• The Journal of the Korea Contents Association
• /
• v.8 no.11
• /
• pp.25-32
• /
• 2008

Access control techniques should be flexible enough to support all protection granularity levels. Since access control policies are very likely to be specified in relation to document types, it is necessary to properly manage a situation in which documents fail to be dealt with by the existing access control policies. In terms of XML documents, it is necessary to describe policies more flexibly beyond simple authorization and to consider access control methods which can be selected. This paper describes and designs the access control policy system for authorization for XML document access and for efficient management to suggest a way to use the capacity of XML itself. The system in this paper is primarily characterized by consideration of who would exercise what access privileges on a specific XML document and by good adjustment of organization-wide demands from a policy manager and a single document writer.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.85-89
• /
• 2009

This study to solve these problems a search system has been designed by combining the two methods. Also the search and manage image data by handheld devices such as portable PDA or smart phone, a system has been designed application to an embedded system. Once this is used, multimedia data can be efficiently searched and utilized by handheld devices.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2011.06a
• /
• pp.339-341
• /
• 2011

본 논문에서는 의료정보 연동을 위한 보안 시스템을 설계하기 위해 의료정보 표준과 XML을 조사 및 분석하고, 이를 토대로 보안 시스템이 연동되는 서비스 흐름도 도출 및 시스템 설계를 하였다. 특히, 병원에서 질환관련, 식이관련, 운동관련 데이터를 제공하고, EMR 통합 Gateway를 통해 환자 데이터를 전송 받아 병원 간 개인건강정보 관리 모듈과 임상정보 관리 모듈을 통해 HL7표준을 이용하여 환자 정보를 XML 형태로 교환 하는 경우, 보안 시스템이 고려된다면 향후 다양한 응용 서비스에 안전하게 사용될 수 있을 것이다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10a
• /
• pp.141-144
• /
• 2000

XML은 단순함과 융통성이라는 특징을 가지고 있기 때문에 Internet B2B(Business to Business) 메세지 송수신을 용이하게 한다. Internet B2B에서 메세지 송수신을 하는 데 있어서 보안이 점차 중요하게 대두되고 있다. 인터넷은 공용 네트워크이므로 도청과 위조와 같은 공격에 어떠한 보호장치도 있지 않기 때문에 메시지가 송수신되는 동안 자신의 중요한 정보가 다른곳으로 유출되거나 손실될 경우 B2B 메시지 송수신에 있어서 크나큰 손실을 가져올 수 있다. SSL(Secure Socket Layer)은 transport-level 보안 프로토콜이 제공하는 인증, 무결성, 기밀성을 제공하고 있다. 하지만 부인방지를 제공하고 있지 못하고 있는 실정이다. 하지만 XML-Signature를 이용하면 이러한 문제점을 해결할 수 있고 프로토콜 차원이 아닌 어플리케이션 차원에서 보안 시스템을 설계하므로 B2B 간 메시지 송수신하는데 있어서 서버와 클라이언트에 각각 XML-Signature 사용하여 안전하게 통신 할 수 있도록 해주는 보안모들 설계를 소개한다.

• Proceedings of the CALSEC Conference
• /
• 2002.01a
• /
• pp.331-334
• /
• 2002

Loosely coupled software components delivered over Internet standard technologies - SOAP over HTTP for transport - UDDI for registry and discovery - e-Business XML standards - Security and trust frameworks - Event notification(omitted)

