• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.326-328
• /
• 2003

본 논문에서는 최근 그 필요성이 크게 인식되고 있는 XML 문서에 대한 보호 방안을 접근제어 기법을 적용하여 해결하고자 한다. 일반적인 자원 또는 HTML 문서에 적용되는 접근 방법과 달리 XML 문서가 가지는 구조적 특성을 충분히 활용하여 XML 문서의 각 엘리먼트 레벨까지 소유주의 보호 권한(protection privilege)을 만족하면서, 적절한 사용권한을 가진 사용자에게 해당 XML 문서에 대한 접근과 변경을 수행하는 메커니즘을 제안한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.86-90
• /
• 2003

XML(extensible Markup Language)는 웹상에서 문서를 표현하고 교환하기 위한 표준으로 자리 잡았다. XML 문서는 자체적으로 민감성의 등급이 다른 정보를 포함할 수 있는 구조를 가지고 있으므로 XML 문서에 대한 특정 사용자 그룹의 선택적인 접근 및 공유를 위한 방법이 반드시 필요하다. 이를 위해서는 XML문서에 대한 접근제어 정책을 규정하고 수행하기 위한 방법과 메커니즘이 요구된다. 또한, XML 문서에 사용되는 접근제어 메커니즘은 사용자가 소유하고 있는 권한부여 정보에 의존하여 문서의 안전하고 선택적인 배포가 가능해야 한다. 본 논문에서는 XML 문서의 안전하고 선택적인 접근문제를 해결하기 위하여 RBAC를 응용한 메커니즘을 제안한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.5
• /
• pp.972-977
• /
• 2003

XML has weakness problems on document modulation and elimination of data Because of the XML gives priority to present data format, XML signature, XML encryption, or XML access control is provided to overcome those weakness problems. However, structured XML efficiency contravention problem occurred from XML encryption and absence of protection from DID attack are still remains unsolved. In this paper, we suggests the XML schema that satisfies both validity and encryption. The DTD is unnecessary because XML schema supports Well-Formed XML documents and include meta information. Also XML schema has possibility to generate each XML document dynamically and because of self efficiency investigator rule, it has an advantage on extendability of DID based encryption of XML documents.

• Journal of Korea Multimedia Society
• /
• v.9 no.6
• /
• pp.693-699
• /
• 2006

Object-oriented databases (OODBs) have been adopted for managing non-standard applications such as computer-aided design (CAD), office document management and many multimedia applications. One of the major characteristics of OODBs is class hierarchy where a subclass is allowed to inherit the definitions defined on its superclasses. In this paper, I present the evaluation metrics for class hierarchy quality in OODBs. These metrics are developed to determine if a concurrency control scheme can achieve good performance or not on a given class hierarchy. I first discuss the existing concurrency control schemes for OODBs. Then I provide evaluation metrics based on structural information and access frequency information in class hierarchies. In order to discuss significance of the proposed performance metrics, an analytical model is developed. Analysis results show that the performance metrics are important factor in concurrency control performance. I consider both single inheritance and multiple inheritance. The proposed metrics can be used to provide guidelines on how to design class hierarchy of an OODB for maximizing the performance of concurrency control technique.

• Journal of Advanced Navigation Technology
• /
• v.12 no.5
• /
• pp.451-463
• /
• 2008

There are management and security of software source code equivalent to 10 assembly lines of important infrastructure in the early stage of information society directly. A support technology and framework to protect software source code are so poor state In this paper, the proposed model that is support protection and access control between software source code as object and subject that is not authenticated safely was named CRYPTEX model. And we propose active business model to provide delegate, mobile, and security/access control function for passive software source code in document state using CRYPTEX.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.429-436
• /
• 2018

Electronic documents are efficient to be created and managed, but they are liable to lose their originality because copies are created during distribution and delivery. For this reason, various security technologies for electronic documents have been applied. However, most security technologies currently used are for document management such as file access privilege control, file version and history management, and therefore can not be used in environments where authenticity is absolutely required, such as confidential documents. In this paper, we propose a method to detect document forgery and tampering through analysis of file system without installing an agent inside the instance operating system in cloud computing environment. BubbleDoc monitors the minimum amount of virtual volume storage in an instance, so it can efficiently detect forgery and tampering of documents. Experimental results show that the proposed technique has 0.16% disk read operation overhead when it is set to 1,000ms cycle for monitoring for document falsification and modulation detection.

