• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37B no.12
• /
• pp.1160-1167
• /
• 2012

Identifying traffic is an important issue for many networking applications including quality of service, firewall enforcement, and network security. Once we know the purpose of using the traffic in the firewall, we can allow or deny it and provide quality of service, and effective operation in terms of security. However, a number of applications encrypts traffics in order to enhance security or privacy. As a result, effective traffic monitoring is getting more difficult. In this paper, we analyse SSH encrypted traffic and identify differences among SSH tunneling, SFTP, and normal SSH traffics. By using EM clustering, we identify traffics and validate experiment results.

• The Journal of the Korea Contents Association
• /
• v.6 no.3
• /
• pp.63-74
• /
• 2006

Recently many ASP applications have been released which enable them to accept, save and manipulate files uploaded with a web browser. The files are uploaded via an HTML POST form using RFC 1867 In particular, the file transfer via the HTTP port is getting more important because of the current Internet security issues. In this paper, we implement a form-based ASP upload component and disclose explicitly most of the main codes. That is, the open source might be helpful to develop the new ASP applications including file upload function in the future. We also show the upload time and CPU usage time of the proposed upload component and compare with the well-known commercial ones, showing the performance metrics of the proposed component are comparable to those of commercial ones.

• The Journal of the Korea Contents Association
• /
• v.15 no.10
• /
• pp.607-615
• /
• 2015

Mosts user of internet and smart phone has certificate, and uses it when money transfer, stock trading, on-line shopping, etc. Mosts user stores certificate in a hard disk drive of PC, or the external storage medium. In particular, the certification agencies are encouraged for user to store certificate in external storage media such as USB memory rather than a hard disk drive. User think that the external storage medium is safe, but when it is connect to a PC, certificate may be copied easily, and can be exposed to hackers through malware or pharming site. Moreover, if a hacker knows the user's password, he can use user's certificate without restrictions. In this paper, we suggest secure management scheme of the private key file using a password of the encrypted private key file, and a USB Memory's hardware information. The private key file is protected safely even if the encrypted private key file is copied or exposed by a hacker. Also, if the password of the private key file is exposed, USB Memory's container ID, additional authentication factor keeps the private key file safe. Therefore, suggested scheme can improve the security of the external storage media for certificate.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.2
• /
• pp.39-49
• /
• 2009

In this paper, we classify web-based social network into two types: open and community, and model user behavior in social activities. After that, we also propose the combination of instant messaging and web system as the method of support asynchronous/synchronous social activities. Furthermore, we introduce ImCoWeb prototype system that supports both asynchronous social activities (ex. social bookmark, comment, rate, and data share) and synchronous ones (ex. real-time communication, file transfer, co-browsing, and co-work). Because it is built on the existing instant messaging, it reduces costs by reusing the facilities such as session management, user management, and security of instant messaging.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.143-156
• /
• 2008

Grid-based PACS can provide an advanced medical information services such as remote image file transfer, collaboration, remote diagnosis, and virtual hospital. In this paper, we have implemented Grid-PACS which guarantees both storage safety and extendability for virtual large scale storage system. The experimental results showed that the virtual storage system provided more efficient and faster data transfer than the conventional PACS. The proposed Grid data management system can be utilized to improve the effectiveness of the PACS data management and transmission between medical institutions.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.850-853
• /
• 2008

As th Internet grew rapidly, the Electronic Commerce that is based on Internet increased. The Electronic Commerce is unsubstantial in the mutual authentication between the parties and a commerce As a solution to this issue, a Web server uses a Client Message technology. The purpose of Client Message is to validate the user and the electronic commercial transaction. Further, it increases efficiency and offers several ability at various purposes. However, the Client Message is transferred and stored as an unencrypted text file, the information can be exposed easily to the network threats, end system threats, and Client Message harvesting threats. In this paper designed by used crypto algorithm a Secure Message as a solution to the issue have proposed above. Further, designed a security service per Network transmitting message to transfer client's user input information to a Web server safety.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.672-675
• /
• 2013

