• Informatization Policy
• /
• v.20 no.3
• /
• pp.86-105
• /
• 2013

In the aspects of existing cultivation and management of forest resources, national forest informatization has been promoted so that the public can use the resources and so that efficient and systematic cultivation and management of forest resources can be performed constantly. In particular, even though forest informatization has been attempted a lot despite the distinct characteristics of forest, the attempts have achieved little effects. Typically, many of the internal work systems of Korea Forest Service have been built for the purpose of collecting top-down data in the main office rather than the actual work site, and also, from the aspects of use by the public as well, various contents have been provided by the persons concerned, so useful information has not been able to be transmitted systematically. Therefore, Korea Forest Service has promoted IT governance concept and EA-based informatization as a way to solve enterprise problems and also reinforce work and service in the existing system to promote the project to build the foundation of national forest informatization. Based on this, this study suggests chief challenges or implications.

• Journal of the Korea Society for Simulation
• /
• v.20 no.4
• /
• pp.97-104
• /
• 2011

Defense M&S software industry has carried out a variety of studies related to an efficient implementation of large-scale simulation and interoperability with respect to each of the system and HLA has been developed to provide a common architecture for distributed simulation of them. HLA defines Federate interface specification and provides services through RTI. Meanwhile, the difficulty lies in developing the software based HLA. Federate developer needs to understand how to handle Metadata produced RTI and has to modify the interface code whenever FDD is modified. This paper presents the implementation method of SOM interface using the code generation technique and middleware architecture for providing simple API. It solves the problem for implementing the framework of distributed object communication by using proposed method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.12
• /
• pp.1700-1709
• /
• 2019

Recently, many researches have been under way to develop systems (services) to support the safety navigation of ships, and in these studies, common difficulties have been encountered in assessing the usefulness and effectiveness of the developed system. To solve these problems, we propose the DEVS-based ship navigation modeling and simulation technique. Following the preceding study, we analyze the COLREG rules and reflected to officer and helmsman agent models for decision making. Also we propose estimation and interpolation techniques to adopt the motion characteristics of the actual vessel to simulation. In addition, we implement the navigation simulation system to reflect the designed proposed methods, and we present five-scenarios to verify the developed simulation system. And we conduct simulations according to each scenario and the results were reconstructed. The simulation results confirm that the components modelled in each scenario enable to operate according to the navigation relationships.

• Journal of KIISE:Software and Applications
• /
• v.34 no.4
• /
• pp.303-316
• /
• 2007

Even though many approaches for reuse have been introduced, software engineers are still hesitating to reuse existing software components. Among various reasons for the phenomena, the most significant one is that existing approaches failed to give substantial benefit for the reduction of developers' effort in reusing software assets. To solve this problem, we introduce a custom reuse model utilizing diverse aspects of components specified by RAS and services oriented architecture. We also carried out a case study to demonstrate its feasibility and evaluated it by comparing it to an existing code-based software reuse process. The proposed reuse model helps in the reduction of effort in reusing existing components by decreasing the time for searching and understanding them. Compared to other approaches such as product line engineering, our approach for software reuse using MPC does not require much initial work for implementing the reuse model in different projects. It is of interest to software engineers who are worried about heavy investment, which can cause the delay in their usual development work. Furthermore, the proposed reuse model is not mutually exclusive with other approaches for software reuse such as CBSD or product line engineering. It can accelerate the benefits gained from them.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.427-434
• /
• 2006

Broadband Convergence Network(BcN) is a critical infrastructure to provide wired-and-wireless high-quality multimedia services by converging communication and broadcasting systems, However, there exist possible danger to spread the damage of an intrusion incident within an individual network to the whole network due to the convergence and newly generated threats according to the advent of various services roaming vertically and horizontally. In order to cope with these new threats, we need to analyze the vulnerabilities of BcN in a system architecture aspect and classify them in a systematic way and to make the results to be utilized in preparing proper countermeasures, In this paper, we propose a new classification of vulnerabilities which has been extended from the ITU-T recommendation X.805, which defines the security related architectural elements. This new classification includes system elements to be protected for each service, possible attack strategies, resulting damage and its criticalness, and effective countermeasures. The new classification method is compared with the existing methods of CVE(Common Vulnerabilities and Exposures) and CERT/CC(Computer Emergency Response Team/Coordination Center), and the result of an application to one of typical services, VoIP(Voice over IP) and the development of vulnerability database and its management software tool are presented in the paper. The consequence of the research presented in the paper is expected to contribute to the integration of security knowledge and to the identification of newly required security techniques.

