• Journal of the Korea Society of Computer and Information
• /
• v.16 no.12
• /
• pp.257-263
• /
• 2011

Conventional middleware is software providing services between clients and servers efficiently, but it is not applicable to RFID systems because of low consistency due to the absence of context awareness function, and problems in the management of meaning, security system, etc. Accordingly, we need a quality selection process and a quality evaluation method for selecting RFID middleware based on new criteria. This Paper proposed a new selection process based on international standard ISO/IEC 14598, and extracted and selected optimal quality factors through the proposed process. The selected quality factors were mapped to the quality characteristics of standard quality model ISO/IEC 9126, and to quality factors of RFID middleware of SUN, Microsoft, EPCglobal, IBM, etc. The results of these works showed that the quality factors extracted and selected through the proposed process were fair and adequate for evaluating the quality of RFID middleware.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.6
• /
• pp.466-475
• /
• 2014

The IVEF service is the draft standard designed for exchange of information on sea traffic between the vessel traffic systems and between the vessels. Standardization of this service is under way as a part of the next-generation navigation system, called e-Navigation. The International Association of Lighthouse Authorities (IALA) suggests, on its recommendation V-145, the IVEF service model and the protocol for provisioning of this service. But the detailed configuration of this service must be designed by the users. This study suggests, based on the basic service model and protocol provided in the recommendation V-145, the implementation of the J-VTS middleware which will facilitate exchange of information on sea traffic. The J-VTS middleware consists of various components for providing the IVEF service and for processing the IVEF message protocols. The vessel traffic systems and the vessels corresponding to upper-layer applications may use the IVEF service with the functions provided by the J-VTS middleware, and the services are designed to be accessed according to the security level of users.

• Journal of Software Engineering Society
• /
• v.25 no.1
• /
• pp.1-9
• /
• 2012

RFID systems have been widely used in various fields such as logistics, distribution, food, security, traffic and others. A RFID middleware, one of the key components of the RFID system, perform an important role in many functions such as filtering, grouping, reporting tag data according to given user specifications and so on. However, manual test data generation is very hard because the inputs of the RFID middleware are generated according to the RFID middleware standards and complex encoding rules. To solve this problem, in this paper, we propose a black box test technique based on RFID middleware standards. Firstly, we define ten types of input conversion rules to generate new test data from existing test data based on the standard specifications. And then, using these input conversion rules, we generate various additional test data automatically. To validate the effectiveness of generated test data, we measure coverage of generated test data on actual RFID middleware. The results show that our test data achieve 78% statement coverage and 58% branch coverage in the classes of filtering and grouping, 79% statement coverage and 64% branch coverage in the classes of reporting.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.34 no.4
• /
• pp.72-81
• /
• 2011

In this paper, we propose adaptive convergence security policies and management technologies to improve security assurance in the home networking environment. Many security issues may arise in the home networking environment. Examples of such security issues include the user privacy, the service security, the integrated networking security, the middleware security and the device failure. All these security issues, however, should be fulfilled in phase due to many difficulties including deployment cost and technical complexity. For instance, fundamental security requirements such as authentication, access control and prevention of crime and disaster should be addressed first. Then, supplementary security policies and diverse security management technologies should be fulfilled. In this paper, we classify these requirements into three categories, a service authentication, a user authentication and a device authentication, and propose security policies and management technologies for each requirement. Since the home gateway is responsible for interconnection of many home devices and external network access, a variety of context information could be collected from such devices.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.548-555
• /
• 2023

With the advancement of the internet, the use of personal information in online interactions has increased, underscoring the significance of data protection. Breaches of personal data due to unauthorized access can result in psychological and financial damage to individuals, and may even enable wide-ranging societal attacks aimed at those associated with the victims. In response to such threats, there is active research into security measures using blockchain to safeguard personal information. This study proposes a system that uses middleware and IAM (Identity and Access Management) services to protect personal information in a BaaS (Blockchain as a Service) environment where blockchain is provided via the Internet. The middleware operates on servers where IAM roles and policies are applied, authenticates users, and performs access control to allow only legitimate users to access blockchain data existing in the cloud. Additionally, to understand the impact of the proposed personal information protection method on the system, we measure the response time according to the time taken and the number of users under three assumed scenarios, and compare the proposed method and research related to personal information protection using blockchain in terms of security characteristics such as idea, type of blockchain, authentication, and confidentiality.

