Open Science Research Excellence

Open Science Index

Commenced in January 2007 Frequency: Monthly Edition: International Publications Count: 29737

Select areas to restrict search in scientific publication database:
A Study on the Secure ebXML Transaction Models
ebXML (Electronic Business using eXtensible Markup Language) is an e-business standard, sponsored by UN/CEFACT and OASIS, which enables enterprises to exchange business messages, conduct trading relationships, communicate data in common terms and define and register business processes. While there is tremendous e-business value in the ebXML, security remains an unsolved problem and one of the largest barriers to adoption. XML security technologies emerging recently have extensibility and flexibility suitable for security implementation such as encryption, digital signature, access control and authentication. In this paper, we propose ebXML business transaction models that allow trading partners to securely exchange XML based business transactions by employing XML security technologies. We show how each XML security technology meets the ebXML standard by constructing the test software and validating messages between the trading partners.
Digital Object Identifier (DOI):


[1] W3C Recommendation, Extensible Markup Language (XML) 1.0 (Second Edition), W3C, T. Bray, J. Paoli, C.M. Sperberg-McQueen, E. Maler, 2000.
[2] Web Services Architecture Working Group Working Draft, Web Services Architecture, Web Services Architecture Working Group, D. Booth, H. Hass, F. McCabe, et. Al., 2003
[3] UN/CEFACT and OASIS Technical Specifications, ebXML Technical Architecture Specification, UN/CEFACT and OASIS, B., C. Barham, 2001.
[4] UN/CEFACT and OASIS Technical Reports, ebXML Technical Architecture Risk Assessment V1.0, UN/CEFACT and OASIS, ebXML Security Team, 2001.
[5] R. Conrad, D. Scheffner, and J. Freytag, "XML conceptual Modeling using UML", 19th International Conference on Conceptual Modeling, Salt Lake City, Utah, U.S.A., 2000.
[6] Transport Layer Security Working Group Internet Draft, The SSL Protocol, Transprot Layer Security Working Group, A.O. Freier, P. Karlton, P.C. Kocher, 1996
[7] IETF RFC. 2311, S/MIME Version 2 Message Specification, Network Working Group, 1998.
[8] ebXML, "Creating a Single Global Electronic Market,"
[9] S. Patil, E. Newcomer, "ebXML and Web Services, Internet Computing", IEEE, Vol. 7, No. 3, May-June.2003, pp. 74-82.
[10] W3C Recommendation, XML Encryption Syntax and Processing, W3C, T. Imamura, B. Dillaway, E. Simon, 2002.
[11] W3C Recommendation, XML Signature Syntax and Processing, W3C, M. Bartel, J. Boyer, B. Fox, B. LaMacchia and E. Simon, 2002.
[12] W. Y. Han, C. S. Park, S. Y. lim, J. H. Kang, "An XML digital signature for Internet e-business applications", International Conferences on Info-tech and Info-net, Beijing China, Vol. 6, No. 29, Oct.2001, pp. 23-29.
[13] W3C Working Draft, XML Key Management Specification (XKMS) Version 2.0, W3C, W. Ford, P. Baker H., B. Fox, B. Dillaway, B. LaMacchia, J. Epstein and J. Lapp., 2003.
[14] OASIS Committee Specification, Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V1.1, OASIS, E. Maler, P. Mishra, R. Philpott R, 2003.
[15] OASIS Std., eXtensible Access Control Markup Language (XACML) Version 1.0 OASIS Standard, OASIS, S. Godik, T. Moses, 2003.
[16] E. Bertino, E. Ferrari, "Secure and selective dissemination of XML documents", ACM Transactions on Information and System Security (TISSEC), Vol. 5, No. 3, Aug.2002.
[17] E. Damiani, S. Vimercati, S. Paraboschi, P. Samarati, "A fine-grained access control system for XML documents", ACM Transactions on Information and System Security (TISSEC), Vol. 5, No. 2, May.2002.
