계층적 키 할당 기법을 기반으로 하는 XML 문서의 접근제어

반용호 한국멀티미디어학회, 2005 멀티미디어학회논문지 Vol.8 No.11

PKI 기반 전자거래를 위한 공개키 인증시스템 설계 및 구현

반용호,홍주형,김종훈 동아대학교 정보기술연구소 2000 情報通信硏究所論文誌 Vol.8 No.1

PKI(Public Key Infrastructure) is a system that uses asymmetric encryption and digital certificates to achieve secure Internet services. In the physical world, face-to-face transactions, photo identification and even written signatures offer some protection against fraud. However, the Internet remains relatively anonymous, making it harder to know who is at the other end of the network. In this paper, we design and implement a system of the linux based public(asymmetric) key certification. The system consists of Root-CA, Sub-CA and client. We use linux, Openssl, PHP and mysql for implementation of Root-CA and Sub-CA.

암호학적인 키 할당 기법을 이용한 XML 문서의 접근제어

반용호,김종훈 東亞大學校附設情報技術硏究所 2005 情報技術硏究所論文誌 Vol.12 No.2

The XML is de facto the standard language for the exchange of information in Internet and represent an important opportunity to provide find grained access control. In order to provide a general access control methodology for parts of XML documents, we propose combining role-based access control, with a methodology originally designed for key distribution in cryptography. We describe how certain access control policies for restricting access to XML documents can be enforced by encrypting specified regions of the documents. These regions are specified using XPath filters and the policies are based on the hierarchial structure of XML documents.

XML 문서에 대한 RBAC 기반 접근제어 정책

반용호,심효영,김종훈 동아대학교 정보기술연구소 2003 情報技術硏究所論文誌 Vol.11 No.1

XML (extensible Markup Language) has emerged as a prevalent standard for document representation and exchange on the Web. XML documents contain information of different sensitivity degrees, so that XML Document must selectively shared by user communities. There is thus the need for models and mechanisms enabling the specification and enforcement of access control policies for XML documents. Mechanisms are also required enabling a secure and selective dissemination of documents to users, according to the authorizations that these users have. In this paper, we make RBAC Based access Control polices to the problem of secure and selective access of XML documents.

다중 연산을 고려한 XML 문서의 접근제어

반용호,문준선,박경순,배경만,김종훈 東亞大學校附設 情報技術硏究所 2004 情報技術硏究所論文誌 Vol.12 No.1

The growth in interchange of business and other sensitive data has led to increasing interest in access control. Access control for XML is receiving significant attention as XML is gaining popularity for storing and exchanging information. Until now, research on XML security has been focused on the security of data communication using digital signatures or encryption technologies. As XML is also used for a data representation of data storage, XML security comes to involve not only communication security but also managerial security. In this paper, we discuss an XML access control model and propose a technique that supports not only read operations but also update operations.

역할 계층과 계층키 유도/할당 기법을 이용한 XML 객체의 접근제어

반용호,김종훈 東亞大學校附設 淸報技術硏究所 2006 情報技術硏究所論文誌 Vol.13 No.2

As XML is recognized as a prevalent standard for document representation and exchange in the Internet, the need for security of XML becomes very important issue. Especially it is very important to solve the problem of access control to XML object which shares in the environment where various users connect to each others. In this paper, we propose the access control model and mechanism which is combined with role hierarchy in the RBAC and hierarchical key derivation/assignment method for the access to XML object. So we implement the access control mechanism by including hierarchical key derivation method. The technique, we proposed, gives not only the benefit in management which RBAC provides in access control to XML objects, but also it can help derive a lower layer key from the higher layer user's. This feature decrease the number of keys managed in each role hierarchy in comparison with previous methods.

