• The Journal of the Korea Contents Association
• /
• 제9권8호
• /
• pp.113-120
• /
• 2009

XML can supply the standard data type in information exchange format on a lot of data generated in running database or applied programs for a company by using the advantage that it can describe meaningful information directly. Therefore, as it becomes more and more necessary to manage and protect massive XML data in an efficient way, the development of safe XML access control techniques needs a new method. In this study access authorization policies are defined to design access control systems. The findings demonstrated that algorithm suggested in this study improved system performance which was low due to the complex authorization evaluation process in the existing access control techniques. It is consequently proved that the safe XML access control policy presented in this study is in an improved form as compared with the existing access control methods.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 한국해양정보통신학회 2005년도 춘계종합학술대회
• /
• pp.1080-1083
• /
• 2005

Can speak that DTD is meta data that define meaning of expressed data on XML document. Therefore, in case DTD information is damaged this information to base security of XML document dangerous. Not that attach digital signature on XML document at send-receive process of XML document in this research, proposed method to attach digital signature to DTD. As reading DTD file to end first, do parsing, and store abstracted element or attribute entitys in hash table. Read hash table and achieve message digest if parsing is ended. Compose and create digital signature with individual key after achievement. When sign digital, problem that create entirely other digest cost because do not examine about order that change at message digest process is happened. This solved by method to create DTD's digital signature using DOM that can embody tree structure for standard structure and document.

• Journal of KIISE:Databases
• /
• 제31권6호
• /
• pp.567-584
• /
• 2004

As XML becomes popular as the way of presenting information on the web, how to secure XML data becomes an important issue. So far study on XML security has focused on security of data communications by using digital sign or encryption technology. But, it now requires not just to communicate secure XML data on communication but also to manage query process to access XML data since XML data becomes more complicated and bigger. We can manage XML data queries by access control technique. Right now current XML data access control only deals with read operation. This approach has no option to process update XML queries. In this paper, we present XML access control model and technique that can support both read and update operations. In this paper, we will propose the operation for XML document update. Also, We will define action type as a new concept to manage authorization information and process update queries. It results in both minimizing access control steps and reducing memory cost. In addition, we can filter queries that have no access rights at the XML data, which it can reduce unnecessary tasks for processing unauthorized query. As a result of the performance evaluation, we show our access control model is proved to be better than other access control model in update query. But it has a little overhead to decide action type in select query.

• Review of KIISC
• /
• 제11권4호
• /
• pp.29-34
• /
• 2001

XML (eXtensible Markup Language) 암호화는 XML 문서 내용을 작성한 사용자에게만 구별 가능하고, 그 외의 사람들에게는 알아보기 힘들게 XML 문서를 변경하는 방법을 의미한다. W3C (World Wide Web Consortium)의 XML 암호화 표준화 그룹은 XML 문서와 그 일부분을 포함한 디지털 콘텐츠를 암호화 및 복호화는 프로세스를 개발하고, 의도된 사용자만이 복호화할 수 있는 정보와 암호화된 내용을 표시하기 위한 XML 구문을 만드는데 목적이 있다. 따라서 본 고에서는 XML 암호화에 대한 소개와 W3C\`s XML 암호화 표준화 동향을 살펴본다.

• Proceedings of the Korean Information Science Society Conference
• /
• 한국정보과학회 2001년도 봄 학술발표논문집 Vol.28 No.1 (A)
• /
• pp.634-636
• /
• 2001

“B2B 에서의 XML 보안”에 관해서 현재 많은 연구가 활발히 진행되고 있다. 인터넷상에서 뛰어난 확장성을 가지고 있고, 풍부한 자료구조, 국제적 문자에 대한 탁월한 처리를 가진 XML을 많은 기업들이 B2B(Business to Business)에서 많이 사용하고 있다. 또한 EDI(Electronic data Interchange)에서도 XML을 사용한 문서 교환이 활발하게 이용되고 있다. 하지만 XML에서는 보안에 관한 많은 취약점을 가지고 있는 것이 사실이다. 본 논문은 XML의 보안상의 취약점, XML의 보안에 대한 기술, 그리고 인터넷에서 XML 디지털 인증에 관해 구현하였다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 한국정보보호학회 2006년도 하계학술대회
• /
• pp.555-559
• /
• 2006

