• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.27-37
• /
• 2022

Virtual private network (VPN) services are used in various environments related to national security, such as defense companies and defense-related institutions where digital communication environment technologies are diversified and access to network use is increasing. However, the number of cyber attacks that target vulnerable points of the VPN has annually increased through technological advancement. Thus, this study identified security requirements by performing STRIDE threat modeling to prevent potential and new vulnerable points that can occur in the VPN. STRIDE threat modeling classifies threats into six categories to systematically identify threats. To apply the proposed security requirements, this study analyzed functions of the VPN and formed a data flow diagram in the VPN service process. Then, it collected threats that can take place in the VPN and analyzed the STRIDE threat model based on data of the collected threats. The data flow diagram in the VPN service process, which was established by this study, included 96 STRIDE threats. This study formed a threat scenario to analyze attack routes of the classified threats and derived 30 security requirements for each element of the VPN based on the formed scenario. This study has significance in that it presented a security guideline for enhancing security stability of the VPN used in facilities that require high-level security, such as the Ministry of National Defense (MND).

• Informatization Policy
• /
• v.31 no.2
• /
• pp.82-104
• /
• 2024

Smart home services are growing rapidly as the development of the Internet of Things (IoT) opens the era of the so-called "Connected Living." Although personal information leaks through smart home cameras are increasing, however, users-while concerned-tend to take passive measures to protect their personal information. This study theoretically explained and verified how to design effective software update notification messages for smart home cameras to ensure that users comply with the recommended security behavior (i.e., update installation). In a survey experiment participated in by 120 actual users, the effectiveness of both emotional appeals (i.e., security breach warning images for fear appeals) and rational appeals (i.e., loss-framed messages emphasizing the negative consequences of not installing the updates) were confirmed. The results of this study provide theoretical interpretations and practical guidelines on the message design features that are effective for threat appraisals (i.e., severity, vulnerability) of smart home camera users and their protection motivation.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.9
• /
• pp.34-41
• /
• 2017

Wireless mesh networks contain multi-hop routing protocols between wireless nodes and are connected to the Internet through a gateway. These networks perform a role as a backbone and are scalable for main applications. We propose the design of QoS supporting mechanisms for wireless mesh networks using software defined networking. Our proposed scheme is cost-effective and features adaptive QoS mechanisms for wireless router's resource constraints. The QoS mechanisms use software defined networking technology with Openflow protocol based on diffserv and intserv models with MPLS mechanism and RSVP respectively. A performance evaluation model is suggested to verify the validity of the proposed scheme using several QoSmetrics of the wireless mesh networks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.75-81
• /
• 2016

My proposed Co-creation platform software analysis and design method in my paper, presents build technology of co-creation platform using Co-creation concepts refer to all process from products' idea level to products' design, manufacturing and marketing level. And this method can be possible to design and implement to be interlocked with company's cloud service and system through own SNS functions and OPEN API to build co-creation platform. Also owing to apply Wiki technology in the process of idea modification and completion level and provide cooperative work tools of story-board prototyping, it can be participate actively in the design process with customer and stakeholder together and realize functions to apply opinions. Therefore, Co-creation platform software analysis and design by objected-oriented analysis method is presented to show these design process effectively.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.12 no.1
• /
• pp.26-35
• /
• 2009

This paper will propose the efficient method that should be designed to utilize the design pattern of GoF(Gang of Four) for implementation of LBS(Location Based Service) mobile system. The design method proposed by this paper can design and implement system interface using creational patterns, structural patterns and behavioral patterns of design pattern from the user and mobile system viewpoint. The design method using design pattern can show increasing reusability of module and software, abridging the development time, minimizing the maintenance and decreasing the efficiency of memory of system to software development. Therefore, we used a design pattern in order to change the middleware applying geographic information system from mobile environment. Finally, the mobile system applied to design pattern shall contribute to showing high stability and reliability, improving reusability and scalability of module and software and developing efficient LBS mobile system.