• Journal of KIISE:Databases
• /
• v.31 no.6
• /
• pp.684-698
• /
• 2004

The Hippocratic database model recently proposed by Agrawal et al. incorporates privacy protection capabilities into relational databases. Since the Hippocratic database is based on the relational database, it needs extensions to be adapted for XML databases. In this paper, we propose the Hippocratic XML database model, an extension of the Hippocratic database model for XML databases and present an efficient access control mechanism under this model. In contrast to relational data, XML data have tree-like hierarchies. Thus, in order to manage these hierarchies of XML data, we extend and formally define such concepts presented in the Hippocratic database model as privacy preferences, privacy policies, privacy authorizations, and usage purposes of data records. Next, we present a new mechanism, which we call the authorization index, that is used in the access control mechanism. This authorization index, which is Implemented using a multi-dimensional index, allows us to efficiently search authorizations implied by the authorization granted on the nearest ancestor using the nearest neighbor search technique. Using synthetic and real data, we have performed extensive experiments comparing query processing time with those of existing access control mechanisms. The results show that the proposed access control mechanism improves the wall clock time by up to 13.6 times over the top-down access control strategy and by up to 20.3 times over the bottom-up access control strategy The major contributions of our paper are 1) extending the Hippocratic database model into the Hippocratic XML database model and 2) proposing an efficient across control mechanism that uses the authorization index and nearest neighbor search technique under this model.

• Journal of the Korea Society for Simulation
• /
• v.15 no.3
• /
• pp.115-124
• /
• 2006

XML is rapidly becoming technologies for information exchange and representation. It causes many research issues such as semantic modeling methods, security, conversion far interoperability with other models, and so on. Especially, the most important issue for its practical application is how to achieve the interoperability between XML model and relational model. Until now, many suggestions have been proposed to achieve it. However several problems still remain. Most of all, the exiting methods do not consider implicit referential integrity relations, and it causes incorrect data delivery. One method to do this has been proposed with the restriction where one semantic is defined as only one same name in a given database. In real database world, this restriction cannot provide the application and extensibility. This paper proposes a noble conversion (RDB-to-XML) algorithm based on the similarity checking technique. The key point of our method is how to find implicit referential integrity relations between different field names presenting one same semantic. To resolve it, we define an enhanced implicity referentiai integrity relations extraction algorithm based on a widely used ontology, WordNet. The proposed conversion algorithm is more practical than the previous-similar approach.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.111-122
• /
• 2008

Web service is defined to support interoperable machine to machine interaction over a network and defined as distributed technologies. Recently in web service environment, security has become one of the most critical issues. An attacker may expose user privacy and service information without authentication. Furthermore, the users of web services must temporarily delegate some or all of their behalf. This results in the exposure of user privacy information by agents. We propose a delegation model for providing safety of web service and user privacy in ubiquitous computing environments. In order to provide safety of web service and user privacy, XML-based encryption and a digital signature mechanism need to be efficiently integrated. In this paper, we propose web service management server based on XACML, in order to manage services and policies of web service providers. For this purpose, we extend SAML to declare delegation assertions transferred to web service providers by delegation among agents.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1439-1448
• /
• 2018

Many electronic document files, including Microsoft Office Word (MS Word), have become a major issue in various legal disputes such as privacy, contract forgery, and trade secret leakage. The internal metadata of OOXML (Office Open XML) format, which is used since MS Word 2007, stores the unique Revision Identifier (RSID). The RSID is a distinct value assigned to a corresponding word, sentence, or paragraph that has been created/modified/deleted after a document is saved. Also, document history, such as addition/correction/deletion of contents or the order of creation, can be tracked using the RSID. In this paper, we propose a methodology to investigate discrimination between the original document and copy as well as possible document file leakage by utilizing the changes of the RSID according to the user's behavior.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.3
• /
• pp.129-141
• /
• 2006

The purpose of this paper is to design Conformance Test Suite for BSP(Biometric Service Provider) based on BioAPI(Biometric Application Programming Interface) v2.0. The proposed BioAPI Conformance Test Suite enables users to test BSP with framework independently. A test scheduling tool has been embodied to use Test Assertion in the form of XML. In order to demonstrate the performance of the Conformance Test Suite, the experiment was performed by using both verification and identification BSPs. As the results of this experiment, we were able to determinate whether BSPs based on BioAPI v2.0 satisfied standard requirements or not.