KIPS Transactions on Computer and Communication Systems (정보처리학회논문지:컴퓨터 및 통신 시스템)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Design and Implementation of EAI(Enterprise Application Integration) System for Privacy Information

개인정보 보호를 위한 EAI 시스템 설계 및 구현

  • Received : 2012.10.19
  • Accepted : 2012.12.14
  • Published : 2013.01.31
Download PDF
⟨ Previous Next ⟩

Abstract

This paper describes the design and implementation of the PKI-based EAI system which is used for delivery of sensitive personal information between business systems. For this purpose, we propose a key exchange protocol with some key process : Diffie-Hellman Schema is used to provide forward secrecy, public key-based digital signature is used for EAI Server authentication, data integrity. In addition, in order to minimize the performance impact on the overall EAI systems. The EAI server was designed simply to be used only as a gateway. This paper shows the implementation of Korea public key authentication algorithm standard and a symmetric encryption algorithm for data encryption.

본 논문에서는 업무시스템 간 민감한 개인정보 전달을 위해 PKI기반 EAI 시스템을 설계, 구현하고 이에 대하여 기술한다. 이를 위해 업무시스템이 EAI 서버를 통해 안전하게 데이터를 연계하기 위해 EAI 특성에 맞는 키 교환 프로토콜을 제안한다. 키 교환을 위해서 전방향 안정성에 널리 사용되는 Diffie-Hellman기법을 적용하였으며, 키 교환 주체에 대한 인증 및 자료의 무결성을 위해 전자서명방식을 혼용한다. 또한 전체 EAI 시스템의 성능에 대한 영향을 최소화하기 위해 인증, 키 교환 및 암/복호화를 업무시스템에서만 이루어지도록 구성하고, EAI 서버는 단순히 연계통로로만 사용하도록 구성한다. 그리고 인증 및 암/복호 알고리즘은 국내표준을 준용할 수 있도록 EAI 시스템을 설계, 구현한다.

Keywords

References

  1. Eun-Ok Ha, Yoon-Ho Kim, "Design and Implementation of Web-based Monitoring System for an EAI Environment", CALS/EC Vol.14, No.3, pp.2, 2009.
  2. Ministry of Pubic Administration and Security, Private Information Protection Law, 2012.
  3. Young-Bae Kim, "A case study on the effective Enterprise Application Integration", Yonsei University, pp.8, pp.49, 2007.
  4. Sung-Doke lee, Dong-Soo Han, "A Web Services based e-Business Application Integration Framework", Journal of computing science and engineering Vol.11, No.6, pp.1, 2005.
  5. Ho-Ki Nam, Sang-Min Park, Jong-Hyun Kim, Sung-Ah Jung, "The Implementation of Enterprise Application Integration System in ERP Environment", Journal of Korea Safety Management & Science, Vol.12, No.3, pp.3, 2010.
  6. 하은옥, 김윤호, "EAI환경에서의 웹기반 모니터링 시스템의 설계와 구현", CALS/EC Vol.14, No.3, pp.110, 2009.
  7. Kyung-Jae Ha, Cheol-Gon Moon, "Development of Web-Based mail-System using the Public-Key Encryption Algorithm", Journal of KIISE, pp.2, 2000.
  8. 염흥렬, "IETF공개키 기반구조 및 PKI기반 응용 표준화 동향", Journal of KIISC, Vol.14 No.2, pp.2, 2004.
  9. Seung-Han Cho, Chong-sun Hwang, "Design of Key Distribution Protocol using a New Secrecy-Analysis Method", Journal of KIISE, Vol.18, No.2, pp.1, 1991.
  10. Wikipedia, Key Exchange [Internet], http://en.wikipedia.org/wiki/Key_exchange
  11. Ran Canetti, Hugo Krawczyk, "Analysis of key-exchange protocols and their use for building seure channels", Springer-Verlag, Eurocrypt'01, pp.453-473, 2001.
  12. 변진욱, "강화된 키 교환 프로토콜의 안전성 모델에 관한 연구", Journal of KIISC, Vol.20, No.2, pp.81-83, 2010. 4.
  13. Seon Jong Kim, Jeong Ok Kwon, "Secure Key Exchange Protocols against Leakage of Long-term Private Keys for Financial Security Servicers", Journal of KIISC, Vol.19, No.3, pp.120-129, 2009. 6.
  14. Yoon-Jin Lee, Jae-Guen lee, In-june Jo, "Enhanced Diffie-Hellman Key Distribution using Mobile-phone", International journal of maritime information and communication sciences , pp.2564-2567, Vol.134, No.12, 2009. 12.
  15. Rakesh Jaiswal, "Security Concerns in EAI", Wipro Technologies, pp.3-5, 1998.
  16. Chul Sur, Young-Ho Park, Kyung-Hyune Rhee, "A Multi-receiver Certificates Encryption scheme and Its Application", Journal of Korea Multimedia Society, pp.1, Vol.14, No.6, 2011. https://doi.org/10.9717/kmms.2011.14.1.001
  17. Wei Dai, Crypto++ 5.6.0 Benchmarks [Internet], http://www.cryptopp.com/benchmarks.html
  18. Matjaz B Juric, Professional J2EE EAI, WROX, 2002
  19. E. Rescorla, Diffie-Hellman Key Agreement Method, IETF RFC 2631, 1999.
  20. Jeremy Westernman, "SOA today, Introduction to service-oriented Architecture, DBReview.
  21. William stallings, Cryptography and Network security, Prentice Hall, 1998.
  22. Jong-Hun Park "BPM and Enabling Technology", BPM Solution Korea Conference, 2004.
  23. Whitfield Diffie and Martin Hellman, "New Directions in Cryptography," IEEE Transaction on Information Theory, Vol.1T-11, No.6, November, 1976.