Browse > Article
http://dx.doi.org/10.3745/KIPSTD.2002.9D.5.931

Implementation of the Secure Web Server-Client Module Based on Protocol Architecture  

Jang, Seung-Ju (동의대학교 컴퓨터공학과)
Han, Soo-Whan (동의대학교 멀티미디어공학과)
Publication Information
The KIPS Transactions:PartD / v.9D, no.5, 2002 , pp. 931-938 More about this Journal
Abstract
We implement the PBSM (Protocol-Based Security Module) system which guarantees the secure data transmission under web circumstances. There are two modules to implement for the PBSM architecture. One is Web Server Security Module (WSSM) which is working on a web server, the other is the Winsock Client Security Module (WSCSM) which is working on a client. The WSCSM security module decrypts the encrypted HTML document that is received from the security web server The decrypted HTML document is displayed on the screen of a client. The WSSM module contains the encryption part for HTML file and the decryption part for CGI (Common Gateway Interface). We also implement the proposed idea at the web system.
Keywords
Protocol-Based Security module; WSCSM; WSSM; Web Security Module;
Citations & Related Records
연도 인용수 순위
  • Reference
1 김병천, 이경호, 박성준, 원동호, '전자 서명 방식의 구현 및 성능분석', 제4회 통신정보 합동학술대회논문집, pp.662-666, 1994
2 W. Diffie and M. E. Hellman, 'New directions in cryptography,' IEEE Trans. on Information Theory IT-22, No.6, pp. 644-654, 1976
3 A. O. Frier, P. Karlton, and P. C. Kocher, The SSL protocol version 3.0, draft-ietf-tls-ssl-version3-00.txt, November, 1996
4 Debaty, P., Caswell, D., 'Uniform Web presence architecture for people, places, and things,' IEEE Personal Communications, Vol.8, Issue.4, pp.46-51, Aug., 200l   DOI
5 Warwick Ford, Michael S. Baum, Secure Electronic Commerce : Building the Infrastructure for Digital Signatures and Encryption, Prentice Hall, 2000
6 박일환, 장청룡, 원동호, '증명이 가능한 전자서명기법', 한국통신정보보호학회논문지, 제4권 제1호, pp.41-50, 1994
7 염홍렬, '전자 서명 방식 고찰', 한국통신정보보호학회 학회지, 제3권 제2호, pp.7-18, 1993
8 Niemeyer, R. E., 'Using Web technologies in two MLS environments : a security analysis,' Computer Security Applications Conference, 1997. Proceedings., 13th Annual, pp. 205-214, 1997   DOI
9 Gutzmann, K., 'Access control and session management in the HTTP environment,' IEEE Internet Computing, Vol.5 Issue.l, pp.26-35, Jan.-Feb., 2001   DOI   ScienceOn
10 D. L. Dill., 'The Murpi verification system,' In Computer Aided Verification 8th International Conference, pp.390-403, 1996
11 Donna Woouteiler, Web Security; A Matter of Trust, O'Reilly & Associates, 1997
12 K. Nyberg and R. A. Rueppel, 'Message recovery for signature scheme based on the discrete logarithm problem,' Eurocrypt'94 Proceedings, Springer-Verlag, 1995   DOI
13 Liu, S., Sullivan, J., Ormaner, J., 'A practical approach to enterprise it security,' IT Professional, Vol.3, Issue.5, pp.3542, Sep.-Oct., 2001   DOI   ScienceOn
14 R. L. Rivest, A. Shamir and L. Adleman, 'A method of obtaining digital signature and public key cryptosystem,' ACM Communication 21, No.2, pp.120-126, 1978   DOI   ScienceOn
15 Rubin, A. D., Geer, D. E., Jr., 'A survey of Web security,' Computer, Vol.31, Issue.9, pp.34-41, Sept., 1998   DOI   ScienceOn
16 Lincoln D. Stein, Web Security: A Step-by-Step Reference Guide, Addison-Wesley, 1999
17 Younglove, R. W., 'IP security: what makes it work?,' Computing & Control Engineering Journal, Vol.12, Issue.1, pp.44-46, Feb., 2001   DOI   ScienceOn
18 S. C. Pohlig and M. E. Hellman, 'An improved algorithm for computing logarithm over GF(p) and its cryptographic significance,' IEEE Trans. on Information Theory IT-24, No.5, pp.106-110, 1978
19 Wangham, M. S., Lung, L. C., Westphall, C. M., Fraga, J. S., 'Integrating SSL to the JaCoWeb security framework: project and implementation,' Integrated Network Management Proceedings, 2001 IEEE/IFIP International Symposium on, pp.779-792, 2001   DOI