• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.12
• /
• pp.1577-1588
• /
• 2018

Recently, many researches are progressing to support the operation and maintenance works of vessels using analyzed result based on various information of equipment. The interfaces of communication equipment are standardized very well, but the interfaces of machinery and other parts are not standardized yet. For that reason, there has limitations for data exchange and management. To solve the problem, the ISO is establishing new standards which are ISO 19847 for shipboard data servers th share field data at sea and ISO 19848 for standard data for shipboard machinery and equipment. In this paper, we developed a data management platform for shipboard machinery equipment, and tested the field data exchanging using the developed platform based on the standards. To do this, we analyzed the requirements of the standards and related researches, and designed an architecture of shipboard data platform that satisfied the requirements. Also, we developed components of the designed platform architecture and verified the effectiveness for it.

• Smart Media Journal
• /
• v.8 no.2
• /
• pp.29-38
• /
• 2019

With the advancement of information and communication technology, tactical networks are continuously being converted to All-IP future tactical networks that integrate all application services based on Internet protocol. Futuristic tactical mesh network is built with tactical WAN (wide area network) nodes that are inter-connected by a mesh structure. In order to guarantee QoS (quality of service) of application services, tactical service mesh (TSM) is suggested as an intermediate layer between infrastructure and application layers for futuristic tactical mesh network. The tactical service mesh requires dynamic QoS monitoring and control for intelligent QoS coordination. However, legacy networking nodes used for existing tactical networks are difficult to support these functionality due to inflexible monitoring support. In order to resolve such matter, we propose a tactical mesh WAN node as a hardware/software co-designed networking node in this paper. The tactical mesh WAN node is conceptually designed to have multi-access networking interfaces and virtualized networking switches by leveraging the DANOS whitebox server/switch. In addition, we explain how to apply eBPF-based traffic monitoring to the tactical mesh WAN node and verify the traffic monitoring feasibility for supporting QoS coordination of tactical-mesh traffic.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.18 no.5
• /
• pp.126-141
• /
• 2019

One of the Cooperative Intelligent Transportation System(C-ITS) priority services is collision prevention support service. Several studies have considered V2I2V communication-based collision prevention support services using Artificial Neural Networks(ANN). However, such services still show some issues due to a low penetration of C-ITS devices and large delay, particularly when loading massive traffic data into the server in the C-ITS center. This study proposes the Artificial Neural Network-based Collision Warning Service(ACWS), which allows upstream vehicle to update pre-determined weights involved in the ANN by using real-time sectional traffic information. This research evaluates the proposed service with respect to various penetration rates and delays. The evaluation result shows the performance of the ACWS increases as the penetration rate of the C-ITS devices in the vehicles increases or the delay decreases. Furthermore, it reveals a better performance is observed in more advanced ANN model-based ACWS for any given set of conditions.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.19-31
• /
• 2018

As the ICT technologies advance, the unprecedently large amount of digital data is created, transferred, stored, and utilized in every industry. With the data scale extension and the applying technologies advancement, the new services emerging from the use of large scale data make our living more convenient and useful. But the cybercrimes such as data forgery and/or change of data generation time are also increasing. For the data security against the cybercrimes, the technology for data integrity and the time verification are necessary. Today, public key based signature technology is the most commonly used. But a lot of costly system resources and the additional infra to manage the certificates and keys for using it make it impractical to use in the large-scale data environment. In this research, a new and far less system resources consuming signature technology for large scale data, based on the Hash Function and Merkle tree, is introduced. An improved method for processing the distributed hash trees is also suggested to mitigate the disruptions by server failures. The prototype system was implemented, and its performance was evaluated. The results show that the technology can be effectively used in a variety of areas like cloud computing, IoT, big data, fin-tech, etc., which produce a large-scale data.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.117-128
• /
• 2018

The purpose of this paper is to analyze the behavior of North Korea's cyber attack against South Korea since 2009 based on major international security theories and suggest South Korea's policy option. For this purpose, this paper applied the behavioral domain and characteristics of 'cyber power' and 'coercion dynamics' model, which are attracting attention in international security studies. The types of cyber attacks from North Korea are classified into the following categories: power-based incarceration, leadership attacks and intrusions, military operations interference, and social anxiety and confusion. In terms of types and means of cyber power, North Korean GPS disturbance, the Ministry of Defense server hacking and EMP are hard power with high retaliation and threat and cyber money cashing and ransomware are analyzed by force in the act of persuasion and incentive in the point of robbing or asking for a large amount of money with software pawns. North Korea 's cyber attack has the character of escape from realistic sanctions based on the second nuclear test. It is important for South Korea to clearly recognize that the aggressive cyberpower of North Korea is changing in its methods and capabilities, and to ensure that North Korea's actions result in far greater losses than can be achieved. To do this, it is necessary to strengthen the cyber security and competence to simultaneously attack and defend through institutional supplement and new establishment such as cyber psychological warfare, EMP attack preparation, and enhancement of security expertise against hacking.

• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.31-40
• /
• 2018

With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.9
• /
• pp.89-96
• /
• 2021

In this paper, we analyzed that the user authentication scheme for TMIS(Telecare Medicine Information System) proposed by Al-Saggaf et al. In 2019, Al-Saggaf et al. proposed authentication scheme using biometric information, Al-Saggaf et al. claimed that their authentication scheme provides high security against various attacks along with very low computational cost. However in this paper after analyzing Al-Saggaf et al's authentication scheme, the Al-Saggaf et al's one are missing random number s from the DB to calculate the identity of the user from the server, and there is a design error in the authentication scheme due to the lack of delivery method. Al-Saggaf et al also claimed that their authentication scheme were safe against a variety of attacks, but were vulnerable to password guessing attack using login request messages and smart cards, session key exposure and insider attack. An attacker could also use a password to decrypt the stored user's biometric information by encrypting the DB with a password. Exposure of biometric information is a very serious breach of the user's privacy, which could allow an attacker to succeed in the user impersonation. Furthermore, Al-Saggaf et al's authentication schemes are vulnerable to identity guessing attack, which, unlike what they claimed, do not provide significant user anonymity in TMIS.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2018.05a
• /
• pp.202-202
• /
• 2018

본 논문에서는 분포형 강우-유출 모형인 GRM(Grid based Rainfall-runoff Model)(최윤석, 김경탁, 2017)을 이용해서 낙동강 유역을 대상으로 대유역 홍수해석시스템을 구축하고, 유출해석을 위한 실행시간을 평가하였다. 유출모형은 낙동강의 주요 지류와 본류를 소유역으로 구분하여 모형을 구축하고, 각 소유역의 유출해석 결과를 실시간으로 연계할 수 있도록 하여 낙동강 전체 유역의 유출모형을 구축하였다. 이와 같이 하나의 대유역을 다수의 소유역시스템으로 분할하여 모형을 구축할 경우, 유출해석시스템 구성이 복잡해지는 단점이 있으나, 소유역별로 각기 다른 자료를 이용하여 다양한 해상도로 유출해석을 할 수 있으므로, 소유역별 특성에 맞는 유출모형 구축이 가능한 장점이 있다. 또한 각 소유역시스템은 별도의 프로세스로 계산이 진행되므로, 대유역을 고해상도로 해석하는 경우에도 계산시간을 단축할 수 있다. 본 연구에서는 낙동강 유역을 20개(본류 구간 3개, 1차 지류 13개, 댐상류 4개)의 소유역으로 분할하여 계산 시간을 검토하였으며, 최종적으로 21개(본류 구간 3개, 1차 지류 13개, 댐상류 5개)의 소유역으로 분할하여 유출해석시스템을 구축하였다. 댐 상류 유역은 댐하류와 유량전달이 없이 독립적으로 모의되고, 댐과 연결된 하류 유역은 관측 방류량을 상류단 하천의 경계조건으로 적용한다. 지류 유역은 본류 구간과 연결되고, 지류의 계산 유량은 본류와의 연결지점에 유량조건으로 실시간으로 입력된다. 이때 본류와 지류의 유량 연계는 데이터베이스를 매개로 하였다. 유출해석시스템의 성능을 평가하기 위해서 Microsoft 클라우드 서비스인 Azure를 이용하였다. 낙동강 유역을 20개 소유역으로 구성한 경우에서의 유출해석시스템의 속도 평가 결과 Azure virtual machine instance DS15 v2(OS : Windows Server 2012 R2, CPU : 2.4 GHz Intel $Xeon^{(R)}$ E5-2673 v3 20 cores)에서 1.5분이 소요 되었다. 계산시간 평가시 GRM은 'IsParallel=false' 옵션을 적용하였으며, 모의 기간은 24시간을 기준으로 하였다. 연구결과 분포형 모형을 이용한 대유역 유출해석시스템 구축이 가능했으며, 계산시간도 충분히 단축할 수 있었다. 또한 추가적인 CPU와 병렬계산을 적용할 경우, 계산시간은 더 단축될 수 있으며, 이러한 기법들은 분포형 모형을 이용한 대유역 유출해석시스템 구축시 유용하게 활용될 수 있을 것으로 판단된다.

• Journal of Internet of Things and Convergence
• /
• v.6 no.4
• /
• pp.27-32
• /
• 2020

Along with the aging of the population, the number of dementia patients is increasing, and the social and economic burden is also increasing. Currently, the effective way to manage dementia patients is to identify patients with dementia early. However, in rural and island areas where medical staff are scarce, there is a problem that it is difficult to visit a hospital and get an early examination. Therefore, we propose a remote early detection system for dementia to solve the problems. The remote dementia early diagnosis system is a system that allows a patient to receive examination and treatment from a remote dementia expert using remote medical technology based on real-time image communication. The remote early diagnosis system for dementia consists of a local client system used by medical staff at health centers in the island, an image server that transmits, stores and manages images, and an expert client used by remote dementia experts. The local client subsystem satisfies the current medical law's remote collaboration by allowing the patient to use it with the health center's medical staff. In addition, expert clients are used by dementia experts, and can store/manage patient information, analyze patient history information, and predict the degree of dementia progression in the future.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.1
• /
• pp.654-661
• /
• 2021

Air pollution caused by industrial development has become a level that can seriously threaten human health. In general, indoor air pollution is considered to be lower than outdoors, but modern people live indoors most of the time, thus it is essential to keep the indoor air quality comfortable in order to take care of one's own health and improve the quality of life. Therefore, the development of an indoor environment management platform using Internet of Things and data processing technology, which is currently drawing attention, is considered a very meaningful study. In this paper, we designed an IoT-based management platform that can remotely monitor and control indoor environments. In addition, the functions of the IoT terminal, gateway, and data server constituting the platform were implemented using open source and open libraries, and all functional operations were also verified. In particular, the IoT terminal and the gateway in this paper exchange data using BLE communication, so they can operate with relatively low power and since the gateway uses the BLE Advertising mode, it has the advantage of automatically recognizing IoT terminals that have not been previously configured.