• Proceedings of the CALSEC Conference
• /
• 2005.03a
• /
• pp.55-61
• /
• 2005

We will introduce a new web-based knowledge management system in progress, in which XML-based web information extraction and our structuring knowledge technologies are combined using ontology-based natural language processing. Our aim is to provide efficient access to heterogeneous information on the web, enabling users to use a wide range of textual and non textual resources, such as newspapers and databases, effortlessly to accelerate knowledge acquisition from such knowledge sources. In order to achieve the efficient knowledge management, we propose at first an XML-based Web information extraction which contains a sophisticated control language to extract data from Web pages. With using standard XML Technologies in the system, our approach can make extracting information easy because of a) detaching rules from processing, b) restricting target for processing, c) Interactive operations for developing extracting rules. Then we propose a structuring knowledge system which includes, 1) automatic term recognition, 2) domain oriented automatic term clustering, 3) similarity-based document retrieval, 4) real-time document clustering, and 5) visualization. The system supports integrating different types of databases (textual and non textual) and retrieving different types of information simultaneously. Through further explanation to the specification and the implementation technique of the system, we will demonstrate how the system can accelerate knowledge acquisition on the Web even for novice users of the field.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.564-567
• /
• 2003

XML has weakness problems on document modulation and elimination of data Because of the XML gives priority to present data format, XML electrical signature, XML cryptography, or XML access control is provided to overcome those weakness problems. However, structured XML efficiency contravention problem occurred from XML encryption and absence of protection from DTD attack are still remains unsolved. In this paper, we provide XML scheme that satisfies both efficiency and encryption. DTD is unnecessary because XML scheme supports formatting(Well-Formed XML) XML documents and it also include meta information. Because of the XML scheme has possibility to generate each XML document dynamically and self efficiency investigator rule, it has an advantage on extendability of DID based encryption of XML documents.

• Journal of KIISE:Databases
• /
• v.29 no.6
• /
• pp.417-428
• /
• 2002

XML(extensible Markup Language) is effective to information retrieval and sharing but has defects related to the data security. And, as a solution of this problem, the current XML security researches such as XML digital signature, XML data encryption, and XML access control exclude the validation property of XML document. The validation of XML should be considered for the secure information sharing in the XML-based environment. In this paper, we design and implement the system to support both security and validation to XML document. Our system performs data encryption and maintenance of valid status of XML document by referencing new XML schema namespace. In addition, it also provides the XML schema security function through the XML schema digital signature. During generating XML schema digital signature, DOMHash method which has the advantage of the faster speed than canonical XML method is applied to XML schema. In conclusion, our system shows the improved functions in flexibility, scalability, and reliability compared with the existing XML security researches.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.49-63
• /
• 2008

RDF is the base ontology model which is used in Semantic Web defined by W3C. OWL expands the RDF base model by providing various vocabularies for defining much more ontology relationships. Recently Jain and Farkas have suggested an RDF access control model based on RDF triple. Their research point is to introduce an authorization conflict problem by RDF inference which must be considered in RDF ontology data. Due to the problem, we cannot adopt XML access control model for RDF, although RDF is represented by XML. However, Jain and Farkas did not define the authorization propagation over the RDF upper/lower ontology concepts when an RDF authorization is specified. The reason why the authorization specification should be defined clearly is that finally, the authorizatin conflict is the problem between the authorization propagation in specifying an authorization and the authorization propagation in inferencing authorizations. In this article, first we define an RDF access authorization specification based on RDF triple in detail. Next, based on the definition, we analyze the authoriztion conflict problem by RDF inference in detail. Next, we briefly introduce a method which can quickly find an authorization conflict by using graph labeling techniques. This method is especially related with the subsumption relationship based inference. Finally, we present a comparison analysis with Jain and Farkas' study, and some experimental results showing the efficiency of the suggested conflict detection method.