• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.145-153
• /
• 2018

SSL (Secure Socket Layer) and TLS (Transport Layer Security) are widely used protocols for secure and encrypted communication over a computer network. However, there have been reported several security vulnerabilities of SSL/TLS over the years. The vulnerabilities can let an adversary carry out critical attacks on SSL/TLS enabled servers. In this paper, we have developed a system which can periodically scan SSL/TLS vulnerabilities on internal network servers and quickly detects, reports and visualizes the vulnerabilities. We have evaluated the system on working servers of Naver services and analyzed detected vulnerabilities. 816 vulnerabilities are found on 213 internal server domains (4.2 vulnerabilities on average) and most vulnerable servers are not opened to public. However, 46 server domains have old vulnerabilites which were found 2016. We could patch and response to SSL/TLS vulnerabilites of servers by leveraging the proposed system.

• Journal of Navigation and Port Research
• /
• v.34 no.1
• /
• pp.15-19
• /
• 2010

Recently, the wireless LAN system is rapidly growing because of its convenience of high speed communication. However, the wireless LAN systems at indoor places occur multi-propagation path by reflected waves from walls, ceilings, floors, and desks. Multipath problems cause transmission errors and degradation of communication speed. These problems can be solved by using EM wave absorbers. In this paper, we analyzed property of Graphite and derived the optimum ratio of Graphite: CPE to develop EM wave absorber for the wireless LAN system. First, we fabricated several samples in different composition ratios of Graphite and CPE, and then measured the reflection coefficient of each samples. Material constants of permittivity and permeability were calculated using the measured data and designed EM wave absorber. Secondly, the EM wave absorber was fabricated and tested on the base of the simulation data. As a result, it showed that the EM wave absorber in 1.7 mm thickness with the ratio of Graphite: CPE=50:50 wt.% has excellent absorption ability more than 27 dB at 5.2 GHz.

• Journal of the Korea Institute of Building Construction
• /
• v.10 no.6
• /
• pp.49-60
• /
• 2010

Cost Estimating allows each entity in a construction project to plan, distribute, and control its required construction cost for the project. However, existing 2D design based estimating has problems, such as inaccuracy and inefficiency caused by missing, duplicated, or erroneous calculations. In this situation, current estimations for school facilities have more difficulties in forecasting construction costs due to an inadequate work breakdown structure for BOQ (Bill of Quantity) and insufficient guidelines for Basis of Estimate. In this study, therefore, an effort was made to increase the efficiency of estimating for school facilities by applying a 3D modeling based BIM tool to quantity and cost estimates. In addition, this study suggested a reasonable work breakdown structure for BOQ that was appropriate when 3D modeling was applied, and verified it through a case study. The authors tried to provide a BIM-based estimating method for school facilities to obtain greater accuracy and efficiency by having more information in an earlier stage.

• 한국신재생에너지학회:학술대회논문집
• /
• 2006.06a
• /
• pp.459-460
• /
• 2006

현재 남한의 지열류량 측정값으로는 총 363개 지점의 자료가 측정 및 수집되어 있다. 이것은 Mizutani et at. (1970), 장정진 외(1970), 그리고 서정희(1976) 등의 자료, 총 35개의 자료도 추가된 것이다. 1989년 이후부터 측정된 지열류량 자료는 217개 자료이며(임정웅 외, 1989; 임정웅 외, 1996; Lim and Kim, 1997; 염병우 외, 1997), 모두 직접 측정한 것이나, 1989년 이후 보고된 지열류량 자료에 약간의 오류가 있어 이번 연구에서 수정 보완하였다. 또한 과거의 자료 35개 자료는 이미 지열류량 측정치가 논문화 되어 있는 것으로 암석시료는 없다 1989년 이후 2004년까지 자료 217개 2005년도 추가 자료 111개의 지열류량 자료는 암석시료도 있으며, 측정기기가 서로 달라 오차가 있을 수 있어 서로 보정을 해야 할 필요가 있어 시추공 주변 암석을 새로 수집해서 신장비로 다시 측정 보정하였다. 지열류량 D/B 구축은 각 자료의 일련번호, 고유번호 (Sn.), 위경도 좌표 (longitude, lattitude), 암석의 열전도도(thermal conductivity), 지온경사 (thermal gradient), 지열류량 (heat flow)등으로 구성되어 있다. 지열류량 자료 공간 데이터베이스는 점 속성을 가지며 자료형태는 각종 소프트웨어와 호환성이 좋은 shape 파일 형태로 작성하였다. 또만 최근 천부 토양 및 암석 열물성을 이용한 냉난방시스템 즉, Heat Pump System 설계를 위하여 반드시 들어가야 하는 요소인 열확산율, 공극율, 밀도, 비열 등 열물성 특성을 추가하여 GIS 공간 D/B구축하였다. 대륙붕 자료 4개 자료를 제외하고 359개의 지열류량 자료를 이용하여 한반도 남부, 즉 남한의 지열류량 분포도를 작성 분석해 본 결과(그림 1), 우리나라의 지열류량 이상대는 아산만 주변, 보령, 유성, 진안, 울진, 포항, 부산 지역과 포천, 속초, 충주, 수안보 등 지역에서 나타난다 이러한 이상대 주변에는 대개 온천이 발달되어 있었거나 새로 개발되어 있는 곳이다. 온천에 이용하고 있는 시추공의 자료는 배제하였으나 온천이응으로 직접적으로 영향을 받지 않은 시추공의 자료는 사용하였다 이러한 온천 주변 지역이라 하더라도 실제는 온천의 pumping 으로 인한 대류현상으로 주변 일대의 온도를 올려놓았기 때문에 비교적 높은 지열류량 값을 보인다. 한편 한반도 남동부 일대는 이번 추가된 자료에 의해 새로운 지열류량 분포 변화가 나타났다 강원 북부 오색온천지역 부근에서 높은 지열류량 분포를 보이며 또한 우리나라 대단층 중의 하나인 양산단층과 같은 방향으로 발달한 밀양단층, 모량단층, 동래단층 등 주변부로 NNE-SSW 방향의 지열류량 이상대가 발달한다. 이것으로 볼 때 지열류량은 지질구조와 무관하지 않음을 파악할 수 있다. 특히 이러한 단층대 주변은 지열수의 순환이 깊은 심도까지 가능하므로 이러한 대류현상으로 지표부근까지 높은 지온 전달이 되어 나타나는 것으로 판단된다.

• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.81-91
• /
• 2016

VANET is one of the most developed technologies many people have considered a technology for the next generation. It basically utilizes the wireless technology and it can be used for measuring the speed of the vehicle, the location and even traffic control. With sharing those information, VANET can offer Cooperative ITS which can make a solution for a variety of traffic issues. In this way, safety for drivers, efficiency and mobility can be increased with VANET but data between vehicles or between vehicle and infrastructure are included with private information. Therefore alternatives are necessary to secure privacy. If there is no alternative for privacy, it can not only cause some problems about identification information but also it allows attackers to get location tracking and makes a target. Besides, people's lives or property can be dangerous because of sending wrong information or forgery. In addition to this, it is possible to be information stealing by attacker's impersonation or private information exposure through eavesdropping in communication environment. Therefore, in this paper we propose Privacy Assurance Architecture for VANET to ensure privacy from these threats.

• Journal of KIISE:Computing Practices and Letters
• /
• v.5 no.6
• /
• pp.727-737
• /
• 1999

프로세스 중심 소프트웨어 개발 환경(PSEE : Process-centered Software Engineering Environment)은 소프트웨어 개발자를 위한 여러가지 정보의 제공과 타스크의 수행, 소프트웨어 개발 도구의 수행 및 제어, 필수적인 규칙이나 업무의 수행등과 같은 다양한 행위를 제공하는 프로세스 모형의 수행을 통하여 소프트웨어 개발 행위를 지원한다. SEED(Software Engineering Environment for Development)는 효율적인 소프트웨어 개발과 프로세스 모형의 수행을 제어하기 위해 ETRI에서 개발된 PSEE이다.본 논문에서는 SEED에서 프로세스 모형을 설계하기 위해 사용되는 SimFlex 프로세스 프로그래밍 언어와, 수행지원시스템인 SEED Engine의 구현에 대하여 기술한다. SimFlex는 간단한 언어 구조를 가진 프로세스 프로그래밍 언어이며, 적절한 적합화를 통하여 다른 PSEE에서 사용될 수 있다. SimFlex 컴파일러는 SimFlex에 의해 기술된 프로세스 모형을 분석하고, 모형의 오류를 검사하며, SEED Engine에 의해 참조되는 중간 프로세스 모형을 생성한다. 중간 프로세스 모형을 사용하여 SEED Engine은 외부 모니터링 도구와 연관하여 사용자를 위한 유용한 정보뿐만 아니라 SimFlex에 의해 기술된 프로세스 모형의 자동적인 수행을 제공한다. SimFlex 언어와 수행지원 시스템의 지원을 통하여 소프트웨어 프로세스를 모형화하는데 드는 비용과 시간을 줄일 수 있으며, 편리하게 프로젝트를 관리하여 양질의 소프트웨어 생산물을 도출할 수 있다. Abstract Process-centered Software Engineering Environments(PSEEs) support software development activities through the enaction of process models, providing a variety of activities such as supply of various information for software developers, automation of routine tasks, invocation and control of software development tools, and enforcement of mandatory rules and practices. The SEED(Software Engineering Environment for Development) system is a PSEE which was developed for effective software process development and controlling the enactment of process models by ETRI.In this paper, we describe the implementation of the SimFlex process programming language used to design process models in SEED, and its runtime support system called by SEED Engine. SimFlex is a software process programming language to describe process models with simple language constructs, and it could be embedded into other PSEEs through appropriate customization. The SimFlex compiler analyzes process models described by SimFlex, check errors in the models, and produce intermediate process models referenced by the SEED Engine. Using the intermediate process models, the SEED Engine provides automatic enactment of the process models described by SimFlex as well as useful information for agents linked to the external monitoring tool. With the help of the SimFlex language and its runtime support system, we can reduce cost and time in modeling software processes and perform convenient project management, producing well-qualified software products.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.7
• /
• pp.20-25
• /
• 2019

