• Journal of Internet Computing and Services
• /
• v.14 no.4
• /
• pp.35-42
• /
• 2013

Nowadays many tasks are performed using the Web. Accordingly, many web-based application systems with various and complicated functions are being requested. In order to develop such web-based application systems efficiently, object-oriented analysis and design methodology is used, and Java EE(Java Platform, Enterprise Edition) technologies are used for its implementation. The security issues have become increasingly important. For such reasons, Java EE provides mechanism related to security but it does not provide interconnections with object-oriented analysis and design methodology for developing web application system. Consequently, since the security method by Java EE mechanism is implemented at the last step only, it is difficult to apply constant security during the whole process of system development from the requirement analysis to implementation. Therefore, this paper suggests an object-oriented analysis and design methodology emphasized in the security for secure web application systems from the requirement analysis to implementation. The object-oriented analysis and design methodology adopts UMLsec, the modeling language with an emphasis on security for the requirement analysis and system analysis & design with regard to security. And for its implementation, RBAC (Role Based Access Control) of servlet from Java EE technologies is used. Also, the object-oriented analysis and design methodology for the secure web application is applied to online banking system in order to prove its effectiveness.

• Journal of KIISE:Software and Applications
• /
• v.30 no.1_2
• /
• pp.19-30
• /
• 2003

Based upon XML, a standard document format on the web, there have been many active studies on e-Commerce, wireless communication, multimedia technology and so forth. JML is an XML application suitable for understanding and reusing the source code written using JAVA for various purposes. And it is a DTD which can effectively express various information related to hierarchical class structures, class/method relationships and so on. This paper describes a tool which generates JML document by extracting a comment information from Java source code and information helpful for reusing and understanding by JML in terms of the reverse engineering and a tool which generates a skeleton code of Java application program from the document information included in the automatically or manually generated JML document in terms of the forward engineering. By using the result of this study, the information useful and necessary for understanding, analyzing or maintaining the source code can be easily acquired and the document of XML format makes it easy for developers and team members to share and to modify the information among them. And also, the Java skeleton coed generated form JML documents is a reliable robust code, which helps for developing a complete source code and reduces the cost and time of a project.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.4
• /
• pp.1022-1031
• /
• 1999

In this paper, we propose the framework of a visual language named VIOLA(VIsual Object-oriented Language for Multimedia Applications), which is developed for web authoring. VIOLA supports the user to construct HTML documents and CGI programs even if he/she doesn't know exact HTML tags and CGI programming. VIOLA, a user interface building part and a programming logic building part are combined by the data-flow model. the user interface building part provides direct manipulation and a WSIKWYG interface, and the program logic building part provides more intuitive interface by using predefined classes and the data-flow model. thus, even a novice user can construct sophisticated applications by simply moving or clicking the mouse. several classes which generate CGI codes are predefined, and they are represented with highly abstracted visual components, By reusing predefined classes, CGI codes are automatically generated. In VIOLA, all major steps in builidng generated wit HTML documents and Java CGI programs.

• Journal of KIISE
• /
• v.42 no.4
• /
• pp.487-495
• /
• 2015

Since most of information is computerized nowadays, it is extremely important to promote the security of the computerized information. However, the software itself can threaten the safety of information through many abusive methods enabled by coding mistakes. Even though the Secure Coding Guide has been proposed to promote the safety of information by fundamentally blocking the hacking methods, it is still hard to apply the techniques on other programming languages because the proposed coding guide is mainly written for C and Java programmers. In this paper, we reclassified the coding rules of the Secure Coding Guide to extend its applicability to programming languages in general. The specific coding guide adopted in this paper is the C Secure Coding Guide, announced by the Ministry of Government Administration and Home Affairs of Korea. According to the classification, we applied the rules of programming in Sprout, which is a newly proposed Korean programming language. The number of vulnerability rules that should be checked was decreased in Sprout by 52% compared to C.