유비쿼터스 컴퓨팅 환경에서의 기밀성 보장을 위한 상황인지 기반 접근제어 모델

반용호,김종훈 東亞大學校附設 情報技術硏究所 2005 情報技術硏究所論文誌 Vol.13 No.1

A key challenge for computer users to ensure confidentiality in UCE(Ubiquitous Computing Environment) is the design of effective access control schemes that can adequately meet the unique security challenges posed by UCE. Despite the recent advances in access control approaches applicable to computing environment, there remain issues that impede the development of effective access control model for UCE. Amongst them are the lock of context-aware models for access control, and reliance on identity or capability-based access control schemes. Additionally, the unique service access control features required in UCE are not captured in existing scheme. In this paper, we define UCE as an access control point of view, and shows requirements to consider for developing access control model for UCE.

B2B 시스템에서의 이중 암호화를 위한 암호 프로토콜의 설계

반용호,김종훈 동아대학교 정보기술연구소 2002 情報技術硏究所論文誌 Vol.9 No.2

The purpose of this paper is to develop secure protocol used for B2B system. There are various types in B2B system. But, in this paper, we consider client-eMarketPlace-B2B server model only. Proposed protocol in this paper provide double encryption and digital signature. The protocol satisfied various requirements of security issue in B2B system. The protocol is the consideration of different two types, client-eMarketPlace area is separated from eMarketPlace-B2B server area as well as client-eMarketPlace-B2B server is connection with together. Double encryption in client between B2B server area, and Digital Signature scheme in client-eMarketPlace area provide properly integrity and confidentialty for B2B system.

안전한 XML 문서 처리를 위한 XDS/XDES의 구현

반용호,주성범,심효영,김종훈 동아대학교 정보기술연구소 2002 情報技術硏究所論文誌 Vol.10 No.1

Today eBusiness plays a key role in the economy. Since many organizations are suffering from security problems such as computer viruses and security breaches, computer security has become a crucial concern for eBusiness. XML has already established itself in eBusiness applications, and the XML-compliant language play an important role in almost all eBusiness application systems and middleware. The XDS/XDES(XML Document Signature /XML Document Encryption System) has been developed to supply a digital signature function, an encryption, and a library of cryptography primitives and algorithm for securing an XML document and the existing non-XML documents that are exchanged int the electronic commerce. In this paper, we will introduce the core function of XDS/XDES and explain how the XDS/XDES process to offer security service in XML document.

역할 계층과 암호학적인 키 할당 기법을 이용한 XML 객체의 접근제어

반용호(Yong-Ho Ban),배경만(Kyoung-Man Bae),김종훈(Jong-Hoon Kim) 한국정보보호학회 2005 정보보호학회논문지 Vol.15 No.6

XML에 대한 사용의 증가와 함께, XML 객체에 대한 보안의 필요성이 계속해서 증가하고 있다. 특히, 다양한 사용자가 서로 결합되어 있는 환경에서 공유되는 XML 객체에 대한 접근제어 문제의 해결은 매우 중요하다. 본 논문에서는 XML 객체에 대한 접근제어를 위하여 RBAC의 역할 계층과 계층적 키 유도/할당 기법을 결합한 접근제어 모델을 제안한다. RBAC는 자체적으로 주체에 대한 키 할당 기법은 지원하지 않으므로 계층적 키 분배 기법을 도입하여 접근제어 메커니즘이 실현되도록 하였다. 본 논문에서 제안된 방식은 XML 객체를 위한 접근제어에서 RBAC이 제공하는 관리상의 이점뿐만 아니라, 상위 계층의 사용자가 하위 계층의 키를 유도하여 사용할 수 있게 지원하므로 각 역할 계층에서 관리하는 키의 수가 기존 방식에 비하여 줄어드는 특징을 제공한다. As the usage of XML documents increases the requirement of security for XML documents is growing. Especially it is very important to solve the problem of access control to XML object which shares in the environment where various users connect to each others. In this paper, we propose the access control model and mechanism which is combined with role hierarchy in the RBAC and hierarchical key derivation/assign method for the access to XML object. So we implement the access control mechanism by including hierarchical key derivation method. The technique, we proposed, gives not only the benefit in management which RBAC provides in access control to XML objects, but also it can help derive a lower layer key from the higher layer user’s. This feature decrease the number of keys managed in each role hierarchy in comparison with previous methods.