FTP(File Transfer Protocol)는 호스트에서 다른 호스트로 파일을 전송하기 위한 프로토콜로써, 데이터를 평문으로 전송하기 때문에 기밀성이 보장되지 않는다. 현재 보안 기능이 제공되는 FTP로 FTPS(FTP over SSL)가 있다. FTPS는 TLS(Transport Layer Security)와 SSL(Secure Socket Layer) 암호화 프로토콜 기반에서 동작하는 FTP 이다. 따라서 FTPS는 TLS와 SSL과 같은 추가적인 시스템이 반드시 필요한 단점이 있다. 본 논문에서는 추가적인 암호화 프로토콜 없이 FTP 내에서 보안 기능을 제공하는 Secured FTP를 제안하였다. 본 논문에서 제안한 Secured FTP 는 FTP 내에서 Diffie-Hellman 알고리즘을 이용하여 비밀 키를 교환하고 AES(Advanced Encryption Standard)-Counter 알고리즘을 이용하여 FTP 데이터를 암호화 및 복호화하도록 설계하였다. 본 논문에서 제안한 Secured FTP를 Linux 운영체제에서 구현하였고 시험을 통하여 비밀 키가 정상적으로 교환되고, FTP 데이터가 암호화되어 전송되는 것을 확인하였다.

• The Korean Journal of Financial Management
• /
• v.1 no.1
• /
• pp.119-131
• /
• 1985

Although Korea is short of capital technology, and natural resources, she has achieved an outstanding progress by the export-drive policies by Korean government and the creative endeavor of Korean firms. As a result of that, Korean economy and enterprises are in the same file of newly industrialized countries and Korea is ready for an economic take-off as a developed country. But in the early 1980s, each country strengthens protective trade theory and resources nationalism, and this has a great influence on the field of international trade environment. In spite of that, to continue the same high development as that of the past. Korea must try to secure and find export markets, solve trade barriers, make sure of the long-term security of resources, develop technology, and strengthen economic cooperations. To satisfy these desires by 2000s, we must try to make Korean enterprises have the global competitive power and them grow strongly among world wide firm through capital and technology accumulated during the passed years, and to do so, there must be a foreign production and marketing management, too, this can be achieved only through foreign overseas direct investment. This investment has various forms, to say, verifical integrated, horizontal integrated. conglomerate integrated forms, and the amount of investment in each country from 18 century to today reaches 500 billion dollars. This investment is done by strategic, behavioral economic, and financial motives. So I am going to approach the fields of like these; in spite of the differences among political, economical, caltural, and social systems, and many risk compared with domestic enterprises, why do Korean firms witsh to transfer the productive facilities to overseas countries and run them there? What is the comparative advantage of foreign direct investment compared with domestic investment ?. why is the factor of comparative advantage transferred through foreign direct investment?, what is the motive of foreign overseas direct investment?, and last the ownership-specific factors and the theory of internalization, and the location specific factors were analysed chiefly. But in consideration of the given condition in Korea, Korean overseas direct investment must be propelled rationally on the basis of the above mentioned theory.

• Journal of Internet Computing and Services
• /
• v.16 no.2
• /
• pp.109-115
• /
• 2015

The new medical device technologies for bio-signal information and medical information which developed in various forms have been increasing. Information gathering techniques and the increasing of the bio-signal information device are being used as the main information of the medical service in everyday life. Hence, there is increasing in utilization of the various bio-signals, but it has a problem that does not account for security reasons. Furthermore, the medical image information and bio-signal of the patient in medical field is generated by the individual device, that make the situation cannot be managed and integrated. In order to solve that problem, in this paper we integrated the QR code signal associated with the medial image information including the finding of the doctor and the bio-signal information. bio-signal. System implementation environment for medical imaging devices and bio-signal acquisition was configured through bio-signal measurement, smart device and PC. For the ROI extraction of bio-signal and the receiving of image information that transfer from the medical equipment or bio-signal measurement, .NET Framework was used to operate the QR server module on Window Server 2008 operating system. The main function of the QR server module is to parse the DICOM file generated from the medical imaging device and extract the identified ROI information to store and manage in the database. Additionally, EMR, patient health information such as OCS, extracted ROI information needed for basic information and emergency situation is managed by QR code. QR code and ROI management and the bio-signal information file also store and manage depending on the size of receiving the bio-singnal information case with a PID (patient identification) to be used by the bio-signal device. If the receiving of information is not less than the maximum size to be converted into a QR code, the QR code and the URL information can access the bio-signal information through the server. Likewise, .Net Framework is installed to provide the information in the form of the QR code, so the client can check and find the relevant information through PC and android-based smart device. Finally, the existing medical imaging information, bio-signal information and the health information of the patient are integrated over the result of executing the application service in order to provide a medical information service which is suitable in medical field.

