• International journal of advanced smart convergence
• /
• v.10 no.4
• /
• pp.22-29
• /
• 2021

For web application vulnerability diagnosis, from the development stage to the operation stage, it is possible to stably operate the web only when there is a policy that is commonly applied to each task through diagnosis of vulnerabilities, removal of vulnerabilities, and rapid recovery from web page damage. KISA presents 28 evaluation items for technical vulnerability analysis of major information and communication infrastructure. In this paper, we diagnose the vulnerabilities in the automobile goods shopping mall website and suggest security measures according to the vulnerabilities. As a result of diagnosing 28 items, major vulnerabilities were found in three items: cross-site scripting, cross-site request tampering, and insufficient session expiration. Cookie values were exposed on the bulletin board, and personal information was exposed in the parameter values related to passwords when personal information was edited. Also, since the session end time is not set, it was confirmed that session reuse is always possible. By suggesting security measures according to these vulnerabilities, the discovered security threats were eliminated, and it was possible to prevent breaches in web applications and secure the stability of web services.

• Korean Journal of Occupational Health Nursing
• /
• v.8 no.1
• /
• pp.68-83
• /
• 1999

Occupational health nursing (OH N) guide book has been perceived as necessary since group occupational health services started. This study aimed to develop the guidebook for occupational health nurses working in small-scale enterprises(SSE). The guide area of nursing services was selected in 10 categories. These areas were 4 Workplace attitude for occupational health nursing', 'Nursing process', 'Workplace environmental monitoring', 'Personal protective devices', 'Record', 'Health counselling', 'Communication', 'Health education', 'Health screening' and 'Health promotion'. The content was mainly constructed with literature review. The pretest was done to find out what OH nurses do feel about their OH nursing services. Figures were used to guide some occupational health nursing services (OHNS). The further research was expected to develop in more extensive depth and quality.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.2
• /
• pp.422-427
• /
• 2015

Medical paradigm shift has been based on disease treatment into wellness care so that changes need more IT-based smart medical services. In addition, individual based smart devices are more focused on healthcare services and can provide access to personal medical information, health conditions and social welfare managed by users. In this paper, IEEE11073 PHD (Personal Health Devices) and HL7 (Health Level 7) standards of legacy healthcare devices are developed for communicating with each individual based smart device and providing healthcare service in smart TV environment through a unified home healthcare gateway.

• Journal of Information Technology Services
• /
• v.22 no.3
• /
• pp.29-47
• /
• 2023

With the recent advancement of information and communication technologies such as artificial intelligence, big data, cloud computing, and 5G, data is being produced and digitized in unprecedented amounts. As a result, data has emerged as a critical resource for the future economy, and overseas countries have been revising laws for data protection and utilization. In Korea, the 'Data 3 Act' was revised in 2020 to introduce institutional measures that classify personal information, pseudonymized information, and anonymous information for research, statistics, and preservation of public records. Among them, it is expected to increase the added value of data by combining pseudonymized personal information, and to this end, "the Expert Data Combination Agency" and "the Expert Data Agency" (hereinafter referred to as the Expert Data Processing Agency) system were introduced. In comparison to these domestic systems, we would like to analyze similar overseas systems, and it was recently confirmed that the Vermont government in the United States enacted the first "Data Broker Act" in the United States as a measure to protect personal information held by data brokers. In this study, we aim to compare and analyze the roles and functions of the "Expert Data Processing Agency" and "Data Broker," and to identify differences in designated standards, security measures, etc., in order to present ways to contribute to the activation of the data economy and enhance information protection.

• Journal of Convergence for Information Technology
• /
• v.9 no.7
• /
• pp.100-105
• /
• 2019

As IoT Technology develops and Era of Hyperconnectivity comes, various kinds of customized services became available. As a next-generation display, a smart mirror accesses multimedia devices and provides various services, so it can serve as a social learning tool for the children and the old ones, as well as adults who need information. Smart Mirror must be able to identify users for individualized services. However, since the Smart Mirror is an easily accessible device, there is a possibility that information such as an individual's pattern and habit stored in the smart mirror may be exposed to the outside. Also, the other possibility of leakage of personal location information is through personal schedule or appointment stored in the smart mirror, and another possibility that privacy can be violated is through checking the health state via personal photographs. In this research, we propose a system that identify users by the information the users registered about their physique just like their face, one that provides individually customized service to users after identifying them, and one which provides minimal information and service for unauthenticated users.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1832-1853
• /
• 2018

