• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1179-1189
• /
• 2012

We propose an improvement on the Guideline of Secure Software Development for Korea e-Government that is under revision by the Ministry of Public Administration and Security in 2012. We adopted a rule-oriented organization instead shifting from the current weakness-oriented one. The correspondence between the weakness and coding rules is identified. Also, added is the coverage of diagnostic tools over the rules to facilitate the usage by programmers during coding period When the proposed guideline is applied to secure software development, the weakness would be controlled indirectly by enforcing coding rules. Programmers responsibility would be limited to the compliance of the rules, while the current version implies that it is programmers responsibility to guarantee being free from the weakness, which is hard to achieve at reasonable cost.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.243-250
• /
• 2013

We have entered into an era of smart software system where the many kinds of embedded software, especially SCADA and Automotive software not only require high reliability and safety but also high-security. Removing software weakness during the software development lifecycle is very important because hackers exploit weaknesses which are source of software vulnerabilities when attacking a system. Therefore the coding rule as like core functions of MISRA-C should expand their coding focus on security. In this paper, we used CERT-C secure coding rules for nuclear-related software being developed to demonstrate high-safety software, and proposed how to remove software weakness during development.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.10
• /
• pp.831-840
• /
• 2013

Recently, to enhance the security of software, static analysis tools for removing weaknesses, the cause of vulnerability, have been used a lot in the software development stage. Therefore, the tools need to have the rules being able to diagnose various weaknesses. Top 5 weaknesses found in the software developed by major domestic information projects from 2011 to 2012 is 76% of top 10 weaknesses per year. Software security can be improved a lot if top 5 weaknesses just are removed properly in software development. In this paper, we propose the PMD's rules for diagnosing the major weaknesses and present the results of its performance test.

• Journal of Korean Academy of Nursing Administration
• /
• v.5 no.2
• /
• pp.317-336
• /
• 1999

Official nursing education of Korea under Japanese rule began in order to make the communication possible among Japanese medical men and Korean patients. It could generate high standard nurses from the beginning. Nurses licensure began in 1914 and the graduates of official nursing schools could get nurses licensure without further test. Official nursing education became the standard of R.N. education. The curriculum emphasized on Japanese and ethics first, and in order to produce nurse, practice second. In 1920 the shortage of nurse became serious problem, so the Japanese colonial authorities set up 5 official nursing school in large scale. In 1922 they revised the relevant laws and regulations to make the nursing licensure pass all over Japanese ruling area. 8-year preliminary education and 2 year curriculum became standard of official nursing education after then. Other nursing schools should satisfy this standard to let their graduate get nurses licensure without further test. Curriculum was revised to satisfy the dual goal of 'good housewife' and 'good nurse'. Every official nursing school tried to raise educational standard Nursing science was specialized and more emphasis was put on the occupational education. From the late 1930s, Japanese desperately needed additional manpower to replenish the dwindling ranks of their military and labor forces. They tried to produce more nurses by increase nursing school. Students had to do wartime work instead of study. Younger students could enter nursing school, and general school could produce R.N. In conclusion, nursing education of Korea under Japanese rule was determined by the official nursing education. The Japanese colonial authorities lead the official nursing education. It made nursing education fixed early and produced high standard R.N. But it made nursing education withdraw in late Japanese rule period. Nursing education of Korea began quite weak in the need of nursing and Korea herself. The weakness became a subject of nursing education of Korea after Japanese rule to produce better R.N..

• Journal of Physiology & Pathology in Korean Medicine
• /
• v.18 no.1
• /
• pp.22-27
• /
• 2004

Seop-Gye divided up the constitution's strength and weakness, and so he cured disease by the 'cold and heat'. 'deficiency and excessiveness' means on the basis of the YINㆍYANG of constitution. He classified constitution with pathogenesis grounding in body formal distinction, flesh hardness and softness, face color and form, skin color. Therefore he grasped the rule of constitution connected with physiological function and pathological distinction, applied the rule of constitution in the diagnosis and cure of the chronic & epidemic febrile disease.