• The Korean Journal of Air & Space Law and Policy
• /
• v.30 no.2
• /
• pp.83-153
• /
• 2015

As our economy grows and the number of aircraft increase, the number of civil execution against aircraft cases are likely to increase as well in the future. The purpose of this article is to present the legal theory on the civil execution against aircrafts by drawing on the legal theory on the civil execution against vessels which constitute a relatively large number of cases thus observed. The provisions of the civil execution against immovables or vessel, shall basically apply mutatis mutandis to the civil execution against aircraft or light aircraft. The civil execution against ultra-light flying devices or a foreign aircraft shall be executed in conformity with the civil execution against movables. There are a compulsory auction, an auction to execute a security right to aircraft, and an auction under the right of retention, etc. in the civil execution against an aircraft. A compulsory execution against an aircraft means an execution carried out by a creditor against a debtor's aircraft to obtain satisfaction of claims for the purpose of payment of money. The court of execution of a compulsory execution against an aircraft shall be the district court having jurisdiction over the airport of stoppage or storage of such aircraft at the time of seizure. The forums of execution of a compulsory execution against an aircraft shall be exclusive forums. When a court has rendered an order on commencing an auction, it shall order an execution officer to receive a certificate of the aircraft's registration and other documents as required for its operation, and to submit them to the court. A court may revoke the procedures for a compulsory auction when an execution officer fails to obtain a transfer of the aircraft's registration certificate, etc. and the location of the aircraft is not evident, not later than an elapse of 2 months from the date on which an order on commencing an auction has been rendered. In the case where it is deemed that there exists a business-related need or other based on proper reasoning, the court may permit the aircraft's operation, upon the motion submitted by the debtor. In this case, there shall be a consent from the creditor, the highest bidder, the next highest bidder and successful bidder. A court may, upon a motion submitted by the creditor, make the dispositions required for observing and preserving the aircraft. When a debtor has submitted the documents under subparagraph 2 or 4 of the Article 49 of the Civil Execution Act, and furnished the guarantee equivalent to the claims of the execution creditors and the creditors demanding a distribution and to the costs for execution, before a declaration of bid, the court shall, upon request, revoke other procedures than those for distribution. The provisions of a obligatory auction against vessel or aircraft and an auction to execute a security right to real estate or vessel, shall apply mutatis mutandis to an auction to execute the security right to aircraft. In an auction to execute the security right to aircraft case, an executive title is not necessary. An executory exemplification is not necessary in an application for an auction to execute the security right to aircraft. A court should examine the existence of security right and claim secured. No order on commencing an auction procedure shall be issued with non-existence or invalidity of the security right and absence or extinguishment of the claim secured. Furthermore, these prohibitions are the reason of a decision on non-permit for sale, the court overlooked these prohibitions, and the decision on a permit for sale became final and conclusive, the successful bidder who paid the price and registered of ownership could not acquire ownership of the aircraft sold. A court may render a ruling to put plural aircrafts up for a blanket auction, only when they are in restraint and related matter (Supreme Court Order 2001Ma3688 dated on August 22, 2001). A righter of retention on aircraft may file a request for an auction against the aircraft. The provisions of an auction to execute a security right to aircraft shall apply mutatis mutandis to the formal auction. Airport facility fee and an aircraft are not in restraint and related matter, so an airport management corporation does not hold the right of retention on the aircraft (Supreme Court Decision 2011Da29291 decided on April 10, 2014). In an auction in accordance with the right of retention, all encumbrances (e.g., mortgages) on the sold aircraft shall be extinguished by a sale under the legal conditions for sale. Not only creditors who have claims for preferential payment but also general creditors could demand for distribution. The precedence of the claim of the right of retention on aircraft and that of general creditor's claims are equal.