Browse > Article
http://dx.doi.org/10.3745/JIPS.2005.1.1.086

Trusted Certificate Validation Scheme for Open LBS Application Based on XML Web Services  

Moon, Ki-Young (Information Security Research Division, ETRI)
Park, Nam-Je (Information Security Research Division, ETRI)
Chung, Kyo-Il (Information Security Research Division, ETRI)
Sohn, Sung-Won (Information Security Research Division, ETRI)
Ryou, Jae-Cheol (Department of Computer Science, Chungnam University)
Publication Information
Journal of Information Processing Systems / v.1, no.1, 2005 , pp. 86-95 More about this Journal
Abstract
Location-based services or LBS refer to value-added service by processing information utilizing mobile user location. With the rapidly increasing wireless Internet subscribers and world LBS market, the various location based applications are introduced such as buddy finder, proximity and security services. As the killer application of the wireless Internet, the LBS have reconsidered technology about location determination technology, LBS middleware server for various application, and diverse contents processing technology. However, there are fears that this new wealth of personal location information will lead to new security risks, to the invasion of the privacy of people and organizations. This paper describes a novel security approach on open LBS service to validate certificate based on current LBS platform environment using XKMS (XML Key Management Specification) and SAML (Security Assertion Markup Language), XACML (extensible Access Control Markup Language) in XML security mechanism.
Keywords
Location-based service; Open LBS security; XKMS; XML security; XML web services;
Citations & Related Records
연도 인용수 순위
  • Reference
1 A. Malpani, P. Hoffman and R. Housley, Simple Certificate Validation Protocol, draft-ietf-pkix-scvp-09.txt, Jun 2000
2 D. Pinkas and R. Housley, Delegated Path Validation and Delegated Path Discovery Protocol Requirements, RFC 3379, 2002
3 Assertions and Protocol for the OASIS Security Assertion Mark up Language (SAML), OASIS Standard, 5 November 2002
4 A Selkirk, Using XML Security Mechanisms, BT Technol J 19 (3), 2001
5 Phillip Hallam-Baker, W3C XKMS Workshop position paper, Proceedings of XKMS Workshop, July 2001
6 E. Faldella and M.Prandini, A Novel Approach to On-Line Status Authentication of Public Key Certificates, in Proc. the 16th Annual Computer Security Applications Conference, Dec 2000
7 Y. Elley, A. Anderson, S. Hanna, S. Mullan, R. Perlman and S. Proctor, Building Certification Paths: Forward vs. Reverse, Proc. the Network and Distributed System Security Symposium Conference, 2001
8 X.509 Certificate and CRL Profile, RFC2459, January 1999
9 M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams, X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP, RFC 2560, June 1999
10 Harsha Srivatsa, Location-based services, IBM Paper, November 2002
11 Diana Berbecaru, Antonio Lioy, Towards Simplifying PKI Implementation : Client-Server based Validation of Public Key Certificates, IEEE ISSPIT 2002, pp.277-281
12 Jose L. Munoz et. Al.,Using OCSP to Secure Certificate- Using transactions in M-Commerce. LNCS 2846 (2003) 280-292
13 Sungmin Lee et. Al., TY*SecureWS:An integrated Web Service Security Solution based on java, LNCS 2738 (2003) 186-195
14 Namje Park, Kiyoung Moon, Sungwon Sohn, XML Key Information System for Secure e-Trading, WSEAS TRANSACTIONS on COMPUTERS, 2 (2) (2003), 327-333
15 M. Naor and K. Nissim, Certificate Revocation and Certificate Update, IEEE Journal on Selected Areas in Communications, 18 (4) (2000)
16 XML Key Management Specification Version 2.0 (W3C Working Draft), April 2003
17 XML Signature Syntax and Processing (W3C/IETF Recommendation), February 2002
18 XML Encryption Syntax and Processing (W3C Recommendation), 2003
19 M. Prandini, Efficient Certificate Status Handling within PKIs: an Application to Public Administration Services, in Proc. the 15th Annual Computer Security Applications Conference, 1999
20 Jonghyuk Roh, Seunghun Jin and Kyoonha Lee, Certificate Path Construction and Validation in CVS, KICS-Korea IT Forum, 2002
21 Donald E, Eastlake, Kitty Niles, Secure XML, Pearson addsion wesley, 2003
22 Blake Dournaee, XML Security, RSA Press, 2002
23 Haeock Choi, Open LBS Plarform Architecture, ISR2002, 2002
24 Euinam Huh, Jihye Kim, Hyeju Kim, Kiyoung Moon, Policy based on grid security infrastructure implementation for dirrerential resource access, ISOC 2003, 2003
25 Yuichi Nakamur, et. Al., Toward the Integration of web services security on enterprise environments, IEEE SAINT '02, 2002
26 OASIS, Web Service Security, http://www-106.ibm.com/, April 2002