디지털 포렌식에서 디지털 정보나 데이터는 범죄의 실마리를 풀 수 있는 증거로 사용되고 있어 사이버 범죄 현장에서 반드시 확보해야한다. 최근에는 사이버 범죄 뿐 아니라 민사, 형사 소송의 일반적인 범죄에서 중요한 역할을 담당하고 있지만, 범죄의 유형이 점차 다양해지고 복잡해짐에 따라 디지털 증거들을 수집, 관리하는데 어려움이 있으며, 디지털 범죄 수사 결과는 수사관, 분석관, 감정관 등 각 담당자마다 해석하고 필요로 하는 정보가 다르기 때문에 데이터의 가공과 다양한 형태의 보고서가 제공되어야 한다. 따라서 본고에서는 웹에서의 데이터 처리 표준으로 자리 잡은 XML을 이용하여 보다 편리하게 디지털 증거를 구조화하고 처리하는 방법과, 이를 효과적으로 데이터를 표현하는 방법을 제시하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제14권4호
• /
• pp.3-11
• /
• 2004

The XML has been becoming a basis of the related application and industry standards with proliferation of electronic transactions on the web, and the standardization on XML Signature, which can be applied to the digital contents including XML objects from one or more sources, is in the progress through a joint effort of W3C(World Wide Web Consortium) and IETF(Internet Engineering Task Force). Along with this trend, the development of products implementing XML Signature has been growing, and the XML Signature products are required to implement the relevant standards correctly to guarantee the interoperability among different XML Signature products. In this paper, we propose a conformance testing method for testing the XML Signature products, which includes a testing procedure and test cases. The test cases were obtained through analysis of XML Signature standards. Finally we describe the design and uses of our XML Signature conformance testing tools which implements our testing method.

• The KIPS Transactions:PartC
• /
• 제14C권4호
• /
• pp.321-330
• /
• 2007

This paper proposes a two-phase server login authentication system by XML-Signature schema extension to protect server's information resources opened on network which offer various web contents. A proposed system requests and publishes XML-based certificate through on-line, registers certificate extension information provided by CA(Certification Authority) to XCMS(XML Certificate Management Server), and performs prior authentication using user's certificate password. Then, it requests certificate extension information added by user besides user's certificate password and certificate extension information registered in XCMS by using SOAP message, and performs posterior authentication by comparing these certificate extension information. As a result, a proposed system is a security reinforced system compared with existing systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제12권5호
• /
• pp.53-61
• /
• 2002

In this paper, we will introduce a design of key recovery based on XML can be used in B2B environment. XML Digital Signature and XML Encryption that are defied recently as standards by W3C(World Wide Web Consortium) are deployed to sign/verify or encrypt/decrypt documents for electronic commerce and keys to store/load at/from key recovery server. The result of signature or encryption is always an XML document and all messages used in this key recovery system are also XML documents. It enables to adapt transparently this key recovery system to legacy XML applications and electronic commerce platforms based on XML. And its method for key recovery is key escrow. One of the characteristics of this key recovery is that one enterprise can recover keys of some documents for electronic commerce from external key recovery system in other enterprises related with them and also recover keys from owns.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 한국해양정보통신학회 2005년도 춘계종합학술대회
• /
• pp.679-682
• /
• 2005

본 논문에서는 메타레벨의 XML 보안 기법을 이용한 처방전 보안 시스템을 제안하였다. XML/EDl의 암호화를 위하여 XML 문서에만 전자서명을 첨부하는 것이 아니라, DTD에 전자 서명을 첨부하는 방법을 사용함으로써 보다 안전한 처방전 전송 시스템을 구축하고자 한다. 처방전 DTD는 처방전의 각 구성요소에 따라 처방전 정보, 환자 정보, 의료기관 정보, 처방내역 정보, 조제내역정보 엘리먼트를 정의하고 그 하위에 정보 전송에 따른 정보를 관리하기 위한 하위 엘리먼트를 정의하였다. 안전한 처방전 전송을 위하여 DTD파일을 읽어 들이면서 파싱을 하고 여기서 추출되는 엘리먼트나 속성, 엔티티들을 해시테이블에 저장한다. 파싱이 종료되면 해시 테이블을 읽어 들여서 메시지 다이제스트를 수행하고 이를 개인키와 합성하여 전자 서명을 생성한다.