• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.25 no.3
• /
• pp.115-122
• /
• 2017

To achieve designed quality and reliability from R&D to force integration, an establishment of precise and distinct specifications and standards are required. However, the recent process of R&D standardization on defense acquisition system, has brought plenty of corrections on specifications and standards that may cause not only difficulties to production line and retardation to the military forces, but also a degradation of provided weapon systems. Therefore, a technical review should be performed by the developer, the producer, and the client, establishing the standard that include mass production requirements as well as clients' requirements. This paper propose a specified solution on process of R&D standardization, by applying a substantial FCA(Functional Configuration Audit) and PCA(Physical Configuration Audit) which implies participation of related agencies. By the improved PCA, 2,023 corrections on 74 types of QAR(Quality Assurance Requirement)s and 12,715 corrections on drawings are identified.

• Journal of IKEEE
• /
• v.19 no.4
• /
• pp.610-616
• /
• 2015

In this paper, an electronic ID system satisfying security requirements of authentication certificate was designed using fingerprint recognition. The proposed electronic ID system generates a digital signature with forgery prevention, confidentiality, content integrity, and personal identification (=non-repudiation) using fingerprint information, and also encrypts, sends, and verify it. The proposed electronic ID system exploits fingerprint instead of user password, so it avoids leakage and hijacking. And it provides same legal force as conventional authentication certificate. The proposed electronic ID consists of 4 modules, i.e. HSM device, verification server, CA server, and RA client. Prototypes of all modules are designed and verified to have correct operation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.843-847
• /
• 2005

The development of distributed application in the standardized CORBA(Common Object Request Broker Architecture) environments reduces the developing time and maintaining cost of the systems. Because of these advantages, the development of application is being progressed in the several fields using the CORBA environments. The programmers in the CORBA environments usually develop the application programs using the CORBA IDL(Interface Definition Language). The IDL files are compiled by IDL compiler and translated into the stubs and skeleton codes which are mapped onto particular target language. The stubs produced by IDL compilers processes the marshaling a data into message buffer. Before a stub can marshal a data into its message buffer, the stub must ensure that the buffer has at least enough free space to contain the encoded representation of the data. But, the stubs produced by typical IDL compilers check the amount of free buffer space before every atomic data is marshaled, and if necessary, expand the message buffer. These repeated tests are wasteful and incidence of overheads, especially if the marshal buffer space must be continually expanded. Thus, the performance of the application program may be poor. In this paper, we suggest the way that the stub code is maintain the enough free space before marshaling the data into message buffer. This methods were analyzes the overall storage requirements of every message that will be exchanged between client and server. For these analysis, in the Front End of compiler has maintain the information that the storage requirements and alignment constraints for data types. Thus, stub code is optimized and the performance of application program is increased.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.4
• /
• pp.13-23
• /
• 2017

In order to protect personal information and important information (confidential information, sales information, user information, etc.) in the internal network, companies and organizations apply encryption to the Server-To-Server or Server-To-Client communication section, And are experiencing difficulties due to the increasing number of known attacks and intelligent security attacks. In order to apply the existing S / W encryption technology, it is necessary to modify the application. In the financial sector, "Comprehensive Measures to Prevent the Recurrence of Personal Information Leakage in the Domestic Financial Sector" has been issued, and standard guidelines for financial computing security have been laid out, and it is required to expand the whole area of encryption to the internal network. In addition, even in environments such as U-Health and Smart Grid, which are based on the Internet of Things (IoT) environment, which is increasingly used, security requirements for each collection gateway and secure transmission of the transmitted and received data The requirements of the secure channel for the use of the standard are specified in the standard. Therefore, in this paper, we propose a secure encryption algorithm through mutual authentication and grouping for each node through H / W based Network Control Server (NCS) applicable to internal system and IoT environment provided by enterprises and organizations. We propose a protocol design that can set the channel.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.9
• /
• pp.433-444
• /
• 2005

In video-on-demand(VOD) systems, a broadcast-based scheduling mechanism is known to be a very efficient technique for disseminating popular videos to very large client populations. The main motivations of broadcasting scheduling mechanisms are that they scale up extremely well and they have very modest bandwidth requirements. This paper proposes a new dynamic broadcasting scheduling mechanism, named FDBS (fast dynamic broadcasting scheme), and proves its correctness. This paper also evaluates the performance of FDBS on the basis of a simulation approach. The simulation results indicate that FDBS shows a superior performance over UD, CBHD, and NPB in terms of the average response time with very reasonable bandwidth requirements.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.153-164
• /
• 2004

