• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.303-308
• /
• 2019

Spring framework is widely used as a base technology for e-government frameworks and to the extent it is a standard for web service development tools of Korean public institutions. However, recently, a remote code execution vulnerability(CVE-2018-1270) was found in an application using a spring framework. This paper proposes a method of analyzing the vulnerability experiment using a hacking scenario, Proof Of Concept(POC), in which the spring framework is a hazard to the server. We propose the patch to version 4.3.16 and version 5.0.5 or later as an ultimate response. It is also expected that the proposed experiment analysis on vulnerability of hacking scenario will be used as a data for improving performance of security programs and establishing a new authentication system.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.3-10
• /
• 2017

Standard Protocol Optimized for Resource-Constrained IoT Environment Constrained Application Protocol (CoAP) supports web-based communication between a sensor node in the IoT environment and a client on the Internet. The CoAP is a Request / Response model that responds to the client's CoAP Request message by responding with a CoAP Response message from the server. CoAP recommends the use of CoAP-DTLS for message protection. However, validation of the use of DTLS in the IoT environment is underway. We analyze CoAP and DTLS security mode, evaluate performance of secure channel creation time, security channel creation step time, and RAM / ROM consumption through Cooja simulator and evaluate the possibility of real environment application.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2006.05a
• /
• pp.1116-1120
• /
• 2006

하천주변 저지대에 주택이나 공장 등의 시설물 집중과 산지의 개발 및 인구 집중으로 인한 도시화 지역의 증가로 홍수 피해는 더욱 커지고 있다. 특히, 상습침수지구의 주민들은 항상 재해로부터 위험을 느끼고 있으므로 새로운 재해관리체계를 구축하여 이에 대한 확고한 대책이 필요하다. 최근 인터넷 사용의 증가로 많은 사용자들이 웹을 통해 다양한 데이터를 공유하고 있으며, 이러한 추세는 더욱 더 증가할 것이다. 인터넷은 다양한 정보를 네트워크를 통해 사용자에게 실시간으로 제공하고 있으며, 통신기술의 발전, 네트워크 통합화 속에서 그 내용과 방식이 더욱 다양해지고 있다. GIS분야에 있어서도 인터넷 네트워크를 이용하여 분산되어 있는 많은 조직이나 사용자들에게 그 기능과 서비스를 제공하는 추세로 바뀌고 있다. Internet GIS는 원격 지리정보 데이타에 대한 접근, 전송, 분석 및 GIS를 표현하는 수단으로 인터넷을 이용하는 특별한 GIS 도구이다. Internet GIS는 전통적인 GIS 소프트웨어가 가지고 있는 대부분의 기능은 물론 인터넷 및 그와 관련된 WWW 및 FTP 프로토콜의 장점을 가지는 부가적인 기능들을 포함할 수 있다. 이들 부가적인 기능은 원격 데이타 및 응용 프로그램의 교환, 지역 컴퓨터에 GIS 응용 프로그램 없이 GIS 분석 기능을 수행, 인터넷상에서 상호작용하는 지도 및 데이타를 표현하는 기능들을 포함한다. Internet GIS는 객체지향적이고 상호운영적이며, 분산적이라는 주요한 특징을 갖는다. 인터넷에서 각각의 GIS 데이타 및 기능성은 하나의 객체로서 서로 다른 서버에 위치하며 필요시 조합 또는 통합되어 운영된다. Internet GIS를 이용한 상습침수지구 지역정보 제공사이트를 구축하기 위해서는 인터넷으로 서비스 할 수 있는 인터넷용 상습침수지구 GIS기본도를 구축이 필요하다. 인터넷 서비스를 위한 상습침수지구 기본도는 또 다른 형태의 주제도라고 볼 수 있으며, 이를 구축하기 위해서는 자료변환 및 가공이 필요하다. 즉, 각 상습침수지구에 필요한 지형도는 국립지리원에서 제작된 1:5,000 수치지형도가 있으나 이는 자료가 방대하고 상습침수지구에 필요하지 않은 자료들을 많이 포함하고 있으므로 상습침수지구의 데이터를 인터넷을 통해 서비스하기 위해서는 많은 불필요한 레이어의 삭제, 서비스 속도를 고려한 데이터의 일반화작업, 지도의 축소.확대 등 자료제공 방식에 따른 작업 그리고 가시성을 고려한 심볼 및 색채 디자인 등의 작업이 수반되어야 하며, 이들을 고려한 인터넷용 GIS기본도를 신규 제작한다. 상습침수지구와 관련된 각종 GIS데이타와 각 기관이 보유하고 있는 공공정보 가운데 공간정보와 연계되어야 하는 자료를 인터넷 GIS를 이용하여 효율적으로 관리하기 위해서는 단계별 구축전략이 필요하다. 따라서 본 논문에서는 인터넷 GIS를 이용하여 상습침수구역관련 정보를 검색, 처리 및 분석할 수 있는 상습침수 구역 종합정보화 시스템을 구축토록 하였다.