• The Transactions of the Korea Information Processing Society
• /
• v.13 no.9
• /
• pp.404-412
• /
• 2024

The adoption of cloud environments has revolutionized application deployment and management, with microservices architecture and container technology serving as key enablers of this transformation. However, these advancements have introduced new challenges, particularly the necessity to precisely understand service interactions and conduct detailed analyses of internal processes within complex service environments such as microservices. Traditional monitoring techniques have proven inadequate in effectively analyzing these complex environments, leading to increased interest in eBPF (extended Berkeley Packet Filter) technology as a solution. eBPF is a powerful tool capable of real-time event collection and analysis within the Linux kernel, enabling the monitoring of various events, including file system activities within the kernel space. This paper proposes a container activity analysis system based on eBPF, which monitors events occurring in the kernel space of both containers and host systems in real-time and analyzes the collected data. Furthermore, this paper conducts a comparative analysis of prominent eBPF-based container monitoring systems (Tetragon, Falco, and Tracee), focusing on aspects such as event detection methods, default policy application, event type identification, and system call blocking and alert generation. Through this evaluation, the paper identifies the strengths and weaknesses of each system and determines the necessary features for effective container process monitoring and restriction. In addition, the proposed system is evaluated in terms of container metadata collection, internal activity monitoring, and system metadata integration, and the effectiveness and future potential of eBPF-based monitoring systems.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.

• Journal of Internet Computing and Services
• /
• v.9 no.5
• /
• pp.59-72
• /
• 2008

Computing systems in the modern era are expanding rapidly to include mobile-based businesses that make us of the various convergence distributed business process. This has lead to growing interest in the field of mobile embedded software development methodology, which has in turn lead to the proliferation of the embedded mobility. The use of CBD (Component Based Development) provides reusability, maintainability and portability, all of which are very important and focus issues to the business process. It also comes with the inherent productivity, quality and reliability of CBD. To make efficient use of CBD, though, clarified interface definitions for component integration are necessary. These definitions should be made up of collaborative hierarchical and horizontal architecture layers. Successful definitions should apply an effective framework made up of the architecture and process. In this paper, we describe an interface specification for small grained mobile embedded components(MEC) for the mobile embedded domain to meet maximum user requirements. We build and deploy the reconfigurable design patterns and components (in business domain categories) to make a component hierarchy and business logics for mobile embedded software. Proposed components specification plays a major role in development of the software for handling inconsistency in existing specification. It also includes plenty of specification information, using semantics and modeling based mechanisms to support business processes. We propose a development model of mobile embedded software using CBD for very complex and dynamic mobile business. We can apply it in a plug and play manner to develop the software. We verify that our framework supports very good productivity, quality and maintainability to meet the user's requirements in mobile business.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.4
• /
• pp.752-757
• /
• 2016

Machine to Machine (M2M) communications is communications between a business application and devices via a communication network without any direct human interaction. The aim of our research is to connect any M2M device with an M2M AS (Application server) through an IMS (IP Multimedia Subsystem) Network Core using a M2M Gateway, in order to develop an M2M Horizontal Services Platform over IMS. An IP Multimedia Subsystem (IMS) is an architectural framework defined by the wireless standards body of the 3rd Generation Partnership Project (3GPP) for delivering IP multimedia services to mobile users. This paper shows the design and implementation of a Horizontal M2M Network Services Platform over an IP Multimedia Subsystem (IMS) using the Message Session Relay Protocol (MSRP). We summarize the protocols and architectures that formed the basis for the creation of our architecture. We provide a detailed description of our architecture design, describing the call flow of the proposed architecture and the entities operating in each process. We also describe the design and implementation process detailing the different tools used, explaining the selection of each component and its importance; also how we designed and implemented the M2M gateway, M2M Application Server, Open IMS Core, business application and M2M devices.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.12
• /
• pp.291-306
• /
• 2020

Nowadays, Data-Network-AI (DNA)-based intelligent services and applications have become a reality to provide a new dimension of services that improve the quality of life and productivity of businesses. Artificial intelligence (AI) can enhance the value of IoT data (data collected by IoT devices). The internet of things (IoT) promotes the learning and intelligence capability of AI. To extract insights from massive volume IoT data in real-time using deep learning, processing capability needs to happen in the IoT end devices where data is generated. However, deep learning requires a significant number of computational resources that may not be available at the IoT end devices. Such problems have been addressed by transporting bulks of data from the IoT end devices to the cloud datacenters for processing. But transferring IoT big data to the cloud incurs prohibitively high transmission delay and privacy issues which are a major concern. Edge computing, where distributed computing nodes are placed close to the IoT end devices, is a viable solution to meet the high computation and low-latency requirements and to preserve the privacy of users. This paper provides a comprehensive review of the current state of leveraging deep learning within edge computing to unleash the potential of IoT big data generated from IoT end devices. We believe that the revision will have a contribution to the development of DNA-based intelligent services and applications. It describes the different distributed training and inference architectures of deep learning models across multiple nodes of the edge computing platform. It also provides the different privacy-preserving approaches of deep learning on the edge computing environment and the various application domains where deep learning on the network edge can be useful. Finally, it discusses open issues and challenges leveraging deep learning within edge computing.