• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.167-176
• /
• 2021

This is the world of computer science and innovations. In this modern era, every day new apps, webs and software are being introduced. As well as new apps and software are being introduced, similarly threats and vulnerable security matters are also increasing. Web apps are software that can be used by customers for numerous useful tasks, and because of the developer experience of good programming standards, web applications that can be used by an attacker also have multiple sides. Web applications Security is expected to protect the content of critical web and to ensure secure data transmission. Application safety must therefore be enforced across all infrastructure, including the web application itself, that supports the web applications. Many organizations currently have a type of web application protection scheme or attempt to build/develop, but the bulk of these schemes are incapable of generating value consistently and effectively, and therefore do not improve developers' attitude in building/designing stable Web applications. This article aims to analyze the attacks on the website and address security scanners of web applications to help us resolve web application security challenges.

• Proceedings of the KSRS Conference
• /
• 2008.10a
• /
• pp.45-48
• /
• 2008

Since the mid-2000, so-called Web 2.0 paradigm was emerged and has been widely extended to actual Web markets with supporting Web technologies. Among Web 2.0 services, mashups with Open APIs is regarded as one of core technologies. Web mapping is also the most dominant mashup application in Open API-based applications, so that various mashups with Google Map API and other Open APIs are developing. In this paper, current technological status is explained with web GIS file formats of KML. While, a prototype is web-based GIS layer authoring system for general users, without any kinds of GIS tools and external spatial databases. This mashup application will be used web-based feature extraction for geo-spatial web for public users.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.817-828
• /
• 2018

Modern software, especially web-based software, is broadly used in various fields. Most web applications employ design patterns, such as a model-view-controller (MVC) pattern and a factory pattern as development technology, so the application can have a good architecture to facilitate maintenance and productivity. A web application, however, may have defects and developers must fix the defects when a user submits bug reports. In this paper, we propose a novel approach to improving fault traceability in web application by using software revision information and software behavior model to reduce costs and effectively handle the software defect. We also provide a case study to show effectiveness of our approach.

• The Journal of Society for e-Business Studies
• /
• v.12 no.2
• /
• pp.111-132
• /
• 2007

Developing and managing Web applications are more complex than ever because of their growing functionalities, advancing Web technologies, increasing demands for integration with legacy applications, and changing content and structure. All these factors call for a more inclusive and comprehensive Web application design method. In response, we propose a context-based Web application design methodology that is based on several classification schemes including a Webpage classification, which is useful for identifying the information delivery mechanism and its relevant Web technology; a link classification, which reflects the semantics of various associations between pages; and a software component classification, which is helpful for pinpointing the roles of various components in the course of design. The proposed methodology also incorporates a unique Web application model comprised of a set of information clusters called compendia, each of which consists of a theme, its contextual pages, links, and components. This view is useful for modular design as well as for management of ever-changing content and structure of a Web application. The proposed methodology brings together all the three classification schemes and the Web application model to arrive at a set of both semantically cohesive and syntactically loose-coupled design artifacts.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.161-168
• /
• 2007

Web attack uses structural, logical and coding error or web application rather than vulnerability to Web server itself. According to the Open Web Application Security Project (OWASP) published about ten types of the web application vulnerability to show the causes of hacking, the risk of hacking and the severity of damage are well known. The detection ability and response is important to deal with web hacking. Filtering methods like pattern matching and code modification are used for defense but these methods can not detect new types of attacks. Also though the security unit product like IDS or web application firewall can be used, these require a lot of money and efforts to operate and maintain, and security unit product is likely to generate false positive detection. In this research profiling method that attracts the structure of web application and the attributes of input parameters such as types and length is used, and by installing structural database of web application in advance it is possible that the lack of the validation of user input value check and the verification and attack detection is solved through using profiling identifier of database against illegal request. Integral security management system has been used in most institutes. Therefore even if additional unit security product is not applied, attacks against the web application will be able to be detected by showing the model, which the security monitoring log gathering agent of the integral security management system and the function of the detection of web application attack are combined.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.10
• /
• pp.669-678
• /
• 2013

