• Journal of the Korea Society of Computer and Information
• /
• v.17 no.2
• /
• pp.127-137
• /
• 2012

Recently, as modern Internet uses mashups, Web 3.0, JavaScript/AJAX widely, the rate at which new vulnerabilities are being discovered is increasing rapidly. It can subsequently introduce big security threats. In order to efficiently mitigate these web application vulnerabilities and security threats, it is needed to rank vulnerabilities based on severity and consider the severe vulnerabilities during a specific phase of software development lifecycle (SDLC) for web applications. In this paper, we have first verified whether the risk rating methodology of OWASP Top 10 vulnerabilities is a reasonable one or not by analyzing the vulnerability data of web applications in the US National Vulnerability Database (NVD). Then, by inspecting the vulnerability information of web applications based on OWASP Top-10 2010 list and CWE (Common Weakness Enumeration) directory, we have mapped the web-related entries of CWE onto the entries of OWASP Top-10 2010 and prioritized them. We have also presented which phase of SDLC is associated with each vulnerability entry. Using this approach, we can prevent or mitigate web application vulnerabilities and security threats efficiently.

• Proceedings of the IEEK Conference
• /
• 2001.06c
• /
• pp.113-116
• /
• 2001

XML (extensible Markup Language) is a flexible way to create common information formats and share both the format and the data on the World Wide Web, intranets, and elsewhere. A document type definition (DTD) is a specific definition of the rules of the Standard Generalized Markup Language. A relational database management system (RDBMS) is a program that lets you create, update, and administer a relational database. An RDBMS takes Structured Query Language (SQL) statements entered by a user or contained in an application program and creates, updates, or provides access to the database. This paper has been studied a method of mappings from XML DTD to RDB schemas based on object model.

• Proceedings of the Korean Institute Of Construction Engineering and Management
• /
• autumn
• /
• pp.428-433
• /
• 2001

Commercial buildings are the mostly common ones to be constructed along with residential buildings. After economic inflation, So-called 'IMF era', construction market has been running low because of stagnancy of business activities and cost escalation, Thus the construction industry needs a study of higher productivity by means of using information infrastructure. To deliver a database of commercial buildings construction record, their major management has carried out analysis for database components, in an attempt to meet users' needs. The scheme study of application presented cost and resource in construction lifecycle.

• Journal of the Korean Institute of Landscape Architecture
• /
• v.29 no.3
• /
• pp.70-80
• /
• 2001

It is necessary to construct an effective regional information system in facing the incoming information intensive society. Many local government in Korea began to recognize a need for constructing a GIS(Geographic Information System) and they are planning to construct GIS´s to improve their administrative efficiency. However, ti requires high-priced hardware, software, and an experienced operator to sue a GIS effectively. The purpose of this study is to develop the GIS program which can be sued with ease by common users. By developing a GIS functioned program using a coordinate recognition module by application of geo-spatial data, and a digital map which is already made, this program can be used efficiently only by only inputting attributes without high-priced hardware and software, and can be utilized easily to every purposes of work with geo-spatial data and attributes. MapObjects, mapping and GIS component, was employed to use geo-spatial data, and Access 97 from Microsoft to manage and attributes database. Visual Basic, objected-oriented language, was used to develop an application program. Results of this study were applied to constructing the Information system of Kanwon National University. This program could be used for various purposed by common users without additional hardware and software.

• Journal of the Korean Society for Precision Engineering
• /
• v.16 no.9
• /
• pp.25-34
• /
• 1999

In spite of the advance of 3D solid modeling technology, there are some distinct areas where 2D CAD S/W are still dominant, and more competent comparing with 3D CAD S/W. For example, in the manufacturing of 2D-shaped electrical parts, most related manufacturing tools have 2D geometric features by nature, and 3D solid models applied to these parts have substantial overheads. Nevertheless, most 2D CAD S/W have no topological inquiry services because they have no such information on their geometrical database inherently. Thus, it is needed to extract such information from 2D CAD database for developing more advanced application such as automated drafting/design S/W. In this paper, the extraction of topological information from 2D CAD has been performed in general way using concept of B-rep. A general extraction algorithm, data structure and meta file format for 2D topological object have been developed and successfully applied to the development of the automated lead frame die design system in Samsung Aerospace. it is also possible to provide a flexible, powerful topology-oriented functionality on any common 2D CAD S/W.