Under a large-scale client-server service environment, e.g., online games, encrypting data for acquiring information security often causes overload to the server and hence degradation of the service itself. Therefore, for reducing encryption payload, it is necessary to use adequately an efficient encryption scheme with respect to the security requirements of transmission data. In this paper, we propose a packet encryption scheme using multiple cryptosystems to realize such capability, which assigns a different cryptosystem according to the security requirements level. The proposed encryption scheme is applicable to internet services with heavy traffic ratios in which different kinds of data packets are incessantly transmitted between clients and servers. To show its effectiveness and superiority, the performance of the proposed encryption scheme is verified by experiments.

• Journal of Internet Computing and Services
• /
• v.23 no.1
• /
• pp.49-68
• /
• 2022

The operation system of a shipping company is still maintaining the mainframe based terminal access environment or the client/server based environment. Nowadays shipping companies that try to migrate it into a web-based environment are increasing. However, in the transition, if the design is processed by the old configuration and knowledge without considering the characteristics of the web-based environment and shipping business, various security vulnerabilities will be revealed at the actual system operation stage, and system maintenance costs to fix them will increase significantly. Therefore, in the transition to a web-based environment, a security design must be carried out from the design stage to ensure system safety and to reduce security-related maintenance costs in the future. This paper examines the characteristics of various threat modeling techniques, selects suitable modeling technique for the operation system of a shipping company, applies data flow diagram and STRIDE threat modeling technique to shipping business, derives possible security threats from each component of the data flow diagram in the attacker's point of view, validates the derived threats by mapping them with attack library items, represents the attack tree having various attack scenarios that attackers can attempt to achieve their final goals, organizes into the checklist that has security check items, associated threats and security requirements, and finally presents 23 security requirements that can respond to threats. Unlike the existing general security requirements, the security requirements presented in this paper reflect the characteristics of shipping business because they are derived by analyzing the actual business of a shipping company and applying threat modeling technique. Therefore, I think that the presented security requirements will be of great help in the security design of shipping companies that are trying to proceed with the transition to a web-based environment in the future.

• ETRI Journal
• /
• v.25 no.6
• /
• pp.423-436
• /
• 2003

This paper describes our design of a contents distribution framework that supports transparent distribution of digital contents on the Internet as well as copyright protection of participants in the contents distribution value chain. Copyright protection must ensure that participants in the distribution channel get the royalties due to them and that purchasers use the contents according to usage rules. It must also prevent illegal draining of digital contents. To design a contents distribution framework satisfying the above requirements, we first present four digital contents distribution models. On the basis of the suggested distribution models, we designed a contract system for distribution of royalties among participants in the contents distribution channel, a license mechanism for enforcement of contents usage to purchasers, and both a packaging mechanism and a secure client system for prevention of illegal draining of digital contents.

• The Journal of Information Technology and Database
• /
• v.7 no.2
• /
• pp.1-15
• /
• 2000

The World-Wide-Web have many advantages as a front-end of database systems. Hence in Internet applications, such as E-Commerce systems, the requirements for Web-based database applications have been increasing. In this work we propose a framework for java-based Web database applications-JaWAF(Java-based Web Application Framework). JaWAF has the 3-tier architecture of Client/Server, and consists of database gateway, application server, and communication and message component. When this framework is applied to the database applications developments, it can provide advantages, such as ease understanding and fast implementations of the Web applications. Thus we can build 3-tier Web-based database application systems with high scalability and distributed processing capability. Database gateway in JaWAF works as a daemon process that connects to the database systems and waits for requests from clients, and supports state-oriented service between clients and database servers. Hence the performance of Web applications could be increasing.

• IE interfaces
• /
• v.9 no.2
• /
• pp.159-171
• /
• 1996

In recent, most'of automobile industries adopt the concept of JIT production. According to the concept, the paternal manufacturers require their suppliers to supply parts just in time, so it is very important for a subcontractor to produce the parts in the appointed time of delivery. This study develops a production information system for Woosin Industry, which is one of such subcontractors of Hyundai Motors Company(HMC). The system is developed for use in Client/Server environment. In this study, the following three modules are developed, i. e., the production scheduling module, the sales management module to deal with the information about orders of HMC, delivery of parts, and bill collecting, and the module for supporting material requirements planning and purchase of material.