The personal health record (PHR) system is a promising application that provides precise information and customized services for health care. To flexibly protect sensitive data, attribute-based encryption has been widely applied for PHR access control. However, escrow, exposure and abuse of private keys still hinder its practical application in the PHR system. In this paper, we propose a coordinated ciphertext policy attribute-based access control with user accountability (CCP-ABAC-UA) for the PHR system. Its coordinated mechanism not only effectively prevents the escrow and exposure of private keys but also accurately detects whether key abuse is taking place and identifies the traitor. We claim that CCP-ABAC-UA is a user-side lightweight scheme. Especially for PHR receivers, no bilinear pairing computation is needed to access health records, so the practical mobile PHR system can be realized. By introducing a novel provably secure construction, we prove that it is secure against selectively chosen plaintext attacks. The analysis indicates that CCP-ABAC-UA achieves better performance in terms of security and user-side computational efficiency for a PHR system.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.549-554
• /
• 2014

Studies on the intelligent vehicles that are converged with IT and vehicular technologies are currently under active discussion. A variety of communication technologies for safety intelligent vehicle services are support. As such intelligent vehicles use communication technologies, they are exposed to the diverse factors of security threats. To conduct intelligent vehicle security authentication solutions, there are some factors that can be adopted ownership, knowledge and biometrics[6,7]. This paper proposes to analyze the factors to threaten intelligent vehicle, which are usually intruded through communication network system and the security solution using biometric authentication scheme. This study proposed above user's biometrics information-based authentication scheme that can solve the anticipated problems with an intelligent vehicle, which requires a higher level of security than existing authentication solution.

• Korean Journal of Child Studies
• /
• v.37 no.3
• /
• pp.83-93
• /
• 2016

Objective: This study examined that general characteristics such as gender, age, period of stay at an institution, size of facility, and temperament and attachment affect young children's development under institutional care. Methods: A total of 94 young children (ages 2-4years), who live in 32 institutions in Seoul were assessed on their development using the Korean-Age & Stage Questionnaire. Pearson productmoment correlation analysis, and multiple regression analyses were used for data analysis. Results: The major findings of this study were as follows: first, a longer period of stay at an institution had more positive effects on the development of communication. Facilities with more than 60 children had lower communication, gross motor, and fine motor development compared to facilities with less than 60 children. Second, social temperament had positive effects on communication, problem solving, and personal-social development. Emotional temperament had no effects on all development areas. Third, attachment had positive effects on all development areas. Lastly, social temperament and attachment had interactive effects on communication, gross motor, problem solving, and personal-social development. Conclusion: These results imply that caretakers in institutions should give developmental mediation services for considering temperament and facilitation of attachment.

• Journal of KIISE:Computing Practices and Letters
• /
• v.6 no.3
• /
• pp.299-310
• /
• 2000

In this paper, we designed and implemented a personal VOD server using multi-thread for the real-time services of video data to the users. The system consists of service manager, disk manager, and network manager. The service manager controls the user admission to the system using the VBR(Variable Bit Rate) characteristics of MPEG (Moving Picture Experts Group) video data. The disk manager provides the functions for VCR-like operations. The disk manager reads blocks from the disk by the size of GOP(Group of Pictures) and buffers the data to the user's thread. The network manager uses TCP/IP for the communication between the server and the client. The communication starts from the client and the VOD server must respond to this request. The implemented personal VOD system shows an acceptable performance.

• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.1
• /
• pp.55-60
• /
• 2020

Adaptive recommendation systems have been developed with big data processing as a system that provides services tailored to users based on user information and usage patterns. Deep learning can be used in these adaptive recommendation systems to handle big data, providing more efficient user-friendly recommendation services. In this paper, we propose a system that uses deep learning to categorize and recommend tourism types to suit the user's personality. The system was divided into three layers according to its core role to increase efficiency and facilitate maintenance. Each layer consists of the Service Provisioning Layer that real users encounter, the Recommendation Service Layer, which provides recommended services based on user information entered, and the Adaptive Definition Layer, which learns the types of tourism suitable for personality types. The proposed system is highly scalable because it provides services using deep learning, and the adaptive recommendation system connects the user's personality type and tourism type to deliver the data to the user in a flexible manner.