[18] OASIS Technical Committee, Collaboration-Protocol Profile and Agreement Specification Version 2.0, OASIS, S. Aissi, A. Chan. et. al., 2002.
[19] D. J. Polivy, R. Tamassia, "Authenticating Distributed Data using Web Services And XML Signatures", Dynamic Coalitions Program of the Defense Advanced Research Projects Agency under grant F30602-00-2-0509 (2002)
[20] P. Devanbu, M. Gertz, A. Kwong, C. Martel, G. Nuckolls, S. G. Stubblebine, "Flexible authentication of XML documents", ACM Conference on Computer and Communications Security, 2001, pp. 136-145.
[21] IETF RFC. 2459, Internet X.509 Public Key Infrastructure Certificate and CRL Profile, Network Working Group, 1999.
[22] Junseok Lee, O.H. Sung, S.-W Jung, K. S. Yoon, C.S. Park and J.-C. Ryou, "A DRM Framework for Distributing Digital Contents through the Internet," ETRI Journal, vol. 25, no. 6, Dec 2003, pp. 423-436
[23] B. Pfitzmann, B. Waidner, "Token-based web Single Signon with Enabled Clients", IBM Research Report RZ 3458 (#93844), Nov.2002.
[24] J. Jeong, D. Shin, D. Shin, K. Moon., "Java-Based Single Sign-On Library Supporting SAML (Security Markup Language) for Distributed Web Services", Lecture Notes in Computer Science, Vol. 3007, 2004.
Vol:13 No:06 2019Vol:13 No:05 2019Vol:13 No:04 2019Vol:13 No:03 2019Vol:13 No:02 2019Vol:13 No:01 2019
Vol:12 No:12 2018Vol:12 No:11 2018Vol:12 No:10 2018Vol:12 No:09 2018Vol:12 No:08 2018Vol:12 No:07 2018Vol:12 No:06 2018Vol:12 No:05 2018Vol:12 No:04 2018Vol:12 No:03 2018Vol:12 No:02 2018Vol:12 No:01 2018
Vol:11 No:12 2017Vol:11 No:11 2017Vol:11 No:10 2017Vol:11 No:09 2017Vol:11 No:08 2017Vol:11 No:07 2017Vol:11 No:06 2017Vol:11 No:05 2017Vol:11 No:04 2017Vol:11 No:03 2017Vol:11 No:02 2017Vol:11 No:01 2017
Vol:10 No:12 2016Vol:10 No:11 2016Vol:10 No:10 2016Vol:10 No:09 2016Vol:10 No:08 2016Vol:10 No:07 2016Vol:10 No:06 2016Vol:10 No:05 2016Vol:10 No:04 2016Vol:10 No:03 2016Vol:10 No:02 2016Vol:10 No:01 2016
Vol:9 No:12 2015Vol:9 No:11 2015Vol:9 No:10 2015Vol:9 No:09 2015Vol:9 No:08 2015Vol:9 No:07 2015Vol:9 No:06 2015Vol:9 No:05 2015Vol:9 No:04 2015Vol:9 No:03 2015Vol:9 No:02 2015Vol:9 No:01 2015
Vol:8 No:12 2014Vol:8 No:11 2014Vol:8 No:10 2014Vol:8 No:09 2014Vol:8 No:08 2014Vol:8 No:07 2014Vol:8 No:06 2014Vol:8 No:05 2014Vol:8 No:04 2014Vol:8 No:03 2014Vol:8 No:02 2014Vol:8 No:01 2014
Vol:7 No:12 2013Vol:7 No:11 2013Vol:7 No:10 2013Vol:7 No:09 2013Vol:7 No:08 2013Vol:7 No:07 2013Vol:7 No:06 2013Vol:7 No:05 2013Vol:7 No:04 2013Vol:7 No:03 2013Vol:7 No:02 2013Vol:7 No:01 2013
Vol:6 No:12 2012Vol:6 No:11 2012Vol:6 No:10 2012Vol:6 No:09 2012Vol:6 No:08 2012Vol:6 No:07 2012Vol:6 No:06 2012Vol:6 No:05 2012Vol:6 No:04 2012Vol:6 No:03 2012Vol:6 No:02 2012Vol:6 No:01 2012
Vol:5 No:12 2011Vol:5 No:11 2011Vol:5 No:10 2011Vol:5 No:09 2011Vol:5 No:08 2011Vol:5 No:07 2011Vol:5 No:06 2011Vol:5 No:05 2011Vol:5 No:04 2011Vol:5 No:03 2011Vol:5 No:02 2011Vol:5 No:01 2011
Vol:4 No:12 2010Vol:4 No:11 2010Vol:4 No:10 2010Vol:4 No:09 2010Vol:4 No:08 2010Vol:4 No:07 2010Vol:4 No:06 2010Vol:4 No:05 2010Vol:4 No:04 2010Vol:4 No:03 2010Vol:4 No:02 2010Vol:4 No:01 2010
Vol:3 No:12 2009Vol:3 No:11 2009Vol:3 No:10 2009Vol:3 No:09 2009Vol:3 No:08 2009Vol:3 No:07 2009Vol:3 No:06 2009Vol:3 No:05 2009Vol:3 No:04 2009Vol:3 No:03 2009Vol:3 No:02 2009Vol:3 No:01 2009
Vol:2 No:12 2008Vol:2 No:11 2008Vol:2 No:10 2008Vol:2 No:09 2008Vol:2 No:08 2008Vol:2 No:07 2008Vol:2 No:06 2008Vol:2 No:05 2008Vol:2 No:04 2008Vol:2 No:03 2008Vol:2 No:02 2008Vol:2 No:01 2008
Vol:1 No:12 2007Vol:1 No:11 2007Vol:1 No:10 2007Vol:1 No:09 2007Vol:1 No:08 2007Vol:1 No:07 2007Vol:1 No:06 2007Vol:1 No:05 2007Vol:1 No:04 2007Vol:1 No:03 2007Vol:1 No:02 2007Vol:1 No:01 2007