• Proceedings of the CALSEC Conference
• /
• 2001.08a
• /
• pp.165-176
• /
• 2001

* Extension of EC(Electronic Commerce) * Standard of Message -EDI : UN/EDIFACT, ANSI X12, etc -XML : ebXML, CML, MathML, WIDL, etc * Various of Information -Business Transaction Data -Private Data : ID, Password, Personal Information -Charge Data : Accounts, Card, etc * Message Level Security(omitted)

• The Journal of Society for e-Business Studies
• /
• v.6 no.3
• /
• pp.101-113
• /
• 2001

Security is very important in EC(Electronic Commerce) environment because exchanged information(that is transaction details, private data, charges data(card-no, accounts), etc) is various and is very sensitive. So, In this paper, we propose Secure-ReXpis(Reliable St excellent Xh3 Processing Infrastructure) System that transfer message and support Message Level Security(Encryption/Decryption and Digital Signature). And we implement Message Confidentiality Service, User Authentication ＆ Message Integrity Service and Non-Repudiation Service among the various Security Services. This system support XML message format and EDI message, WEB Data and Private Format Data, etc.

• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.27-32
• /
• 2020

The Windows Event Log is a Log that defines the overall behavior of the system, and these files contain data that can detect various user behaviors and signs of anomalies. However, since the Event Log is generated for each action, it takes a considerable amount of time to analyze the log. Therefore, in this study, we designed and implemented an XML-based Event Log analysis tool based on the main Event Log list of "Spotting the Adversary with Windows Event Log Monitoring" presented at the NSA.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06a
• /
• pp.250-252
• /
• 2006

Web technologies are gaining increased importance in automation and control systems. However, the choice of Web technologies depends on the use cases in the application environment. In industrial systems, the data can be got not only from many different field systems and devices but also from different OPC (OLE for Process Control) Servers. Current OPC Client might be able to read simple data from OPC Server, but there are some problems to get structured data and to exchange structured information between collaborating applications. Therefore, OPC Foundation has defined interfaces to OPC XML-DA (OPC XML Data Access) and OPC Complex Data that aim to solve those problems. The OPC XML-DA can facilitate the exchange of plant data across the internet, and upwards into the enterprise domain. In addition, the OPC Complex Data will extend the OPC DA specification to allow the OPC Client to read and decode any type of data from measurement and control systems on the plant floor. This paper will describe the concept of OPC XML-DA and OPC Complex Data. And then it proposes a mechanism to implement the OPC Complex Data into OPC XML-DA Server. Additionally, the paper also discusses the security aspects.

• Proceedings of the IEEK Conference
• /
• 2001.06a
• /
• pp.149-152
• /
• 2001

In general, the wireless services based on markup language and provided with wired network requires dedicated gateway system. But in this case, the serious problems such as security vulnerabilities, damage of contents are occurred to the application. In this paper, to improve above problems, we designed and implemented the new application named "Interacted Wired St Wireless Student Information System" using J2ME(Java 2 Micro Edition) platform and XML(eXtensible Markup Language) to transmit user data safely and support the system extendibility maintaining data format consistency respectively.pectively.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.8
• /
• pp.1441-1447
• /
• 2008

It is possible to transfer huge data in mobile device by advancing mobile technology, and so in this base, various services are offered. Especially, E-commerce service is offering on mobile environment, and this service is based on XML(eXtensible Markup Language) Signature. XML Signature assure that process integrity, message authentication, and/or signer authentication. And WIPI(Wireless Internet Protocol for Interoperability) that is mobile internet integration platform was proposed to integrate mobile device platform. However, because WIPI transmits and exchanges message by tort of XML base, encryption of XML document and necessity of XML signature are increasing because of weakness of security. Therefor in this paper, Encryption and XML signature module of XML document that satisfy standard requirement in WIPI platform base design and implementation. System that was proposed in this paper used standard encryption and XML signature algorithm and supports safe encryption and XML signature through doing security simulation applied various algorithm for XML document of mobile environment.

• The Journal of Korean Association of Computer Education
• /
• v.7 no.4
• /
• pp.61-66
• /
• 2004

Electronic commerce that use Mobile Phone according as the radio Internet develops rapidly and performance of Mobile Phone develops is activated. It is said that electronic commerce that use these Mobile Phone is M-Commerce. Also, the most important controversial point is data security or an user certification technology at these electronic commerce, there are research reactor WPKI and WTLS about this technology. However, when transmit message again after sign electronic documents in Mobile Phone, if do not encrypt, danger exists to be exposed to outside. Therefore, in this paper, designed system to encipher document that handle and handles user certification applying XML electronic sign technique in Mobile environment. Prevent of XML electronic sign in Mobile environment through this paper, and can stave off danger from outside by enciphering electronic sign document.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.69-78
• /
• 2004

The change of attack techniques paradigm was begun by fast extension of the latest Internet and new attack form appearing. But, Most intrusion detection systems detect only known attack type as IDS is doing based on misuse detection, and active correspondence is difficult in new attack. Therefore, to heighten detection rate for new attack pattern, the experiments to apply various techniques of anomaly detection are appearing. In this paper, we propose an behavior profiling method using Bayesian framework based on graphics from audit data and visualize behavior profile to detect/analyze anomaly behavior. We achieve simulation to translate host/network audit data into BF-XML which is behavior profile of semi-structured data type for anomaly detection and to visualize BF-XML as SVG.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.303-308
• /
• 2004

As developed wireless internet and performance of wireless terminal, E-commerce of wire internet move to wireless internet. This I-commerce in wireless internet environment called M-Commerce, recognized user authentication and data security as very important technology such as E-commerce in environment of wire internet. So authentication technology such as WPKI and Hermes system and XML digital signature was studied. But WPKI is difficulty to implement system, if authentication system that consisted in WPKI environment was heterogeneous. And Hermes system is not interoperate to XML digital signature system. So, our paper suggested XML digital signature system based java card to interoperate among the digital signature system, to apply XML digital signature used in wire internet. Our system offer XML digital signature in wireless internet, can interoperate among the XML digital signature systems.

• Journal of KIISE:Databases
• /
• v.36 no.3
• /
• pp.235-246
• /
• 2009

As demands intending to treat an access control on a client side that was conventionally controlled at a server are surged. it needs a way to treat query processing in effective and secure manners in an environment that has limited resources. Because the access control having been previously performed was only focused on safety, there was little effort to consider the access control in terms of efficiency. Researches about security including access control are started as the security issues are cropped up in a recent stream environment. This paper proposes a method for efficient and secure query processing of XML data streams like a PDA and a portable terminal at the client that is in limited resources. Specifically, this study suggests (1) an access control processing that possesses small overhead for attaining a secure result in a limited memory and (2) a way to enhance the performance, finding the parts being capable of optimizing in each processing step for offsetting the overhead caused by an addition of the access control processing. Superiority of the new method was analyzed by experiment.