In this paper, the structural weakness analysis and quality improvement of small fixed wing UAV of the hard landing type were studied. Unlike conventional aircraft, small UAV does not use runways because of its small size. Instead, small UAV use hand launch takeoff and hard landings. This type has many operational advantages because it can take off and land in a narrow space. But, the hard landing has a strong impact on the structure of the UAV and can cause serious damage. In order to analyze the exact cause of this phenomenon, the structural analysis was carried out using the 3D structural analysis program (ABAQUS) to identify the location of the fracture. And to improve the accuracy of the structural analysis, properties of the material were obtained through specimen test. As a result of the analysis, structural weaknesses were identified and improved. Thus, the validity of the study was verified by demonstrating the quality of enhanced structure through a real impact test at a higher level of 1.5 times the maximum impact during operation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.400-402
• /
• 2019

The electric point machine, which is used for the control of the turnout used to change the track of the train, is very important in the railway system. Various wired and wireless real-time monitoring systems are used to check the status of the point machine, but there is a possibility of malfunction due to sensor or network error. In this paper, a redundant monitoring system was designed that incorporates the point machine monitoring system and the CCTV camera control system to double check the operation of the point machine. In the point machine monitoring system, the operating state of the railway converter is monitored, alarmed and transmitted over the network. The CCTV camera control system, which received this information, was required to record the status of the turnout and the point machine in question and send it to the administrator. The manager of the railway line can check the conversion status of the railway through the monitoring screen for the railway line switcher first, and then confirm the switching status directly through the CCTV camera image, thereby improving the reliability of the point machine operation. It will also enable the safe and efficient operation of personnel for management. It is expected to contribute to preventing a derailment caused by a malfunction of the point machine.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.9
• /
• pp.89-96
• /
• 2021

In this paper, we analyzed that the user authentication scheme for TMIS(Telecare Medicine Information System) proposed by Al-Saggaf et al. In 2019, Al-Saggaf et al. proposed authentication scheme using biometric information, Al-Saggaf et al. claimed that their authentication scheme provides high security against various attacks along with very low computational cost. However in this paper after analyzing Al-Saggaf et al's authentication scheme, the Al-Saggaf et al's one are missing random number s from the DB to calculate the identity of the user from the server, and there is a design error in the authentication scheme due to the lack of delivery method. Al-Saggaf et al also claimed that their authentication scheme were safe against a variety of attacks, but were vulnerable to password guessing attack using login request messages and smart cards, session key exposure and insider attack. An attacker could also use a password to decrypt the stored user's biometric information by encrypting the DB with a password. Exposure of biometric information is a very serious breach of the user's privacy, which could allow an attacker to succeed in the user impersonation. Furthermore, Al-Saggaf et al's authentication schemes are vulnerable to identity guessing attack, which, unlike what they claimed, do not provide significant user anonymity in TMIS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.129-140
• /
• 2003

Recently viruses and various hacking tools that threat hosts on a network becomes more intelligent and cleverer, and so the various security mechanisms against them have ken developed during last decades. To detect these network attacks, many NIPSs(Network-based Intrusion Prevention Systems) that are more functional than traditional NIDSs are developed by several companies and organizations. But, many previous NIPSS are hewn to have some weakness in protecting important hosts from network attacks because of its incorrectness and post-management aspects. The aspect of incorrectness means that many NIPSs incorrectly discriminate between normal and attack network traffic in real time. The aspect of post-management means that they generally respond to attacks after the intrusions are already performed to a large extent. Therefore, to detect network attacks in realtime and to increase the capability of analyzing packets, faster and more active responding capabilities are required for NIPS frameworks. In this paper, we propose a framework for real-time intrusion prevention. This framework consists of packet filtering component that works on netfilter in Linux kernel and traffic control component that have a capability of step-by-step control over abnormal network traffic with the CBQ mechanism.