• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.3-11
• /
• 2004

The XML has been becoming a basis of the related application and industry standards with proliferation of electronic transactions on the web, and the standardization on XML Signature, which can be applied to the digital contents including XML objects from one or more sources, is in the progress through a joint effort of W3C(World Wide Web Consortium) and IETF(Internet Engineering Task Force). Along with this trend, the development of products implementing XML Signature has been growing, and the XML Signature products are required to implement the relevant standards correctly to guarantee the interoperability among different XML Signature products. In this paper, we propose a conformance testing method for testing the XML Signature products, which includes a testing procedure and test cases. The test cases were obtained through analysis of XML Signature standards. Finally we describe the design and uses of our XML Signature conformance testing tools which implements our testing method.

• Journal of Korea Society of Industrial Information Systems
• /
• v.10 no.3
• /
• pp.7-14
• /
• 2005

There are lots of XML security researches as growing importance of XML. Apvrille and Girier proposed a XML signature schema with a time stamping protocol(TSP) to support timeliness. However, the security of the timeliness in their schema depends on only a trusted security authority(TSA). To solve this problem, they suggested a solution by the distributed and linked model, but their solution has a big overhead. This paper proposes a new XML signature schema to solve the overhead problem. The proposed signature schema can offer the timeliness by the XML signature schema with user's timestmap and it solve the TSA's security problem.

• Journal of Information Technology Services
• /
• v.3 no.2
• /
• pp.85-98
• /
• 2004

As the e-Commerce based on the XML technology is getting bigger, user authentication, integrity, non-repudiation and confidentiality has become important for security. Since the XML technology is widely used for exchanging information among the Internet e-business systems, the security of XML documents is essentially required and XML digital signature should be supported. To support the digital signature of XML documents, W3C proposed the XML-Signature specification as an international standard that describes five transform algorithms. In this paper, we design and implement a XML/PKI based digital tax invoice system. Our system supports the five transforming algorithms defined in the XML-Signature specification and exchanges digital tax invoices among enterprises securely. We design and implement the flexible and efficient system consists of reusable components using CBD(Component Based Development).

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.303-308
• /
• 2004

As developed wireless internet and performance of wireless terminal, E-commerce of wire internet move to wireless internet. This I-commerce in wireless internet environment called M-Commerce, recognized user authentication and data security as very important technology such as E-commerce in environment of wire internet. So authentication technology such as WPKI and Hermes system and XML digital signature was studied. But WPKI is difficulty to implement system, if authentication system that consisted in WPKI environment was heterogeneous. And Hermes system is not interoperate to XML digital signature system. So, our paper suggested XML digital signature system based java card to interoperate among the digital signature system, to apply XML digital signature used in wire internet. Our system offer XML digital signature in wireless internet, can interoperate among the XML digital signature systems.

• The KIPS Transactions:PartC
• /
• v.12C no.1 s.97
• /
• pp.37-44
• /
• 2005

As wireless network was developed and Capability of Wireless Phone was increased, M-Commerce was activates In Wireless network environment. User Authentication and Security in E-Commerce Environment is very important, so Authentication Technology, such as WPKI and Hermes System, XML Digital Signature in Wire Network is studying. But if authentication systems was implemented heterogeneous, WPKI is difficult to implement the system, it's not interoperate with authentication system on wire internet, not support XML digital Signature. Hermes system also not interoperate with XML digital signature system. So our paper designed System that can interoperate among digital signature systems and XML document to apply XML digital signature technology on wire network to wireless network, and then implemented system that can XML digital signature to use Java Card.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.8
• /
• pp.1441-1447
• /
• 2008

It is possible to transfer huge data in mobile device by advancing mobile technology, and so in this base, various services are offered. Especially, E-commerce service is offering on mobile environment, and this service is based on XML(eXtensible Markup Language) Signature. XML Signature assure that process integrity, message authentication, and/or signer authentication. And WIPI(Wireless Internet Protocol for Interoperability) that is mobile internet integration platform was proposed to integrate mobile device platform. However, because WIPI transmits and exchanges message by tort of XML base, encryption of XML document and necessity of XML signature are increasing because of weakness of security. Therefor in this paper, Encryption and XML signature module of XML document that satisfy standard requirement in WIPI platform base design and implementation. System that was proposed in this paper used standard encryption and XML signature algorithm and supports safe encryption and XML signature through doing security simulation applied various algorithm for XML document of mobile environment.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.11a
• /
• pp.592-596
• /
• 2002

Can speak that DTD is meta data that define meaning of expressed data on XML document. Therefore, In case DTD information is damaged this information to base security of XML document dangerous. Not that attach digital signature on XML document at send-receive process of XML document in this research, proposed method to attach digital signature to DTD. As reading DTD file to end first, do parsing, and store abstracted element or attribute entitys in hash table. Read hash table and achieve message digest if parsing is ended. Compose and create digital signature with individual key after achievement. When sign digital, problem that create entirely other digest cost because do not examine about order that change at message digest process is happened. This solved by method to create DTD's digital signature using DOM that can embody tree structure for standard structure and document.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.3
• /
• pp.519-525
• /
• 2003

Technology that develop existent EDI according to electronic commerce environment by XML's entrance on the stage is XML/EDI. The DTD is meta data that define meaning of expressed data on XML document. Therefore, in case DTD information is damaged this information to base security of XML document dangerous. Not that attach digital signature on XML document for XML/EDI that is encoded in internet shopping mall in this research, proposed method to attach digital signature to DTD. When sign digital, problem that create entirely other digest cost because do not examine about order that change at message digest process is happened. This solved by method to create DTD's digital signature using DOM that can embody tree structure for standard structure and document.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.45 no.6
• /
• pp.147-153
• /
• 2008

Talking about reliability of I-commerce, the security services such as data integrity and non-repudiation are the most crucial elements. This thesis implemented the real estate contract digital signature system that makes this real estate E-commerce Possible. The technical background used in this thesis for the security services is XML (extensible Markup Language) signature technique, which is a signature technique that applies XML on the existing digital signature algorithm. The advantage of using XML signature technique is that it is very efficient since signing for the partial data is possible, and it is easy to apply to the XML-based I-commerce system which is most commonly used.

• Journal of KIISE:Databases
• /
• v.30 no.5
• /
• pp.532-539
• /
• 2003

The paper proposes a pre-processing method for efficient processing of XML queries in information retrieval systems with a large amount of XML documents. For the pre-processing, we use a signature-based approach. In the conventional (flat document-based) information retrieval systems, user queries consist of keywords and boolean operators, and thus signatures are structured in a flat manner. However, in XML-based information retrieval systems, the user queries have the form of path query. Therefore, the flat signature cannot be effective for XML documents. In the paper, we propose a structured signature for XML documents. Through experiments, we evaluate the performance of the proposed method.