Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2003.10C.6.769

A Study on Key Information Service Protocol for Secure XML Web Service  

Park, Nam-Je (한국전자통신연구원 정보보호연구부 능동보안기술연구팀)
Moon, Ki-Young (한국전자통신연구원 정보보호연구부 능동보안기술연구팀)
Sohn, Sung-Won (한국전자통신연구원 네트워크보안연구부)
Publication Information
The KIPS Transactions:PartC / v.10C, no.6, 2003 , pp. 769-778 More about this Journal
Abstract
XKMS(XML Key Management Specification), one of XML Security specification, defines the protocol for distributing and registering public keys for verifying digital signatures and enciphering XML documents of web service applications with various and complicate functions. In this paper, we propose XML Key Information protocol service model and implements reference model of protocol component based on standard specification. Also describes the analysis and security method of Key Information Service(XKIS) for Secure XML Web Service,paying attention to the features of XML based security service. This protocol component supported includes public key location by given identifier information, the binding of such keys to edentifier information. This reference model offers the security construction guideline for future domestric e-Business Frameworks.
Keywords
XML Key Management; XML Security; XKMS; XKISS; XML Web Service;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 OASIS, 'Web Service Security,' http://www-106.ibm.com/. Apr, 2002
2 Mark ONeill, et al., 'Web Service Security,' Osborne, 2003
3 Jae Seung Lee, Young Soo Kim, Joo young Lee, Ju Han Kim, KyungBum Kim and Seung Won Sohn, 'A Design of the XML Security Platform for Secure Electronic Commerce,' WISA 2000, Seoul, Korea, 2000
4 Joo Young Lee, Ju Han Kim, Jae Seung Lee, Ki Young Moon, and Hyun-Sook Cho, 'ESES : XML Security for Secure Electronic Commerce,' Proceedings of WISA 2001, Sep, 2001
5 Nam Je Park et. AI., 'XML Key Management of Secure Electronic Trading,' KIISC Review, ISSN 1598-3978, 13 (3), June, 2003   과학기술학회마을
6 Nam Je Park, Ki Young Moon, 'EXSO/XKMS Service Platform Infrastructure,' CISC 2003, pp.212-216, 2003   과학기술학회마을
7 Blake Dournaee, 'XML Security,' RSA Press, 2002
8 Donald E, Eastlake, Kitty Niles, 'Secure XML, Pearson addison wesley,' 2003
9 RSA Encryption Standard, PKCS #1
10 'Password-Based Encryption Standard,' PKCS #5
11 W3C, 'XML 1.0 Recommendation,' Feburary, 1998
12 'Public-Key Cryptography Standard,' PKCS #7
13 'ASN.1 Specification of Basic Notation,' ITU-T X.680
14 'ASN.1 Encoding Rules DER,' ITU-T X.690
15 W3C, 'Document Object Model (DOM) Level 1 Specification,' October, 1998
16 W3C Working Draft, 'SOAP Version 1.2 (1) : Messaging Framework,' June, 2002
17 W3C Note, 'SOAP: Simple Object Access Protocol 1.1,' May, 2000
18 W3C Note, 'SOAP Security Extensions: Digital Signature,' Feb., 2001
19 IETF, 'The TLS Protocol Version, 1.0,' RFC 2246, January, 1999
20 IETF, 'Certificate Management Protocol, RFC2510,' March, 1999
21 IETF, 'Certificate Request Message Format,' RFC2511, March, 1999
22 NlST, 'Key Management Guideline, Part 1 : General Guideline,' 2002
23 Mark Bartel, Bard Fox, Brian LaMacchia and Ed Simon, 'XML Signature Syntax and Processing,' http://www.w3.org/TR/xmldsig-core/
24 Takeshi Imamura, Blair Dillaway and Ed Simon, 'XML Encryption Syntax and processing,' http://www.w3.rg/TR/xmlenccore/, 2002
25 Phillip Hallam-Baker, 'W3C XKMS Workshop position paper,' Proceedings of XKMS Workshop, Redwood City, CA, July, 2001
26 W3C Note, 'XML Key Management(XKMS 2.0) Requirements,' May, 2003
27 W3C/IETF Draft, 'XML-Signature Requirements,' October, 1999
28 W3C Working Draft, 'XML Key Management Specification Version 2.0,' April, 2003
29 W3C Working Draft, 'XML Key Management Specification Bindings,' April, 2003
30 W3C Working Draft, 'XKMS Bulk Operation,' August, 2002
31 W3C/IETF Recommendation, 'XML-Signature Syntax and Processing,' Feburary, 2002
32 W3C Recommendation, 'XML Encryption Syntax and Processing,' 2003
33 W3C Recommendation, 'Decryption Transformation for XML Signature,' 2003
34 IETF, 'X.509 Certificate and CRL Profile,' RFC2459, Januanry, 1999