • Published : 2005.12.01
Download PDF
⟨ Previous Next ⟩

Abstract

Location-based services or LBS refer to value-added service by processing information utilizing mobile user location. With the rapidly increasing wireless Internet subscribers and world LBS market, the various location based applications are introduced such as buddy finder, proximity and security services. As the killer application of the wireless Internet, the LBS have reconsidered technology about location determination technology, LBS middleware server for various application, and diverse contents processing technology. However, there are fears that this new wealth of personal location information will lead to new security risks, to the invasion of the privacy of people and organizations. This paper describes a novel security approach on open LBS service to validate certificate based on current LBS platform environment using XKMS (XML Key Management Specification) and SAML (Security Assertion Markup Language), XACML (extensible Access Control Markup Language) in XML security mechanism.

Keywords

References

  1. XML Key Management Specification Version 2.0 (W3C Working Draft), April 2003
  2. XML Signature Syntax and Processing (W3C/IETF Recommendation), February 2002
  3. XML Encryption Syntax and Processing (W3C Recommendation), 2003
  4. X.509 Certificate and CRL Profile, RFC2459, January 1999
  5. M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams, X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP, RFC 2560, June 1999
  6. A. Malpani, P. Hoffman and R. Housley, Simple Certificate Validation Protocol, draft-ietf-pkix-scvp-09.txt, Jun 2000
  7. D. Pinkas and R. Housley, Delegated Path Validation and Delegated Path Discovery Protocol Requirements, RFC 3379, 2002
  8. Assertions and Protocol for the OASIS Security Assertion Mark up Language (SAML), OASIS Standard, 5 November 2002
  9. A Selkirk, Using XML Security Mechanisms, BT Technol J 19 (3), 2001
  10. Phillip Hallam-Baker, W3C XKMS Workshop position paper, Proceedings of XKMS Workshop, July 2001
  11. E. Faldella and M.Prandini, A Novel Approach to On-Line Status Authentication of Public Key Certificates, in Proc. the 16th Annual Computer Security Applications Conference, Dec 2000
  12. Y. Elley, A. Anderson, S. Hanna, S. Mullan, R. Perlman and S. Proctor, Building Certification Paths: Forward vs. Reverse, Proc. the Network and Distributed System Security Symposium Conference, 2001
  13. M. Naor and K. Nissim, Certificate Revocation and Certificate Update, IEEE Journal on Selected Areas in Communications, 18 (4) (2000)
  14. Jonghyuk Roh, Seunghun Jin and Kyoonha Lee, Certificate Path Construction and Validation in CVS, KICS-Korea IT Forum, 2002
  15. M. Prandini, Efficient Certificate Status Handling within PKIs: an Application to Public Administration Services, in Proc. the 15th Annual Computer Security Applications Conference, 1999
  16. Donald E, Eastlake, Kitty Niles, Secure XML, Pearson addsion wesley, 2003
  17. Blake Dournaee, XML Security, RSA Press, 2002
  18. Haeock Choi, Open LBS Plarform Architecture, ISR2002, 2002
  19. Euinam Huh, Jihye Kim, Hyeju Kim, Kiyoung Moon, Policy based on grid security infrastructure implementation for dirrerential resource access, ISOC 2003, 2003
  20. Yuichi Nakamur, et. Al., Toward the Integration of web services security on enterprise environments, IEEE SAINT '02, 2002
  21. OASIS, Web Service Security, http://www-106.ibm.com/, April 2002
  22. Harsha Srivatsa, Location-based services, IBM Paper, November 2002
  23. Diana Berbecaru, Antonio Lioy, Towards Simplifying PKI Implementation : Client-Server based Validation of Public Key Certificates, IEEE ISSPIT 2002, pp.277-281
  24. Jose L. Munoz et. Al.,Using OCSP to Secure Certificate- Using transactions in M-Commerce. LNCS 2846 (2003) 280-292
  25. Sungmin Lee et. Al., TY*SecureWS:An integrated Web Service Security Solution based on java, LNCS 2738 (2003) 186-195
  26. Namje Park, Kiyoung Moon, Sungwon Sohn, XML Key Information System for Secure e-Trading, WSEAS TRANSACTIONS on COMPUTERS, 2 (2) (2003), 327-333

Cited by

  1. Location-based grid-index for spatial query processing vol.41, pp.4, 2014, https://doi.org/10.1016/j.eswa.2013.08.027