• Journal of the Korea Society of Computer and Information
• /
• v.17 no.2
• /
• pp.127-137
• /
• 2012

Recently, as modern Internet uses mashups, Web 3.0, JavaScript/AJAX widely, the rate at which new vulnerabilities are being discovered is increasing rapidly. It can subsequently introduce big security threats. In order to efficiently mitigate these web application vulnerabilities and security threats, it is needed to rank vulnerabilities based on severity and consider the severe vulnerabilities during a specific phase of software development lifecycle (SDLC) for web applications. In this paper, we have first verified whether the risk rating methodology of OWASP Top 10 vulnerabilities is a reasonable one or not by analyzing the vulnerability data of web applications in the US National Vulnerability Database (NVD). Then, by inspecting the vulnerability information of web applications based on OWASP Top-10 2010 list and CWE (Common Weakness Enumeration) directory, we have mapped the web-related entries of CWE onto the entries of OWASP Top-10 2010 and prioritized them. We have also presented which phase of SDLC is associated with each vulnerability entry. Using this approach, we can prevent or mitigate web application vulnerabilities and security threats efficiently.

• The Journal of the Korea Contents Association
• /
• v.19 no.6
• /
• pp.481-490
• /
• 2019

The purpose of this paper is to recognize and embody the implications of the concept of interactivity. Among the many types of interactivity already proposed, this paper sheds light especially on the so-called contingent interactivity. The contingency means a condition in which a particular performance or selection of a subject is considered neither necessary nor conclusive, and also the potential for various activities of this subject. The contingent interaction comes into being when the involvements of users in dealing with a message or content are experimental or creative. The interaction does not orient toward the completion of content or the immersion to a particular reality. Rather, the results of a user's contingent performance are not the finalized content and have characteristics that lead to the continuous modification. In order to embody this meaning of contingent interactivity, the paper examined the two example, the film re-cut and game modding. In both cases, it is comprehensive that the user of these two new media activities lies in the contingent situation.

• Journal of Korea Society of Industrial Information Systems
• /
• v.14 no.5
• /
• pp.11-18
• /
• 2009

Ajax based on Java Script receives attention as an alternative to ActiveX technology. Most portal sites in korea show a tendency to reopen existing services by combining the technology, because it supports most web browsers, and has the advantages of such a brilliant interface, excellent speed, and traffic reduction through asynchronous interaction. This paper modeled and implemented a multilingual meta-search service using the Ajax and open APIs provided by international famous sites. First, a Korean query is translated into one of the language of 54 countries around the world by Google translation API, and then the translated result is used to search the information of the social web sites such as Flickr, Youtube, Daum, and Naver. Searched results are displayed fast by dynamic loading of portion of the screen using Ajax. Our system can reduce server traffic and per-packet communications charges by preventing redundant transmission of unnecessary information.

• Journal of Korean Society of Disaster and Security
• /
• v.6 no.3
• /
• pp.9-17
• /
• 2013

Geospatial information data came recently in use to build the location-based service in various fields. These data were shown via a 2-D map in the past but now can be viewed as a 3-D map due to the dramatic evolution of IT technology, thus improving efficiency and raising practicality to a greater extent by providing a more realistic visualization of the field. In addition, many previous GIS applications have been provided under desktop environment, limiting access from remote sites and reducing its approachability for less experienced users. The latest trend offers service with web-based environment, providing efficient sharing of data to all users, both unknown and specific internal users. Therefore, real-time information sensors that have been installed on steep slopes are to be integrated with 3-D geospatial information in this study. It is also to be developed with web-based environment to improve usage and access. There are three steps taken to establish this system: firstly, a 3-D GIS database and 3-D terrain with higher resolution aerial photos and DEM (Digital Elevation Model) have been built; secondly, a system architecture was proposed to integrate real-time sensor information data with 3D Web-based GIS; thirdly, the system has been constructed for Gangwon Province as a test bed to verify the applicability.

• Spatial Information Research
• /
• v.21 no.1
• /
• pp.23-36
• /
• 2013

Recently, the VWORLD was built to ensure competition on the advance of domestic enterprise into foreign markets with rapid expansion of spatial information industry of the world. However, the policy to secure user is insufficient because the VWORLD's service is embryonic stages. Then again, tourist industry is growing rapidly and leading the world economy and number of domestic tourists are also steadily increasing. Although the size was expanded, Korean tourist industry's competition is relatively weak, so some scholars insist that raising the tourist industry's quality. This backgrounds make a study of the tourism information service. So, this paper progressed a study on the development of the tourism information service based on a service science and used VWORLD as a test model. This paper drew the customer's demands on the tourism information service and strategic points of the development from those by using a Quality Function of Deployment of service science's new service development methodologies. After that this study prioritized those strategic points. As a result, 'Face Map' that is a service model was made. Moreover, this study have try to raise the development's effectiveness and efficiency based on service science's a new service development process.