• Journal of Korea Multimedia Society
• /
• v.17 no.6
• /
• pp.706-715
• /
• 2014

It is used to lead to serious structural vulnerability of the system security of security-critical system when we have quickly developed software system according to urgent release schedule without appropriate security planning, management, and assurance processes. The Data Set and Provider of DataSnap, which is a middleware of Delphi XE2 of the Embarcadero Technologies Co., certainly help to develop an easy and fast-paced procedure, but it is difficult to apply security program and vulnerable to control software system security when the connection structure Database-DataSnap server-SQL Connection-SQL Data set-Provider is applied. This is due to that all kinds of information of Provider are exposed on the moment when DataSnap Server Port is sure to malicious attackers. This exposure becomes a window capable of running SQL Command. Thus, it should not be used Data Set and Provider in the DataSnap Server in consideration of all aspects of security management. In this paper, we study on the verification of the security vulnerabilities for Client and Server DataSnap in Dlephi XE2, and we propose a secure coding method to improve security vulnerability in the DataSnap server system.

• Journal of information and communication convergence engineering
• /
• v.7 no.3
• /
• pp.330-334
• /
• 2009

Most security solutions and middleware on home network consider internet users as approaching subject. It is unrealistic where the most subjects are mobile users who want to control home network devices. Therefore minor and fast certification structures are needed to control other devices with mobile device that has lower computing capacity. To solve the above problems, this paper wants to build safe certification frame work for internet and mobile users to control household devices safely. New certification structure is proposed to get out of heavy certification structure like PKI and to minimize encrypting and decrypting operation by compounding session key and public key.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.826-828
• /
• 2007

건강과 복지에 대한 사람들의 관심이 증대함에 따라 고령층 인구를 중심으로 병원에서 건강 점검 및 진료가 이루어졌던 기존의 Health산업 패러다임에서 연령층에 관계없이 언제, 어디서나 진료를 받을 수 있는 u-Health산업 패러다임으로 변화하고 있다. 이러한 흐름에 발맞추어 유비쿼터스 컴퓨팅 환경에서 혈압, 맥박, 심전도 등과 같은 의료정보뿐만 아니라 일상생활에서 획득한 정보를 통해 건강증진, 질병예방, 진료를 가능하게 하는 u-LifeCare 의료체계가 필요하다. u-LifeCare 를 지원하는 미들웨어는 유비쿼터스 환경에서 필수적인 기술 요소인 센서 네트워크 미들웨어와 상황인지 미들웨어를 통합하는 미들웨어이며, 라이프케어의 특성을 고려한 '초경량(LightWeight)의, 확장성(Scalability)있는, 보안성(Security)을 갖춘' 미들웨어이다.

• The Transactions of the Korean Institute of Electrical Engineers D
• /
• v.54 no.3
• /
• pp.141-147
• /
• 2005

In the field of electrical industry, embedded computing environment including hardware and software is getting more important as the industry shifts to the knowledge-based one. Java could play a great role as bridging technology in such a transition because it provides a lot of benefits like dynamic application download, compatibility of cross platform, and its own security solution. However, the Java technology has a limitation of real-time problem when it is applied to the embedded computing system of the electrical industry. To solve the problem, a novel java-native combination model has been proposed and designed to a firmware level. This scheme has been employed in four kinds of control boards. The result shows that the proposed model has great potential to implement the real-time processing in control of the devices.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.717-720
• /
• 2004

Jini is a middle ware supposed in Sun Microsystems. The goal of lil is the establishment of dynamic distributed system, which can share information and control of other Jini technology-enabled services or devices in the same Jini system. Jini is one of the best middleware together UPnP and HAVi. Hone network security, soch as privacy protection, crime prevention, and etc, is very important. So Jini 2.0 adds security mechanism in 11. 2003. This paper describes the analysis of Jini 2.0 security mechanism, and home network security.