• KIPS Transactions on Software and Data Engineering
• /
• v.7 no.6
• /
• pp.221-228
• /
• 2018

With an increase in demand for the high added value of shipbuilding and marine industry based on the information and communications technology (ICT), software technology has become more important than ever in the industry. In this paper, we present the result of our preliminary investigation on the current software development environment in the shipbuilding and marine industry in order to develop reusable software component, which can enhance the competitiveness of software development. The investigation is performed based on the survey answers from 34 developers who are working in different shipbuilding and marine companies. The questionnaire is composed of items to gather the information of each company such as the number of employees and product domain, and actual software development environment such as operating system, programming languages, deployment format, obstacles for developing components, and the adoption of software development methods and tools. According to the results of the survey, the most important consideration to select their development platform was the number of available utilities and the technical supports, followed by performance, price and security problems. In addition, the requirements of various platforms supporting and the higher reliability, and the limitations of low development cost and manpower made it difficult for them to develop reusable software components. Finally, throughout the survey, we find out that only 15% of developers used software development processes and managed the quality to systematically develop their software products, therefore, shipbuilding and marine companies need more technical and institutional support to improve their ability to develop high qualified software.

• The Journal of Society for e-Business Studies
• /
• v.19 no.4
• /
• pp.135-150
• /
• 2014

As the collection and use of personal information increases, the accidents that abuse and leak personal information are continuously increasing. The nation has established new laws and strengthened related laws for the prevention of the mass leakage of personal information and the secondary damage due to the leaked personal information. The nation also established the guidelines that need to be implemented by the institutions handling personal information for the safety of the personal information. For the efficient implementation of guidelines under the limited time and resources, it is necessary to establish the priorities between guidelines. This paper compares the relative importance of the guidelines by AHP (Analytic Hierarchy Process) technique. We performed the analysis on two expert groups, the group of consultants working in information security consulting company and the group of information security staffs handling personal information directly in the company. We compared the differences between groups and recommended the relative importances of the guidelines.

• The KIPS Transactions:PartC
• /
• v.14C no.5
• /
• pp.417-424
• /
• 2007

Mesh networks using WLAN technology have been paid attention as a key wireless access technology. However, many technical issues still exist for its successful deployment. One of those issues is the routing problem that addresses the path setup through a WLAN mesh network for the data exchanges between a station and a wired network. Since the characteristics of a WLAN mesh network can be very dynamic, the use of single routing protocol would not fit for all environments whether it is reactive or proactive. Therefore, it is required to develop an adaptive routing protocol that modifies itself according to the changes in the network parameters. As a logical first step for the development, an analytical model considering all the dynamic features of a WLAN mesh network is required to evaluate the performance of a reactive and a proactive routing scheme. In this paper, we propose an analytical model that makes us scrutinize the impact of the network and station parameters on the performance of each routing protocol. Our model includes the size of a mesh network, the density of stations, mobility of stations. and the duration of network topology change. We applied our model to the AODV that is a representative reactive routing protocol and DSDV that is a representative proactive routing protocol to analyze the tradeoff between AODV and DSDV in dynamic network environments. Our model is expected to help developing an adaptive routing protocol for a WLAN mesh network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.295-310
• /
• 2014

DCS (Distributed Control System), the main control system of power plants, is an automated system for enhancing operational efficiency by monitoring, tuning and real-time operation. DCS is becoming more intelligent and open systems as Information technology are evolving. In addition, there are a large amount of investment to enable proactive facility management, maintenance and risk management through the predictive diagnostics. However, new upcoming weaponized malware, such as Stuxnet designed for disrupting industrial control system(ICS), become new threat to the main control system of the power plant. Even though these systems are not connected with any other outside network. The main control systems used in the power plant usually have been used for more than 10 years. Also, this system requires the extremely high availability (rapid recovery and low failure frequency). Therefore, installing updates including security patches is not easy. Even more, in some cases, installing security updates can break the warranty by the vendor's policy. If DCS is exposed a potential vulnerability, serious concerns are to be expected. In this paper, we conduct the penetration test by using NESSUS, a general-purpose vulnerability scanner under the simulated environment configured with the Ovation version 1.5. From this result, we suggest a log analysis method to detect the security infringement and react the incident effectively.

• Journal of KIISE:Software and Applications
• /
• v.31 no.2
• /
• pp.137-152
• /
• 2004

Assesment of 30 nutritional minerals and 8 toxic elements in hair are very important not only for determining adequacy, deficiencies and unbalance, but also for assessing their relative relationships in the body. A test has been developed that serves this purpose exceedingly well. This test is known as tissue mineral analysis(TMA). TMA is very popular method in hair mineral analysis for health care professionals in over 46 countries' medical center. However, there are some problems. First, they do not have database which is suitable for korean to do analyze. Second, as the TMA results from TEI-USA is composed of english documents and graphic files prohibited to open, its usability is very low. Third, some of them has low level database which is related to TMA, so hairs are sent to TEI-USA for analyzing and medical services. it bring about an severe outflow of dollars. Finally, TMA results are based on the database of american health and mineral standards, it is possibly mislead korean mineral standards. The purposes of this research is to develope the first Intelligent Medical Expert System(IMES) of TMA, in Korea, which makes clear the problems mentioned earlier IMES can analyze the tissue mineral data with multiple stage decision tree classifier. It is also constructed with multiple fuzzy rule base and hence analyze the complex data from Korean database by fuzzy inference methods. Pilot test of this systems are increased of business efficiency and business satisfaction 86% and 92% respectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.377-391
• /
• 2019