• Journal of Internet Computing and Services
• /
• v.18 no.4
• /
• pp.69-78
• /
• 2017

We expect that the accredited certificate-based open banking, which is actively deployed in recent times, will solve the Galapagosization problem of the existing accredited certificate-based closed banking by supporting standard communication protocol and web compatibility. However, it is questionable how much the open banking will answer the security and usability problems of the existing closed banking. This paper is focused on analyzing the differences between the existing closed banking and the open banking, and then evaluates how much the security and usability problems of the existing closed banking are resolved by the open banking. The study firstly analyzes the security vulnerabilities raised in the process of providing closed banking services for the past 15 years or more, the countermeasures applied to enhance security, and the convenience impact of countermeasures. And then, the security and convenience of the open banking is inferred by analyzing the implementation difference between the closed banking and the open banking. The paper also briefly discusses how to improve the open banking to resolve the remaining problems of the open banking.

• The KIPS Transactions:PartD
• /
• v.11D no.4
• /
• pp.937-950
• /
• 2004

With growing population of internet and web applications, distributed environment is considered to be the standard architecture of application. A network management systems(NMS) is necessary to control and monitor the complex network resources for providing and sharing the heft quality service. We recognize the NMS as a standard infrastructure for supporting efficient networking and a separate commercial applications. We believe every resource including software, hardware and environment for the network management should be separated from special protocols, vendors and applications. Therefore, We need a standard network management system that is efficient and consistent because of the heterogeous network features. In regards to software development, software reuse through assembling and extending the reusable elements such as patterns and components assures to realize the best productivity and quality The component based development(CBD) methodology that can assemble black box though well defined interfaces makes it possible to develop easer and quicker applications and is proved as the best software development solution involved in construction, selection and assembly of components. In this thesis, we describe the architecture for the network management and identify, define and design the components through analysis and design in the network management domain and Identified components mapped to the component architecture. We also specify the component development and design and implement the component for developing the network management. Implemented components apply to the component repository system that register, retrieve and understand the components. We analyze, design and implement the entire network management system based on configuration, connection, performance and fault management through the pre-developed components.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.379-386
• /
• 2004

The WAP 2.0 system is a newly proposed wireless communication system by the WAP Forum for interoperability across Internet environment and the system takes charge of communication between WAP terminals and existing origin Web servers. The purpose of this paper is 1) to construct a WAP 2.0 proxy proposed by the WAP Forum and 2) to improve the WAP Proxy in order to increase communication efficiency between wired and wireless communication objects. The Improved WAP proxy constructed in this study provides links between wired and wireless communication environments using the split-TCP concept. However, unlike the split-TCP connection, The improved WAP proxy maintains TCP's end-to-end semantics and reduces overhead by avoiding operations as much as possible on the upper protocol layer. In addition, The improved WAP proxy supports SACK(Selective Acknowledgement ) option and Timestamp option for speedy re-transmission which leads to reduction of performance degradation. After constructing the improved WAP proxy under Linux environment, experiments have been taken. The experimental results show that, compared with the experiments when a WAP proxy proposed by the WAP Forum is used, both data transmission delay time and data transmission size decrease to show that communication efficiency is increased. In particular, as packet missing ratio Increases, data transmission size decreases, which demonstrates that the improved WAP proxy is very effective for performance improvement in wireless communication environment.