• Journal of Internet Computing and Services
• /
• v.3 no.1
• /
• pp.29-40
• /
• 2002

The information exchange on the using of XML such as B2B electronic is common. So the efficient method to store XML message in database is needed. Because the ORDBMS is extended to ORDBMS for supporting multimedia application such as Oracle8i, 9i, Informix and SQL2000 server, SQL2, the standard RDB is extended to SQL3 for ORDB, And the XML application based on java such as J2EE is extended. Therefor it is necessary for the efficient connection methods based on JDBC between XML application and database system. In this paper, the methodology a transformation XML DTD to SQL3 schema is proposed. For the transformation, first the methods of transformation XML DTD to object model in UML class diagram are proposed. And then the methods of mapping transferred object models to SQL3 schema are proposed. This approach for transform::1lion XML. DTD to SQL3 schema such as Oracle8i, 9i, Informix and SQL2000 server based on java is proposed in this paper, can be used in database design to build XML applications based on ORDB.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.59 no.2
• /
• pp.232-241
• /
• 2010

This paper describes the development of robust contingency analysis program for Korean Energy Management System. The important function of contingency analysis is to determine the bus/branch model for contingency, and to calculate the state of the power network based on the network model and topology output. In the proposed method, the bus/branch models for contingencies are determined exactly using a fast linked-list method based on the application common model database. To calculate the state of the power system included contingency, the full-decoupled powerflow approach, the partial powerflow method for contingencies and the proposed contingency screening algorithm are also used to contingency analysis. To verify the performance of the developed processor, we performed a file-based test using several structured input data and online test using the database which resides on memory. The results of these comprehensive tests showed that the developed processors can accurately calculate the power system contingency state from online data and can be applied to Korea Power Exchange system.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.6 no.3
• /
• pp.190-200
• /
• 2011

Android platform provides a content provider and a cursor mechanism to access the internal SQLite engine. Content providers not only store and retrieve data but also make it accessible to applications. Applications can only share data through content provider, since there's no common storage area that Android packages can access. Cursor is an interface that provides random read-write access to the result set returned by a database query. However, this cursor possesses two major limitations. First, a cursor does not support a join clause among cursors, since the cursor can only access a single table in the content provider. Second, the cursor is not capable of creating user-customized field in the predefined content providers. In this paper, we propose the unified cursor architecture that merges several cursors into a single virtual cursor. Cursor translation look-aside buffer (TLB), column windowing mechanism and virtual data management are the three major techniques we have adopted to implement our structure. And we also propose a delayed synchronization method between an application and a proposed unified cursor. An application can create a user-customized field and sort multiple tables using a unified cursor on Android platform.

• Proceedings of the KIEE Conference
• /
• 2000.11d
• /
• pp.851-853
• /
• 2000

The rapid expansion of the medical information super-highway through the internet with the sophistication of computer engineering and its application has made telemedicine in the cyberspace possible. Recent progress in the medical informatics enables us to use the medical information regardless on the time or place limit, to make a diagnostic and therapeutic plan. according to increasing need about health of general population. There are many database oriented sites on the web, which provide medical common senses, hospital information, and medical counselling on the web. But there are few oriental pulse database on the web. The purpose of this study is to develope the Clinical Oriental Pulse Database Management System over the WWW.

• Journal of Preventive Medicine and Public Health
• /
• v.57 no.1
• /
• pp.1-7
• /
• 2024

Objectives: Adjusting for potential confounders is crucial for producing valuable evidence in outcome studies. Although numerous studies have been published using the Korea National Health Insurance Claim Database, no study has critically reviewed the methods used to adjust for confounders. This study aimed to review these studies and suggest methods and applications to adjust for confounders. Methods: We conducted a literature search of electronic databases, including PubMed and Embase, from January 1, 2021 to December 31, 2022. In total, 278 studies were retrieved. Eligibility criteria were published in English and outcome studies. A literature search and article screening were independently performed by 2 authors and finally, 173 of 278 studies were included. Results: Thirty-nine studies used matching at the study design stage, and 171 adjusted for confounders using regression analysis or propensity scores at the analysis stage. Of these, 125 conducted regression analyses based on the study questions. Propensity score matching was the most common method involving propensity scores. A total of 171 studies included age and/or sex as confounders. Comorbidities and healthcare utilization, including medications and procedures, were used as confounders in 146 and 82 studies, respectively. Conclusions: This is the first review to address the methods and applications used to adjust for confounders in recently published studies. Our results indicate that all studies adjusted for confounders with appropriate study designs and statistical methodologies; however, a thorough understanding and careful application of confounding variables are required to avoid erroneous results.