• Proceedings of the Korean Society of Computer Information Conference
• /
• 2022.01a
• /
• pp.259-261
• /
• 2022

스프링은 자바 엔터프라이즈 애플리케이션 개발에 사용되는 프레임워크로써, 애플리케이션을 빠르고 효율적으로 개발할 수 있도록 틀과 공통 프로그래밍 모델, 기술 API 등을 지원해주며, 스프링 부트는 스프링 프레임워크를 사용하는 프로젝트를 간단하게 준비할 수 있는 스프링 프레임워크의 서브 프로젝트이다. 본 연구에서는 스프링 부트를 활용하여 간단한 블로그를 설계 및 구현한다. 간단한 블로그에서는 다른 사람과의 식별을 위한 로그인 및 회원가입, 다른 사람과의 생각을 공유하기 위해 게시물 및 댓글 읽기, 쓰기, 수정, 삭제의 기능을 설계하였다. 이러한 설계는 스프링 부트를 사용하여 모듈 간의 의존성 관리, Spring Web MVC를 사용하여 서비스 로직과 사용자 인터페이스를 분리하며, Spring Data JPA, Spring Security 등을 이용하여 회원식별과 게시물 및 댓글 쓰기, 읽기, 수정, 삭제 등을 구현하였다.

• Journal of Digital Convergence
• /
• v.16 no.12
• /
• pp.343-349
• /
• 2018

Electroencephalograph(EEG) information, which is an important data of brain science, reflects various levels of information from the molecular level to the behavior and cognitive stages, and the explosively amplified information is provided at each stage. Therefore, EEG information is an intrinsic privacy area of an individual, which is important information to be protected. In this paper, we apply spring security to web based system of spring MVC (Model, View, Control) framework to build independent and lightweight server system with powerful security system. Through the proposal of the platform type EEG analysis system which enhances the security function, the web service security of the EEG information is enhanced and the privacy of the EEG information can be protected.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.4
• /
• pp.77-83
• /
• 2021

As Open Source Software(OSS) recently invigorates, many companies actively use the OSSes in their business software. With such OSS invigoration, our web application is developed in order to provide the safety in using the OSSes, and update the information on the new vulnerabilities and the patches at all times by crawling the web pages of the relevant OSS home pages and the managing organizations of the vulnerabilities. By providing the updated information, our application helps the OSS users and developers to be aware of such security issues, and gives them to work in the safer environment from security risks. In addition, our application can be used as a security platform to greatly contribute to preventing potential security incidents not only for companies but also for individual developers.

• Journal of Agricultural Extension & Community Development
• /
• v.18 no.2
• /
• pp.281-313
• /
• 2011

67.82% of domestic hot springs are in rural areas. (Ministry of Public Administration and Security statistics, 2010) Most of hot spring's facilities are aging and inability to accommodate the current changes of leisure patterns. So, a decrease of the number of visitor to the hot spring resulted in economic decline of rural areas. Hot spring has been studied, but Architecture of Hot Springs has never been interested in and research. Therefore, Nation architecture of Hot spring and foreign architecture was compared and analyzed. Then, Architectural characteristics of Hot spring in rural areas was identify. The architecture of Hot spring type of foreign and images are routinely burned, the organic form and old-fashioned adrift. However, our country found in Hot spring architecturally and daily life had any features. Thus, the country's hot springs spa area for construction of the architecture design should be characterized. And, through institutional guidelines and deliberations should be provided in the right direction.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.303-308
• /
• 2019

Spring framework is widely used as a base technology for e-government frameworks and to the extent it is a standard for web service development tools of Korean public institutions. However, recently, a remote code execution vulnerability(CVE-2018-1270) was found in an application using a spring framework. This paper proposes a method of analyzing the vulnerability experiment using a hacking scenario, Proof Of Concept(POC), in which the spring framework is a hazard to the server. We propose the patch to version 4.3.16 and version 5.0.5 or later as an ultimate response. It is also expected that the proposed experiment analysis on vulnerability of hacking scenario will be used as a data for improving performance of security programs and establishing a new authentication system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.244-247
• /
• 2010

In this paper, propose for the international standards of security and reliability SEED block cipher algorithm is applied to the ICMP. This paper is improve security, reliability and user comfort of weakness existing integrated case management system on spring based java framework technology. As a result, part of the user interface to improve performance and can be applied to real world applications.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.21-30
• /
• 2010

Wireless network is one of the 2010's most important security issues. As smartphone is popularize, the number of Wireless Internet users is really growing and wireless AP spring up everywhere. But most wireless AP haven't being managed properly in terms of security, Wireless Internet users also don't recognize important of security. This situation causes grave security threats. This paper design and analyze a new cyber attack whose it circulates malware via QR code and activates Mobile AP to induce service charge. The new vulnerability we suggest forces to activate Mobile AP of smartphone based on Android and responds to all Probe Request are generated around, and brings induction of service charge and communication problems in its train.

• Earthquakes and Structures
• /
• v.13 no.6
• /
• pp.573-588
• /
• 2017

The earthquake input is required when the soil-structure interaction (SSI) analysis is performed by the direct finite element method. In this paper, the earthquake is considered as the obliquely incident plane body wave arising from the truncated linearly elastic layered half space. An earthquake input method is developed for the time-domain three-dimensional SSI analysis. It consists of a new site response analysis method for free field and the viscous-spring artificial boundary condition for scattered field. The proposed earthquake input method can be implemented in the process of building finite element model of commercial software. It can result in the highly accurate solution by using a relatively small SSI model. The initial condition is considered for the nonlinear SSI analysis. The Daikai subway station is analyzed as an example. The effectiveness of the proposed earthquake input method is verified. The effect of the obliquely incident earthquake is studied.

• The Journal of Korea Robotics Society
• /
• v.4 no.2
• /
• pp.163-168
• /
• 2009

In this paper, a new driving mechanism of security robotswhich should overcome obstacles with stability even though movingin high speed is introduced. The driving mechanism has spring-based suspension and two wheels positively necessary to overcome obstacles. From the driving mechanism, it is mainly discussed how we can decrease overshoot and impulse occurred when the robot is in the process of overcoming obstacles. Finally, design parameters of the driving mechanism which guarantees stable motion while overcoming obstacles is deduced based on simulation results. Experiments are also followed to demonstrate how well the manufactured system works in its early stage of the practical use.

• Journal of Industrial Convergence
• /
• v.21 no.3
• /
• pp.181-188
• /
• 2023

The e-Government standard framework provides overall technologies such as reuse of common components for web environment development such as domestic government/public institutions, connection of standard modules, and resolution of dependencies. However, in a standardized development environment, there is a possibility of updating old versions according to core versions and leakage of personal and confidential information due to hacking or computer viruses. This study directly analyzes security vulnerabilities focusing on websites that operate eGovFrame in Korea. As a result of analyzing/classifying vulnerabilities at the internal programming language source code level, five items associated with representative security vulnerabilities could be extracted again. As a countermeasure against this, the security settings and functions through the 2 steps (1st and 2nd steps) and security policy will be explained. This study aims to improve the security function of the e-government framework and contribute to the vitalization of the service.