• Journal of Broadcast Engineering
• /
• v.17 no.1
• /
• pp.152-164
• /
• 2012

DMB provides various kinds of data services such as BWS and TPEG service in addition to audio and video services. But recently the necessity of new business models creating profit has been on the rise due to the saturation of DMB receiver market and break-down of market barrier between mobile IPTV and DMB services. This paper introduces DMB filecasting service technology, which can be expected a new profit-creative business model. The purpose of DMB filecasting service is to transmit non-real time multimedia contents based on DMB AF format to the users through DMB channels. It makes possible to consume DMB contents with any DMB-installed device anytime, anywhere and share them with others. Also DMB filecasting service makes consumption and request of DMB contents possible to be extented to a variety of networks as well as DMB channels. The paper explains the standardization status of DMB filecasting service and various DMB filecasting service scenarios. And also it proposes a signalling methode, a transmission and reception protocol and a receiver structure using DMB broadcasting program guide information.

• Journal of Broadcast Engineering
• /
• v.17 no.1
• /
• pp.129-139
• /
• 2012

This paper introduces a recommender system that is to recommend broadcast content. Our recommender system uses user's viewing history for personalized recommendations. Broadcast contents has unique characteristics as compared with books, musics and movies. There are two types of broadcast content, a series program and an episode program. The series program is comprised of several programs that deal with the same topic or story. Meanwhile, the episode program covers a variety of topics. Each program of those has different topic in general. Therefore, our recommender system recommends TV programs to users according to the type of broadcast content. The recommendations in this system are based on user's viewing history that is used to calculate content similarity between contents. Content similarity is calculated by exploiting collaborative filtering algorithm. Our recommender system uses java sparse array structure and performs memory-based processing. And then the results of processing are stored as an index structure. Our recommender system provides recommendation items through OPEN APIs that utilize the HTTP Protocol. Finally, this paper introduces the implementation of our recommender system and our web demo.

• Journal of KIISE:Databases
• /
• v.33 no.2
• /
• pp.239-249
• /
• 2006

Interoperability has been deemphasized from the hospital information system in general, because it is operated independently of other hospital information systems. This study proposes a future-oriented hospital information system through the design and actualization of the HL7 clinical document architecture. A clinical document is generated using the hospital information system by analysis and designing the clinical document architecture, after we defined the item regulations and the templates for the release form and radiation interpretation form. The schema is analyzed based on the HL7 reference information model, and HL7 interface engine ver.2.4 was used as the transmission protocol. This study has the following significance. First, an expansion and redefining process conducted, founded on the HL7 clinical document architecture and reference information model, to apply international standards to Korean contexts. Second, we propose a next-generation web based hospital information system that is based on the clinical document architecture. In conclusion, the study of the clinical document architecture will include an electronic health record (EHR) and a clinical data repository (CDR), and also make possible medical information-sharing among various healthcare institutions.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.501-510
• /
• 2006

Software streaming allows the execution of stream-enabled software on desktop or portable computing devices like PC, PDA, laptop, cellular phone, etc., even while the transmission/streaming from the server may still be in progress. In this paper, we present an efficient streaming system called Software On-Demand(SOD) streaming system to transmit stream-enabled applications in addition to automatic installation of program registry, environment variables, configuration files, and related components. In particular, we design and implement a SOD system in Linux to provide the user with the instant look-and-click software execution environment such that software download and installation are internally proceeded in a completely user-transparent way. Therefore, the SOD system relieves the user from the tricky, failure-prone installation business. In addition, the software developer now obtains a new, powerful means to advertise and propagate their software products since the user can use software packages via user-friendly UI window or web browser by look-and-click interactive operation. In the paper, we also make a couple of SOD streaming experiments using a spectrum of popular softwares. Based on the analysis of the experiment results, we also propose two performance improvement schemes.