• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.31-40
• /
• 2014

In Korea, the Public Key Infrastructure (PKI) has been introduced. For secure information transmission and identification, the electronic signature authorization system of a certificate-based is built, and then the service provide.The certificate is stored in location what users can easily access and copy. Thus, there is a risk that can be stolen by malware or web account hacking. In addition, private key passwords can be exposed by the logging tool, after keyboard security features are disabled. Each of these security weaknesses is a potential conduit for identity theft, property/asset theft, and theft of the actual certificates. The present study proposes a method to prevent the private key file access illegally. When a certificate is stored, the private key is encrypted by the dependent element of the device, and it is stored securely. If private key leakage occurs, the retrieved key could not be used on other devices.

• Proceedings of the Korea Contents Association Conference
• /
• 2007.11a
• /
• pp.591-594
• /
• 2007

We construct the test process site about X-Internet and X-Forms base software. This software is developed with X-Forms base web UI tool. Basically, this software is operated on the Client. Even in operating process, this kind of software could be updated because of user's request, improvement in efficiency, reformation and addition in functions and so on. In order to test a updated software, V-Model will be extended and transformed test process will be proposed. This proposed test process is starting with test plan which defines test object and activities for attainment of process's goal. The following steps are recognizing testcase and data, analysis and design for constructing process environment, setting forth testcase in detail, realization of test methodology, and the arrangement of results. This paper will be helpful to build more efficient process site by managing and recording the test process.

• Journal of Sasang Constitutional Medicine
• /
• v.24 no.1
• /
• pp.13-20
• /
• 2012

1. Objectives : It is very important to classify people into Sasang constitution correctly in SCM. There have been many researches for this and several tools have been developed for diagnosis of Sasang constitution. In our study, we introduce a new web application for Integrated Sasang Constitutional Diagnosis (ISCD) ${\beta}$-version and algorithm on the base of face, body shape, voice and questionnaire. 2. Development : The web application of ISCD ${\beta}$-version was designed to be used easily for subject, staffs, and oriental medical doctors. For this purpose, we developed a web-application of Integrated Sasang Constitutional Diagnosis ${\beta}$-version using mysql database, tomcat web system, JSP, JAVA, and C++ languages. 3. Current State : The ISCD ${\beta}$-version could be accessed at http://210.218.196.115/SDT/login.jsp. The ISCD ${\beta}$-version consisted of 3 parts, for staffs, subject and oriental medical doctors. The system has been managed since February 2011. Currently 7 oriental hospitals have used the system and 1,439 subjects have been diagnosed by the system. 4. Conclusion and future work : Although many researchers have tried to develop a system or an algorithm for diagnosis of subject's constitution, we could have not used the system based on objective information of human body type, characters, symptoms. In this study, we describe a web application of objective diagnosis algorithm as ISCD ${\beta}$-version. This system may help an oriental medical doctors to make a decision of Sasang constitutional diagnosis easily and correctly.

• Journal of the Korean earth science society
• /
• v.21 no.6
• /
• pp.655-662
• /
• 2000

According to the development of internet with Web, WBI has greatly influence on the present educational society. However, it is difficutly to design the web of the dynamic motions of graphics or animation using general programming technique based on high or low level language. Recently, Mecromedia Company supported a tool that is called Authoware which is the leading visual rich-media authoring solution for creating Web and online learning applications, to solve the problem easily. In the paper, using the the Authoware we tried to develop a web page about tidal variations due to sea level change and intertidal zone variations using the Authorware 5.1. To do this, we used the ocean survey data of Iho beach and the tidal level data based on Tidal Tables of Cheju harbor. The results showed that the Authorware was very useful to construct the simulation of tidal phenomena on web. Therefore, the Authorware can be applied to the simulation related with animation and dynamic motions for the other WBI objective.

• The Transactions of the Korean Institute of Power Electronics
• /
• v.8 no.3
• /
• pp.253-259
• /
• 2003

This paper aims at developing remote control system to control and monitor distributed various devices such as UPS through internet. TCP/IP(Transmission Control Protocol/Internet Protocol) and UPS operated in a row are adopted for the network management protocol and the application device, respectively. For controlling and monitoring distributed devices in realtime, java-environment software is constructed. Also, HelloDevice, general-use interface controller between network device and applied device is proposed. Finally, serial communication such as RS-232C is used between controller and applied device.

• Journal of the Korea society of information convergence
• /
• v.1 no.1
• /
• pp.41-46
• /
• 2008

Contents application from contents development of web technical base and with the operation different environment information of the educational resources integration the importance and necessity of the management central chain e-Learning system will be able to operate are raising its head with base. Is the actual condition which develops the development process where but, the education application currently is not standardized in base. Approaches with an educational domain from the present paper consequently, and defines MDA(Model Driven Architecture) coats e-Learning System. Also uses a studying contents standard metadata and about the contents storage space analyzes and plans the core property which uses MDA automatic tools leads and under developing boil e-Learning System will be able to provide the contents which does in actual professor own necessity.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.6
• /
• pp.31-40
• /
• 2012

Ubiquitous technology influences on various firms of contents needed for self-healthcare, as it fuses into medical services. Particularly, rapid changes in the web and mobile environment, requiring various sorts of healthcare and its related contents, make efficiency of search more important. Personalized contents needs to be more refined as well as the existing simple keyword-centered searching method needs to be more effective in order to meet both requirements and characteristics of each patient or each user. A precise semantic searching method is required for a system to understand promptly the meaning of a contents. In this respect, to build a healthcare ontology has its own significance. This study builds up a system model that can be utilized practically in existing systems by setting up the Food Class and its sub-class among the healthcare contents with Protege tool and then materializing constraints and its relationships between each class. The healthcare contents ontology provides patients or users with a platform which can search the needed information promptly and precisely.

