• Smart Media Journal
• /
• v.11 no.3
• /
• pp.54-61
• /
• 2022

With the increase in the types of information systems managed by public institutions and companies, a security certification system is being implemented in Korea to quickly respond to vulnerabilities that may arise due to insufficient security checks. The korea security evaluation system, such as ISMS-P, performs a systematic security evaluation for each category by dividing the categories for technical inspection items. NIST in the United States has developed SCAP that can create security checklists and automate vulnerability checks, and the security checklists used for SCAP can be written in OVAL. Each manufacturer prepares a security check list and shares it through the SCAP community, but it's difficult to use it in Korea because it is not categorized according to the korea security evaluation system. Therefore, in this paper, we present a mechanism to categorize the OVAL definition, which is an inspection item written in OVAL, to apply SCAP to the korea security evaluation system. It was shown that 189 out of 230 items of the Red Hat 8 STIG file could be applied to the korea security evaluation system, and the statistics of the categorized Redhat definition file could be analyzed to confirm the trend of system vulnerabilities by category.

• Communications of Mathematical Education
• /
• v.28 no.3
• /
• pp.353-366
• /
• 2014

Recently, the widespread usage of 3D-Printing has grown rapidly in popularity and development of a high level technology for 3D-Printing has become more necessary. Given these circumstances, effectively using mathematical knowledge is required. So, we have developed free web tools for 3D-Printing with Sage, for mathematical 3D modeling and have utilized them in college education, and everybody may access and utilize online anywhere at any time. In this paper, we introduce the development of our innovative 3D-Printing environment based on Calculus, Linear Algebra, which form the basis for mathematical modeling, and various 3D objects representing mathematical concept. By this process, our tools show the potential of solving real world problems using what students learn in university mathematics courses.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.8B
• /
• pp.1197-1203
• /
• 2010

A strength of BitTorrent, which is widely used for file sharing today, is due to its peer selection mechanism which is designed to encourage peers to contribute data. In the peer selection phase in BitTorrent, peers to upload the file in a swarm are selected by determining which peers upload the most to themselves. However, the number of peers to upload (i.e., number of unchoked peers) is fixed to four in its peer selection mechanism of BitTorrent, which yields inefficiency because the situation of the swarm may vary frequently (e.g., number of peers in the swarm, download rates, and upload rates). In this paper, we analyze the swarming system performance when the number of unchoked in BitTorrents is not static, but dynamic. For empirical investigation, we established a testbed in Seoul National University by modifying an open-source BitTorrent client, which is popular. Through our experiments, we show that an adaptive mechanism to adjust the number of unchoked peers considering the situation of the swarm is needed to improve the performance of BitTorrent.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.901-909
• /
• 2021

Since mobile devices have limited computational resources, it tends to use the cloud to compute or store data. As real-time becomes more important due to 5G, many studies have been conducted on edge clouds that computes at locations closer to users than central clouds. The farther the user's physical distance from the edge cloud connected to base station is, the slower the network transmits. So applications should be migrated and re-run to nearby edge cloud for smooth service use. We run applications in docker containers, which is independent of the host operating system and has a relatively light images size compared to the virtual machine. Existing migration studies have been experimented by using network simulators. It uses fixed values, so it is different from the results in the real-world environment. In addition, the method of migrating images through shared storage was used, which poses a risk of packet content exposure. In this paper, Containers are migrated with Secure CoPy(SCP) method, a data encryption transmission, by establishing an edge computing environment in a real-world environment. It compares migration time with Network File System, one of the shared storage methods, and analyzes network packets to verify safety.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.11
• /
• pp.221-232
• /
• 2009

To purpose of the study was to analyze faculty utility of Web-Based course support system in Universities. Data were collected from log file in server computer, 5,023 faculties and 12,733 courses offered at spring semester of 2009 in the Metropolitan area S, K, D universities were analyzed. Specifically, frequency and percentile of faculties and courses using course management system were analyzed. In addition, the frequencies and percentiles of courses using sub-functions of course management system were analyzed and X2 test used to examine the difference of frequencies of faculties and courses using course system at using announcement, providing instructional material, public bulletin board and free board. Results were as follows. The 62.28% of faculties and 50.3% of courses have used Web-Based course support system. The results of Subfunction utility analysis showed the highest use as 80.4%. in providing instructional material. However, the use of announcement functions and online discussion was more or less low. Results imply that most of faculties and course are using course management system as supplementary system of off-line instruction.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.1B
• /
• pp.73-85
• /
• 2004