Recently, system studies using tokens and block chains for authentication, access control, etc in IoT environment have been going on at home and abroad. However, existing token-based systems are not suitable for IoT environments in terms of security, reliability, and scalability because they have centralized characteristics. In addition, the system using the block chain has to overload the IoT device because it has to repeatedly perform the calculation of the hash et to hold the block chain and store all the blocks. In this paper, we intend to manage the access rights through tokens for proper access control in the IoT. In addition, we apply the Tangle to configure the P2P distributed ledger network environment to solve the problem of the centralized structure and to manage the token. The authentication process and the access right grant process are performed to issue a token and share a transaction for issuing the token so that all the nodes can verify the validity of the token. And we intent to reduce the access control process by reducing the repeated authentication process and the access authorization process by reusing the already issued token.

• KEPCO Journal on Electric Power and Energy
• /
• v.4 no.2
• /
• pp.75-80
• /
• 2018

The smart city is developing an energy system efficiently through a common management of the city resource for the growth and a low carbon social. However, the smart city doesn't counter a verification effectively about a anomaly pattern detection when existing security technology (authentication, integrity, confidentiality) is used by fixed security key and key deodorization according to generated big data. This paper is proposed the "security nonce generation based on security nonce generation" for anomaly pattern detection of the adversary and a safety of the key is high through the key generation of the KDC (Key Distribution Center; KDC) for improvement. The proposed scheme distributes the generated security nonce and authentication keys to each facilities system by the KDC. This proposed scheme can be enhanced to the security by doing the external pattern detection and changed new security key through distributed security nonce with keys. Therefore, this paper can do improving the security and a responsibility of the smart city platform management data through the anomaly pattern detection and the safety of the keys.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.6
• /
• pp.514-523
• /
• 2021

Recently, the proliferation of mobile simple payment services has been increasingly affecting people's lives. In addition, the increase in research from both China and Korea shows that the continuous development of simple mobile payment services will be very important in the future. The blog posts mentioning Kakao Pay and Alipay were collected, and keyword analysis was performed to investigate differences in consumers' responses to Kakao Pay and Alipay on social media. The frequency of keywords for each part of speech and the frequency of co-occurred words mentioned in one sentence were analyzed. Specifically, common words that appear in both Kakao Pay and Alipay blogs were extracted. The cooccurred words were analyzed to examine how different reactions were made on the same subject. As a result of the analysis, there were concerns among consumers about the trust of Kakao Pay and Alipay's benefits. For a mobile payment service to become competitive, it is necessary to add various additional services or solve security problems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1123-1132
• /
• 2012

Many domestic organizations are introducing and operating various information security management systems capable of coping with technical, administrative, and legal issues comprehensively and systematically, in order to prevent various infringement incidents such as personal information disclosure and hacking preemptively and actively. However, empirical analyses regarding the extent to which an information security management system contributes to information security performance have not been fully conducted, even though enterprises and organizations are actively introducing such systems in order to achieve their information security objectives as a part of their organizational management activities in line with their respective business, by investing considerable effort and resources in developing and operating these systems. This approach can be used to apply, develop, and operate the information management system actively within an organization. this study focused on analyzing how each specific phase of the information security management system affects information security performance, compared with previous studies, which generally focus on the information security control item in analyzing information security performance. The information security management system was analyzed empirically to determine how the Security PCDA cycling model affects information security performance.

• Journal of Cadastre & Land InformatiX
• /
• v.51 no.1
• /
• pp.53-65
• /
• 2021

C-ITS(Cooperative Intelligent Transport System) that pursues traffic safety and convenience uses various sensors to generate traffic information. Therefore, it is necessary to improve the sensor-related technology to increase the efficiency and reliability of the traffic information. Recently, the role of CCTV in collecting video information has become more important due to advances in AI(Artificial Intelligence) technology. In this study, we propose to identify and track dynamic objects(vehicles, people, etc.) in CCTV images, and to analyze and provide information about them in various environments. To this end, we conducted identification and tracking of dynamic objects using the Yolov4 and Deepsort algorithms, establishment of real-time multi-user support servers based on Kafka, defining transformation matrices between images and spatial coordinate systems, and map-based dynamic object visualization. In addition, a positional consistency evaluation was performed to confirm its usefulness. Through the proposed scheme, we confirmed that CCTVs can serve as important sensors to provide relevant information by analyzing road conditions in real time in terms of road infrastructure beyond a simple monitoring role.