• Spatial Information Research
• /
• v.20 no.1
• /
• pp.91-103
• /
• 2012

Recently, there has been much interest in the middleware that can smoothly acquire and analyze Geosensor information which includes sensor readings, location, and its surrounding spatial information. In relation to development of the middleware, researchers have proposed various algorithms for energy-efficient information filtering in Geosensor networks and have proposed Geosensor web technologies which can efficiently mash up sensor readings with spatial information on the web, also. The filtering algorithms and Geosensor Web technologies have contributions on energy-efficiency and OpenAPI, however the algorithms and technologies could not support easy and rapid development of u-GIS applications that need various Geosensor networks. Therefore, we propose a new Geosensor network middleware that can dramatically reduce the time and cost required for development of u-GIS applications that integrate heterogeneous Geosensor networks. The proposed middleware has several merits of being capable of acquiring heterogeneous Geosensor information using the standard SWE and an extended SQL, optimally performing various attribute and spatial operators, and easily integrating various Geosensor networks. Finally, we clarify our middleware's distinguished features by developing a prototype that can monitor environmental information in realtime using spatial information and various sensor readings of temperature, humidity, illumination, imagery, and location.

• Journal of Digital Contents Society
• /
• v.9 no.4
• /
• pp.759-769
• /
• 2008

Convergence technology stimulating participation sharing openness to the public of web 2.0 such as Open-API, Mash-Up, Syndication gives diversity to education field. The convergence in education field means the revolution toward education 2.0 and new education reflecting web 2.0 stream is called 'education 2.0'. Education environment can be the space of social network intimately linked between learners, educators and educational organization. Network technology developed in ontology language makes it possible to educate semantically which understands privatized education service and connection. Especially, filtering system by the reputation system of Amazon and the collective intelligence of Wikipedia are the best samples. Education area can adopt actively because learners as educational main body can broaden their role of participation and communicate bilaterally in the equal position. In this paper, new network architecture in contents linkage is introduced and researched for utilization and analysis of the architecture for web 2.0 technology and educational contents are to be converged. Education 2.0 service utilizing convergence technology and network architecture for realizing education 2.0 is introduced and analyzed so that the research could be a preceding research to the education 2.0 platform foundation.

• Journal of Korea Water Resources Association
• /
• v.47 no.12
• /
• pp.1145-1154
• /
• 2014

In recent years, as frequency and intensity of severe weather disasters such as flash flood have been increasing, providing accurate and prompt information to the public is very important and needs of user-friendly monitoring/warning system are growing. This paper introduces a method that re-produces radar observations as multimedia contents and applies reproduced data to mesh-up services. In addition, a accurate GIS matching technique to help to track the exact location going on serious atmospheric phenomena is presented. The proposed method create multimedia contents having structures such as two dimensional images, vector graphics or three dimensional volume data by re-producing various radar variables obtained from a weather radar. After then, the multimedia formatted weather radar data are matched with various detailed raster or vector GIS map platform. Results of simulation test with various scenarios indicate that the display system based on the proposed method can support for users to figure out easily and intuitively routes and degrees of risk of severe weather. We expect that this technique can also help for emergency manager to interpret radar observations properly and to forecast meteorological disasters more effectively.

• The Korean Journal of Archival Studies
• /
• no.25
• /
• pp.197-231
• /
• 2010

The concept of Government 2.0 is spreading rapidly in many countries and is fundamentally changing existing freedom of information system which has passively responded to information demands. This study aims at discussing possible strategies for a new freedom of information system that is based on the Government 2.0 notion which presents revolutional approaches to public sector information's creation, management, and usage. For the purpose of the study, precedence studies and researches about both freedom of information system and Government 2.0 are analyzed. Furthermore, mutual relationships between them are discussed. Through this discussion, social and economic benefits from freedom of information systems which are based on Government 2.0 are explored. As a case study, Data.gov services in the US, the UK, and Australia which are recognised as a feasible plan to set up Government 2.0 are analyzed. Their three common characteristics- revaluating public sector information's reuse, establishing exclusive agencies, and providing raw data-are discussed. Then, various mashup services which use Data.gov services' raw data are also studied. Issues related to the freedom of information system in South Korea are examined. As a result, a policy framework for establishing Government 2.0 based freedom of Information system is discussed in terms of three aspects, law, technology and organization.