XML Security in Certificate Management - XML Certificator

The trend of rapid growing use of XML format in data/document management system reveals that security measures should be urgently considered into next generation's data/document systems. This paper presents a new certificate management system developed on the basis of XML security mechanisms. The system is supported by the theories of XML security as well as Object oriented technology and database. Finally it has been successfully implemented in using C&#, SQL, XML signature and XML encryption. An implementation metrics is evidently presented

A Software Development Methodology for Secure Web Application

In recent years, there has been a demand for Web applications with complex functions. In addition, most web applications efficiently manage data based on databases. While the key and critical dimension of developing these Web applications is analysis and design, most object-oriented analysis and design methods do not have a consistent view of the database. In addition, Java Enterprise Edition (EE) -based technologies are used in Web application implementations, but they do not provide any correlation with the database. On the other hand, as users' demands for security increase, security becomes more important. To this end, Java EE and database systems provide security solutions. However, it does not provide any correlation with object-oriented analysis and design methodology. As a result, it is difficult to develop secure web applications in a consistent way from analysis to implementation. In this paper, we propose a consistent software development methodology from analysis to implementation of secure web applications. The proposed software development methodology for web application development uses UMLsec, a security-emphasized modeling language, and object-relational (O-R) mapping for relational database design. It also uses Java servlets and SQL to implement analysis and design results based on role-based access control (RBAC). The software development methodology for the secure web application proposed in this paper has been applied to the development of the online banking system, from the design stage of the user's requirements analysis to the implementation of the web application

Security in heterogeneous interoperable database environments

The paper deals with the security of interoperable heterogeneous database environments. It contains a general discussion of the issues involved as well as a description of our experiences gained during the development and implementation of the security module of IRO-DB - an European ESPRIT III funded project with the goal to develop interoperable access between relational and object-oriented databases

A Secure Web-Based Universal Basic Educational Administrative Management System: A National Capacity Building Strategy in Education

Education in Nigeria is an instrument for effecting the development of its citizens in particular, and the nation in general. The Universal Basic Education Commission (UBEC) established by UBE Act, 2004 is introduced in Nigeria to ensure unfettered access to nine years of formal basic education as well as reduce the incidence of drop-out from the formal school system through improved relevance and efficiency. In this paper, we design, implement and analyze a secure web-based universal basic educational administrative management system to deal with the problem of administration overload in managing pupils, students, teachers, personnel and curriculum data in both primary and junior secondary schools in Nigeria. We adopt the following sequence to accomplish our goal, requirement analysis, architectural design, application design and implementation. The study explores object-oriented database, PHP (Hypertext Preprocessor), Apache server pages and MySQL DBMS tools. The System prototype is built on a three-tier client server architecture to provide UBEC, primary and junior secondary institutions with broader information availability, better performance, and eliminate internal security problem, paperwork and manpower. The framework will help to improve education capacity building, reliability, robustness and quality. Keywords: Web-based Database, Formal basic Education, Curriculum Data, Object-Oriented Design, Data-Driven System, Universal Basic Education Commission.