Recently, because the portable devices became popular, it is easily to see that each person carries more than just one portable device and the use of the smartphone stretches as time goes by. After the smartphone has propagated rapidly, the total usage of the smartphone applications has also increased. But still, each application store has a different platform to develop and to apply an application. The application store is divided into two big markets, the Android and the Apple. So the developers have to develop their application by using these two different platforms. Developing into two different platforms almost makes a double development cost. And for the other platforms, the weakness is, which still have a small market breadth like Bada is not about the cost, but about drawing the proper developers for the given platform application development. The web application is rising up as the solution to solve these problems, reducing the cost and time in developing applications for every platform. For web applications don't need to make a vassal relationship with application markets platform. Which makes it possible for an application to operate properly in every portable devices and reduces the time and cost in developing. Therefore, all of the application markets could be united into one big market through a protocol which will connect each web applications market. But, still there is no standard for the web application store and no current web application store is possible to interlock with other web application stores. In this paper, we are trying to suggest a protocol by developing a prototype and prove that this protocol can supplement the current weakness.

• Proceedings of the Korea Contents Association Conference
• /
• 2006.11a
• /
• pp.7-12
• /
• 2006

한때 word process를 하기 위해 PC를 구매하던 때가 있었다. 그리고 지금도 word process 기능은 PC를 쓰는데 없어서는 안 될 기능중 하나이다. 그리고 최근 들어 web2.0의 추세와 함께 일반 application에서 수행하였던 Application들이 Web에서 수행이 가능한 web application으로 변화하고 진화하는 추세이다. 따라서 본 논문에서는 Ajax(Asynchronous Javascript And XML)기반의 공유 word process인 'Ajax기반 공유 word'를 만들었다. 이는 웹에서 WYSIWYG(what you see is what you get)으로 문서를 편집하면서 문서들을 사용자간 공유하고 문서의 변경내용을 다른 사용자가 실시간으로 확인할 수 있는 web application이다.

• Proceedings of the KAIS Fall Conference
• /
• 2009.05a
• /
• pp.507-510
• /
• 2009

최근 인터넷쇼핑몰은 판매자 중심에서 구매자 중심으로 변화하고 있으며, 새로운 사용자 경험(User Experience)의 요구하고 있다. 본 논문에서는 웹 표준 및 접근성을 고려하여 사용성(Usability)과 효율성을 기반으로 상호작용하는 동적인 Web Application 기술을 적용하여 새로운 사용자 경험(User Experience)을 제공하고 전자상거래의 새로운 패러다임을 제시할 수 있는 사용자(구매자) 및 관리자(판매자)의 동적인 유저인터페이스(UI : User Interface)가 가능한 Web Application을 제언 하는 데에 그 목적이 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.755-758
• /
• 2011

현재 인터넷의 최대의 관심사는 HTML5의 등장으로 인한 Web Page의 변화이다. 다양한 분야에서 영향을 미칠 것으로 최근 들어 급격히 무선 네트워크 사용률이 증가한 스마트폰에서도 Web Application이 등장하고 있다. 하지만 Web Application은 Native Application보다 소스 보안에 대해 매우 취약하며 본 연구에서는 이에 대한 분석과 보안을 위해 요구되는 HTML5 기능에 대해 언급한다.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.9
• /
• pp.2846-2856
• /
• 2000

Recently, according to the rapid development of web technology, a lot of applications based on web techniques have been developed. However, most of web applications have been developed relying on knowledge and experiences of the developer without systematic process. Web Applications are seldom developed in isolation. For web application designers, the simple and semantically rich methodology is needed to improve design and development process. In this paper, we propose a new development process methodology to improve low level technology based application development process which do not provide high level abstraction. We also suggest a new methodology to construct applications based on web. We describe a systematic web application development process by using Navigation Diagram as a analysis, design modeling method to develop web application with productivity and Quality. We apply the new development process to the EPBS(Electronic Problem Bank System) as examples. Web application development process proposed in this thesis can be maintained through reverse development, because it can be defined as high level abstraction for modeling. It is very easy to be understood as a process based on models. Also, analysis and design models can be reused as useful component whenever similar web application is developed.