• Review of KIISC
• /
• v.18 no.5
• /
• pp.1-20
• /
• 2008

편리한 금융거래 수단으로써 인터넷뱅킹을 포함한 전자금융 서비스가 생활화 되었으며 그 중요성 또한 갈수록 증가하고 있다. 이에 대한 부작용으로서 사용자의 실수나 금융기관, 쇼핑몰, 포털 등의 해킹을 통한 전자금융 접근매체의 유출, 비정상적인 지불결제나 인터넷뱅킹 이체 사고 등 침해사고 또한 함께 증가하고 있다. 금융권은 금융감독원을 중심으로 전자금융 종합보안 대책 수립(2005년) 및 전자금융거래법 시행(2007년) 등을 통해 고객 PC의 해킹방지를 위한 다양한 보안프로그램 제공 의무화, 보안등급에 따른 이체한도 차등화, 금융권 통합 OTP 인증체계 구축 등 전자금융 침해사고 예방을 위한 적극적인 노력을 기울여오고 있으나, 최근 들어 피싱/파밍 등 신종 사이버사기 기법이나 해외의 전문 해커에 의해 개발된 고도의 지능화된 해킹툴이 사용되어 보안프로그램을 무력화시킨 후 고객정보를 유출해가거나 일반 포털사이트, 웹하드, 웹메일 등의 해킹을 통해 인터넷 사이트에 등록된 고객의 인터넷뱅킹 접근 매체를 유출하여 인터넷뱅킹 침해 사고를 일으키는 등의 신종 침해사고를 완벽히 차단하지는 못하고 있어, 더욱 강력한 전자금융 침해사고 예방 통제 방안의 수립과 함께 침해사고 발생 시 원인 파악 및 범인 검거를 위한 역추적 시스템의 구축 등 기존 보안체계를 대폭 강화할 필요성이 발생하고 있다. 본 연구에서는 시중 은행의 인터넷뱅킹 침해사고 발생 현황 조사를 중심으로 최근 발생한 전자금융 침해사고의 추이분석, 침해사고 주요 원인과 기존 대응 체계의 현황, 한계점 등을 파악하였다. 그리고 전자금융 침해사고의 효과적인 예방 및 대응 강화 방안으로서 사용자 관점에서 공인인증서를 중심으로 한 전자금융 접근매체의 관리 강화 방안을 제안하였으며, 전자금융 서비스를 제공하는 금융 기관 관점에서 효과적인 전자금융거래 로깅 및 역추적 시스템의 구축 및 전체 금융기관과 감독기관 간의 유기적인 공조를 기반으로 한 침해사고 공동 대응체계의 구축 및 운영을 위한 시스템의 구성 방법, 운영 프로세스, 관련 법률의 검토 및 대응 방법 등을 제안하였다.

• Journal of KIISE:Information Networking
• /
• v.36 no.5
• /
• pp.369-375
• /
• 2009

Residential broadband networks (RBN) are quickly evolving from xDSL/Cable networks to FTTH services with lOOMbps bandwidth. With the high-speed Internet services, subscribers tend to use web, multimedia, game or file sharing applications. Therefore, performance of RBN is important to the quality of services for users. Typically, Internet service providers (ISPs) are providing their RBN performance results that are measured by subscribers with the dedicated measurement tools. However, they do not make their results public to people. In order to obtain the performance results measured by users, we have to induce a lot of subscribers, which will take a lot of cost and time. Monarch, that is used in this paper, could provide the 3rd party measurement method without the help of ISPs and subscribers. With the extensive experiments through Monarch, we have shown that 3rd party measurement results are not much different from those of user-initiated measurement. In addition, we have observed that bandwidth is around $80{\sim}90Mbps$ and RTT is less than 30ms in FTTH services provided by three major Korean ISPs.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.3
• /
• pp.91-98
• /
• 2021

In most hacking attacks, hackers tend to access target systems in a variety of circumvent connection methods to hide their original IP. Therefore, finding the attacker's IP(Internet Protocol) from the defender's point of view is one of important issue to recognize hackers. If an attacker uses a proxy, original IP can be obtained through a program other than web browser in attacker's computer. Unfortunately, this method has no effect on the connection through VPN(Virtual Private Network), because VPN affects all applications. In an academic domain, various IP traceback methods using network equipments such as routers have been studied, but it is very difficult to be realized due to various problems including standardization and privacy. To overcome this limitation, this paper proposes a practical way to use client's network configuration temporarily until it can detect original IP. The proposed method does not only restrict usage of network, but also does not violate any privacy. We implemented and verified the proposed method in real internet with various VPN tools.