SIn this paper, we introduce our experience for designing and implementing new concept of a global XML-based Peer-to-Peer (P2P) engine to support various P2P applications, and interconnection among PC, Web and mobile computing environments. The proposed P2P engine can support to heterogeneous data exchanges and web interconnection by facilitating with the text-base XML while message exchange are necessary. It is also to provide multi-level security functions as well as to apply different types of security algorithms. The system consist of four modules; a message dispatcher to scheduling and filtering the message, a SecureNet to providing security services and data transmission, a Discovery Manager to constructing peer-to-peer networking, and a Repository Manager to processing data management including XML documents. As a feasibility test, we implement various P2P services such as chatting as a communication service, white-board as an authoring tool set during collaborative working, and a file system as a file sharing service. We also compared the proposed system to a Gnutella in order to measure performance of the systems.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.11
• /
• pp.2333-2339
• /
• 2011

In the field of maritime transport, various researches on next generation of standards are underway to realize e-navigation. While IHO leading the way, many studies on several S-100 based standards for exchange, sharing and utilizing maritime geographical information and related data are going on. IHO S-100 as a profile of ISO 19100 series of standards. Based on their application and service they provide, there can be different S-10x standards. In order to support the safe operation, various information should be integrated. When integrating a various information, it is crucial to make sure the same data model should be treated consistently and interpreted clearly across different profiles, such as S-101, S-102, etc. in this case. In this paper, I suggested a way to covert maritime metadata of S-100 to ontology so that we can perform consistent semantic analysis and processing of data in S-100 standards, which is the basis of other S-10x standards.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.456-460
• /
• 2012

Privacy Protection Act of 30 March 2012 was performed. In general, personal information management to enhance security in the DB server has a security system but, PC for the protection of the privacy and security vulnerability analysis is needed to research on self-diagnosis. In this paper, from a PC to search information relating to privacy and enhance security by encrypting and for delete file delete recovery impossible. In pc found vulnerability analysis is Check user accounts, Checking shared folders ,Services firewall check, Screen savers, Automatic patch update Is checked. After the analysis and quantification of the vulnerability checks through the expression, enhanced security by creating a checklist for the show, PC security management, server management by semi-hwahayeo activates. In this paper the PC privacy and PC security enhancements a economic damage and of the and Will contribute to reduce complaints.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.591-603
• /
• 2018

Windows Event Log is a format that records system log in Windows operating system and methodically manages information about system operation. An event can be caused by system itself or by user's specific actions, and some event logs can be used for corporate security audits, malware detection and so on. In this paper, we choose actions related to corporate security audit and malware detection (External storage connection, Application install, Shared folder usage, Printer usage, Remote connection/disconnection, File/Registry manipulation, Process creation, DNS query, Windows service, PC startup/shutdown, Log on/off, Power saving mode, Network connection/disconnection, Event log deletion and System time change), which can be detected through event log analysis and classify event IDs that occur in each situation. Also, the existing event log tools only include functions related to the EVTX file parse and it is difficult to track user's behavior when used in a forensic investigation. So we implemented new analysis tool in this study which parses EVTX files and user behaviors.

• Journal of Korean Society for Geospatial Information Science
• /
• v.9 no.1 s.17
• /
• pp.67-75
• /
• 2001

One of the biggest problems found from the results of the various GIS-related projects is this. In spite of the fact that there is a national standards on GIS data structures, in building and managing the information on a variety of facilities in an area, each of the concerned organizations has been building the information using their own standards on the selection and organizations of the target facilities, naming convention, and coding regulations of the selected facilities. This distinctively exposes the limits and problems of the national GIS data standards in adopting to the regional GIS projects, resulting in considerable problems in sharing the information already built. The national GIS data standards, therefore, should be expanded and revised. As an effort to solve the above-mentioned problems, this paper suggests an idea on the revision and expansion of the national GIS data standards in the field of road and related facilities. It is believed that same efforts should be made for the other areas of the national GIS data standards to increase the applicability to various GIS projects.