• Journal of the Korean School Mathematics Society
• /
• v.20 no.3
• /
• pp.325-344
• /
• 2017

Since PISA2006, the computer based assessment in mathematics(CBAM) was introduced for the first times and at last PISA2015 used all items in CBAM for problem solving. In this study, we focused on which important properties were considered in constructing geometric 'fence items' used in PISA 2015 to find the future direction over our teacher education, especially for constructing 'computer based assessment items.' For the purpose of the study, we analyzed the fence items on three components such as dependency, invariant, and path found in dragging activities, within a computer environment using the dynamic Geometry Software, GSP. Also, for the future, we provided an open-ended problem related to the fence items, which we could use as the merit of computer-based environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.455-472
• /
• 2020

As a user in modern societies with the rapid growth of Internet environment and more complicated business flow processes in order to be effective at work and accomplish things on time when the manager of the company went for a business trip, he/she need to delegate his/her signing authorities to someone such that, the delegatee can act as a manager and sign a message on his/her behalf. In order to make the delegation process more secure and authentic, we proposed a secure and efficient identity-based proxy signcryption in cloud data sharing (SE-IDPSC-CS), which provides a secure privilege delegation mechanism for a person to delegate his/her signcryption privilege to his/her proxy agent. Our scheme allows the manager of the company to delegate his/her signcryption privilege to his/her proxy agent and the proxy agent can act as a manager and generate signcrypted messages on his/her behalf using special information called "proxy key". Then, the proxy agent uploads the signcrypted ciphertext to a cloud service provider (CSP) which can only be downloaded, decrypted and verified by an authorized user at any time from any place through the Internet. Finally, the security analysis and experiment result determine that the proposed scheme outperforms previous works in terms of functionalities and computational time.

• International Journal of Contents
• /
• v.13 no.2
• /
• pp.29-34
• /
• 2017

Cloud computing is becoming an effective and efficient way of computing resources and computing service integration. Through centralized management of resources and services, cloud computing delivers hosted services over the internet, such that access to shared hardware, software, applications, information, and all resources is elastically provided to the consumer on-demand. The main enabling technology for cloud computing is virtualization. Virtualization software creates a temporarily simulated or extended version of computing and network resources. The objectives of virtualization are as follows: first, to fully utilize the shared resources by applying partitioning and time-sharing; second, to centralize resource management; third, to enhance cloud data center agility and provide the required scalability and elasticity for on-demand capabilities; fourth, to improve testing and running software diagnostics on different operating platforms; and fifth, to improve the portability of applications and workload migration capabilities. One of the key features of cloud computing is elasticity. It enables users to create and remove virtual computing resources dynamically according to the changing demand, but it is not easy to make a decision regarding the right amount of resources. Indeed, proper provisioning of the resources to applications is an important issue in IaaS cloud computing. Most web applications encounter large and fluctuating task requests. In predictable situations, the resources can be provisioned in advance through capacity planning techniques. But in case of unplanned and spike requests, it would be desirable to automatically scale the resources, called auto-scaling, which adjusts the resources allocated to applications based on its need at any given time. This would free the user from the burden of deciding how many resources are necessary each time. In this work, we propose an analytical and efficient VM-level scaling scheme by modeling each VM in a data center as an M/M/1 processor sharing queue. Our proposed VM-level scaling scheme is validated via a numerical experiment.

• Proceedings of the Korea Contents Association Conference
• /
• 2009.05a
• /
• pp.810-815
• /
• 2009

In recent years, embedded systems such as cellular phones, Portable Multimedia Player, intelligent appliance, automobile engine control are reshaping the way people live, work, and play. Thereby, applications for embedded systems become increasingly sophisticated and complicated, such embedded computing platforms must use real-time operating systems (RTOSs) with time determinism. These RTOSs must not only provide predictable services but must also be efficient and small in size and it's kernel services should also be deterministic by specifying how long each service call will take to execute. Having this information allows the application developers to better plan their real-time application software so as not to miss the deadline of each task. In this paper, we present the complete generalized algorithm using multi-dimensional methodology to determine the highest priority in the ready list with 2r levels of priorities for an arbitrary integer number of r.

• The Journal of Korean Association of Computer Education
• /
• v.23 no.4
• /
• pp.61-68
• /
• 2020

The purpose of this study is to develop a debugging task to support process-centered assessment on software(SW) education and to develop a service site. Achievement criteria for programming in elementary and middle school SW curriculum consists of control structures such as repetition and condition, and elements such as variables and input/output. In order to apply the process-centered assessment presented by the Ministry of Education, it is necessary to present tasks that can be used in the actual classroom environment and to consider connection with achievement levels. Therefore, in this study, 12 tasks for elementary school and 15 tasks for middle school were developed as debugging tasks and their validity was verified. As a result of conducting Delphi verification for validity, it was found that the level and content of the debugging task are appropriate. In addition, as a result of verifying the usability of the debugging challenge site by applying a heuristic evaluation method, it was found that it is suitable for use in the real educational field.