• Communications for Statistical Applications and Methods
• /
• v.7 no.3
• /
• pp.913-926
• /
• 2000

An electronic statistics text on the web is implemented. The introduced text provide interactive instructions on the statistical estimation and inference. As a by-product, we also provide a calculation of quantiles and p-value of t-distribution and standard normal distribution. This program was written in JAVA programming language.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.06a
• /
• pp.148-155
• /
• 2002

Multithreaded models improve the efficiency of parallel systems by combining inner parallelism, asynchronous data availability and the locality of von Neumann model. This model executes thread code which is generated by compiler and of which quality is given by the method of generation. But multithreaded models have the demerit that execution model is restricted to a specific platform. On the contrary, Java has the platform independency, so if we can translate from threads code to Java bytecode, we can use the advantages of multithreaded models in many platforms. Java executes Java bytecode which is intermediate language format for Java virtual machine. Java bytecode plays a role of an intermediate language in translator and Java virtual machine work as back-end in translator. But, Java bytecode which is translated from multithreaded models have the demerit that it is not secure. This paper, multhithread code whose feature of platform independent can execute in java virtual machine. We design and implement translator which translate from thread code of multithreaded code to Java bytecode and which check secure problems from Java bytecode.

• Journal of Korea Multimedia Society
• /
• v.16 no.2
• /
• pp.190-197
• /
• 2013

Since domestic and foreign platform companies and mobile carriers adopt and use different kinds of smart platforms, developers should develop or convert contents according to each smart platform to provide a single smart content for customers. It takes long time and a lot of money to convert the conventional smart contents in order to serve other smart platforms. For the reason, more attention has been paid on Smart Cross Platform or Hybrid Platform, the core technologies of OSMU(One Source Multi Use) in which, once a program is coded, it can be executed in any platforms regardless of development languages. As a result, PhoneGap and HTML5 based Sencha Touch have been introduced. In this paper, we developed the smart virtual machine, which is built in smart cross platform based smart devices, unlike Android, iOS, Windows Phone devices being dependent of platforms, and helps to download and execute applications, being independent of platforms. the smart virtual machine supports C/C++, and Java language, being differentiated from JVM by sun microsystems that supports only Java language and .NET framework by microsoft that supports only C, C++ and C#. Therefore, it provides contents developers with the environment where they can get a wide range of options in choosing a language and develop smart contents.

• Journal of the Korea Computer Graphics Society
• /
• v.2 no.2
• /
• pp.69-74
• /
• 1996

With the emergence of integrated global market and increased competition, many companies are interested in sharing the product model data. One of the solutions is to share the product model data over the computer network or the internet using a standard format. CAD/CAM, STEP, and internet technologies make it possible to share the product model data. This paper presents methods to visualize 3D STEP geometry data on the internet. To create an internet-based STEP model visualizer, the programming language Java and 3D scene description language VRML have been experimented. The STEP geometry data can be displayed either by Java applets of by a VRML browser. These visualization technologies are applied to a PDM development. Engineers who have a low cost web browser can share the expensive design information even at a remote site.

• The KIPS Transactions:PartC
• /
• v.8C no.1
• /
• pp.16-22
• /
• 2001

There are several traditional factors of software quality. Some of them are such as correctness, reliability, efficiency, compatibility, portability, etc. In addition to them, security is required as another factor of software quality nowadays because some application programs are used as a way to attack information systems by stack frame manipulation. Each processor has its own peculiar stack frame mechanism and C language uses the characteristics of them. This paper explains the concept of security problem caused by stack frame manipulation, and the stack frame mechanism of Pentium, Alpha and SP ARC processor in detail. And then it examines the effect of stack frame mechanism on the security of programs in C language.

• Journal of KIISE:Software and Applications
• /
• v.30 no.1_2
• /
• pp.1-18
• /
• 2003

Precise and systematic mapping techniques are required for mapping object-oriented artifacts into a platform-specific design. An effective and systematic mapping approach for an adequate platform or programming language in needed, because the characteristics of an initial design are independent from an implementation language and a platform. In this paper, we propose systematic and concrete methods, guidelines, and design patterns that can be used to design business operations at EJB (Enterprise JavaBeans) source code level. We show how various EJB mechanism can be utilized in designing business operations for beans. We believe these proposed methods can yield high-performance EJB applications that can also be well maintainable.