• Journal of Korea Society of Industrial Information Systems
• /
• v.8 no.4
• /
• pp.8-16
• /
• 2003

This paper moses a method to solve the weakness in Snort, the network based intrusion detection system. Snort which is the rule-based intrusion detection system dose not supports a protection method for their own rules which are signatures to detect intrusions. Therefore the purpose of this paper is to provide a scheme for protecting rules. The system with the proposed scheme could support integrity and confidentiality to the rules.

• Journal of Korea Water Resources Association
• /
• v.30 no.3
• /
• pp.269-278
• /
• 1997

Operating rules, the basic principle of reservoir operation, are mostly developed from maximum or minimum, mean inflow series so that those rules cannot be used in practical operating situations to estimate the expected benefits or provide the operating policies for uncertainty conditions. Many operating rules based on the deterministic method that considers all operation variables including inflows as known variables can not reflect to uncertainties of inflow variations. Explicit operating rules can be developed for improving the weakness. In this method, stochastic trend of inflow series, one of the reservoir operation variables, can be directly method, the stochastic technique was applied to develop reservoir operating rule. In this study, stochastic dynamic programming using the concepts was applied to develop optimal operating rule for the Chungju reservoir system. The developed operating rules are regarded as a practical usage because the operating policy is following up the basic concept of Lag-1 Markov except for flood season. This method can provide reservoir operating rule using the previous stage's inflow and the current stage's beginning storage when the current stage's inflow cannot be predicted properly.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.735-743
• /
• 2020

Secure coding is a technique that detects malicious attack or unexpected errors to make software systems resilient against such circumstances. In many cases secure coding relies on static analysis tools to find vulnerable patterns and contaminated data in advance. However, secure coding has the disadvantage of being dependent on rule-sets, and accurate diagnosis is difficult as the complexity of static analysis tools increases. In order to support secure coding, we apply machine learning techniques, such as DNN, CNN and RNN to investigate into finding major weakness patterns shown in secure development coding guides and present machine learning models and experimental results. We believe that machine learning techniques can support detecting security weakness along with static analysis techniques.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.5
• /
• pp.972-977
• /
• 2003

XML has weakness problems on document modulation and elimination of data Because of the XML gives priority to present data format, XML signature, XML encryption, or XML access control is provided to overcome those weakness problems. However, structured XML efficiency contravention problem occurred from XML encryption and absence of protection from DID attack are still remains unsolved. In this paper, we suggests the XML schema that satisfies both validity and encryption. The DTD is unnecessary because XML schema supports Well-Formed XML documents and include meta information. Also XML schema has possibility to generate each XML document dynamically and because of self efficiency investigator rule, it has an advantage on extendability of DID based encryption of XML documents.

• IEIE Transactions on Smart Processing and Computing
• /
• v.6 no.3
• /
• pp.183-192
• /
• 2017

k-nearest neighbor (K-NN) is a well-known classification algorithm, being feature space-based on nearest-neighbor training examples in machine learning. However, K-NN, as we know, is a lazy learning method. Therefore, if a K-NN-based system very much depends on a huge amount of history data to achieve an accurate prediction result for a particular task, it gradually faces a processing-time performance-degradation problem. We have noticed that many researchers usually contemplate only classification accuracy. But estimation speed also plays an essential role in real-time prediction systems. To compensate for this weakness, this paper proposes correlation coefficient-based clustering (CCC) aimed at upgrading the performance of K-NN by leveraging processing-time speed and plurality rule-based density (PRD) to improve estimation accuracy. For experiments, we used real datasets (on breast cancer, breast tissue, heart, and the iris) from the University of California, Irvine (UCI) machine learning repository. Moreover, real traffic data collected from Ojana Junction, Route 58, Okinawa, Japan, was also utilized to lay bare the efficiency of this method. By using these datasets, we proved better processing-time performance with the new approach by comparing it with classical K-NN. Besides, via experiments on real-world datasets, we compared the prediction accuracy of our approach with density peaks clustering based on K-NN and principal component analysis (DPC-KNN-PCA).