Design of Integration Security System using XML Security
In this paper, we design an integration security system
that provides authentication service, authorization service, and
management service of security data and a unified interface for the
management service. The interface is originated from XKMS protocol
and is used to manage security data such as XACML policies, SAML
assertions and other authentication security data including public keys.
The system includes security services such as authentication,
authorization and delegation of authentication by employing SAML
and XACML based on security data such as authentication data,
attributes information, assertions and polices managed with the
interface in the system. It also has SAML producer that issues
assertions related on the result of the authentication and the
authorization services.
[1] W3C, XML Key Management (XKMS 2.0) Requirements, May-2003.
[2] W3C, XML Key Management Specification Version 2.0, Apr-2003.
[3] OASIS, eXtensible Access Control Markup Language (XACML) Version
1.0, Feb-2003.
[4] OASIS, A Brief Introduction to XACML, Feb-2003.
[5] OASIS, Security Assertion Markup Language, Jan-2003.
[6] OASIS, Web Services Security (WS-Security) Version 1.0 Apr-2002.
[7] Frederick Hirsch, Getting Started with XML Security,
http://www.sitepoint.com/, Nov-2003.
[8] W3C, XML Signature Syntax and Processing, Feb-2002.
[9] W3C, XML Encryption Syntax and Processing, Dec-2002.
[10] OASIS, XML Common Biometric Format, Aug-2003.
[11] W3C, The Platform for Privacy Preferences Specification, Apr-2002.
[12] Jongil Jeong, Dongkyoo Shin, Dongil Shin and Kiyoung Moon,
Java-Based Single Sign-On Library Supporting SAML for Distributed
Web Services, APWeb, April 2004.
[13] Kiyoung Moon et. al., Certificate validation Scheme of Open Grid Service
Usage XKMS, GCC 2003.
[14] Namje Park. Et. al.,Development of XKMS-based Service Component for
Using PKI in XML Web Service Environment, ICCSA, 2004.
[1] W3C, XML Key Management (XKMS 2.0) Requirements, May-2003.
[2] W3C, XML Key Management Specification Version 2.0, Apr-2003.
[3] OASIS, eXtensible Access Control Markup Language (XACML) Version
1.0, Feb-2003.
[4] OASIS, A Brief Introduction to XACML, Feb-2003.
[5] OASIS, Security Assertion Markup Language, Jan-2003.
[6] OASIS, Web Services Security (WS-Security) Version 1.0 Apr-2002.
[7] Frederick Hirsch, Getting Started with XML Security,
http://www.sitepoint.com/, Nov-2003.
[8] W3C, XML Signature Syntax and Processing, Feb-2002.
[9] W3C, XML Encryption Syntax and Processing, Dec-2002.
[10] OASIS, XML Common Biometric Format, Aug-2003.
[11] W3C, The Platform for Privacy Preferences Specification, Apr-2002.
[12] Jongil Jeong, Dongkyoo Shin, Dongil Shin and Kiyoung Moon,
Java-Based Single Sign-On Library Supporting SAML for Distributed
Web Services, APWeb, April 2004.
[13] Kiyoung Moon et. al., Certificate validation Scheme of Open Grid Service
Usage XKMS, GCC 2003.
[14] Namje Park. Et. al.,Development of XKMS-based Service Component for
Using PKI in XML Web Service Environment, ICCSA, 2004.
@article{"International Journal of Electrical, Electronic and Communication Sciences:57944", author = "Juhan Kim and Soohyung Kim and Kiyoung Moon", title = "Design of Integration Security System using XML Security", abstract = "In this paper, we design an integration security system
that provides authentication service, authorization service, and
management service of security data and a unified interface for the
management service. The interface is originated from XKMS protocol
and is used to manage security data such as XACML policies, SAML
assertions and other authentication security data including public keys.
The system includes security services such as authentication,
authorization and delegation of authentication by employing SAML
and XACML based on security data such as authentication data,
attributes information, assertions and polices managed with the
interface in the system. It also has SAML producer that issues
assertions related on the result of the authentication and the
authorization services.", keywords = "XML, XML Security, XACML.", volume = "1", number = "8", pages = "1137-5", }