• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.4
• /
• pp.226-238
• /
• 2010

OpenSSL is an open-source library implementing SSL that is a secure communication protocol. However, the library has a severe vulnerability that its security information can be easily exposed to malicious software when the library is used in a form of shared library on Linux and UNIX operating systems. We propose a scheme to attack the vulnerability of the OpenSSL library. The scheme injects codes into a running client program to execute the following attacks on the vulnerability in a SSL handshake. First, when a client sends a server a list of cryptographic algorithms that the client is willing to support, our scheme replaces all algorithms in the list with a specific algorithm. Such a replacement causes the server to select the specific algorithm. Second, the scheme steals a key for data encryption and decryption when the key is generated. Then the key is sent to an outside attacker. After that, the outside attacker decrypts encrypted data that has been transmitted between the client and the server, using the specified algorithm and the key. To show that our scheme is realizable, we perform an experiment of collecting encrypted login data that an ftp client using the OpenSSL shared library sends its server and then decrypting the login data.

• Korean Security Journal
• /
• no.44
• /
• pp.251-278
• /
• 2015

Registered security guards carry out police duties as civilian police who are in charge of security service, and so they have a two-fold status: a civilian in terms of a social standing and a policeman in the way that they execute the authority of security. The problem caused by this legal position is that their legal rights and obligation can be unclear in the task-action and working relationship. This paper attempts to study their functions, rights, and legal duties through the interpretation of the related positive law so as to reveal the problems that may spring from this ambiguous status of registered security guards. This endeavor illuminates their legal status specified in the positive law in and around the Act on the police assigned for special guard, observing their functions and the legal duties in the pursuit of their tasks, and ending up pointing out the problems of the positive law. As a result of research work, the most significant problems, even if multifarious, are the avoidance of the state reparation in the responsibility for the illegal behavior in connection with their operation; the unconstitutionality of the disciplinary punishment regulation originated from the entrust with full powers; the imperfection of the rules about the cooperative ties with the police; the possibility of human rights abuse caused by the ban on the labor dispute; the equality problems from the dual pay system; and the inadequacy of the codes about the recruitment qualification and method. This research is intended to help achieve the purpose of the security of national critical facilities through the smooth execute of duties as well as the protection of the guards' rights. Besides, the key focuses posed in this paper are worthy of being developed more accurately through the following researches.

• Journal of the Earthquake Engineering Society of Korea
• /
• v.11 no.1 s.53
• /
• pp.67-77
• /
• 2007

Site coefficients in IBC and KBC codes have some limits to predict the rational seismic responses of a structure, because they take into account only the effect of the soil amplification without the effects of the structure-soil interaction. In this study, upper and lower limits of the site coefficients are estimated through the pseudo 3-D elastic seismic response analyses of structures built on the linear or nonlinear soil layers taking Into account the effects of the structure-soil interaction. Soil characteristics of site classes of A, B and C were assumed to be linear, and those of site classes of D and E were done to be nonlinear and the Ramberg-Osgood model was used to evaluate shear modulus and damping ratio of a soil layer depending on the shear wave velocity of the soil layer, Seismic analyses were performed with 12 weak or moderate earthquake records scaled the peak acceleration to 0.1g or 0.2g and deconvoluted as earthquake records at the bedrock located at 30m deep under the outcrop. With the study results of the elastic seismic response analyses of structures, new standard response spectrum and upper and lower limits of the site coefficients of $F_{a}\;and\;F_{v}$ at the short period range and the period of 1 second are suggested including the effects of the structure-soil interaction, and new site coefficients for the KBC code are also suggested.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.3B
• /
• pp.360-374
• /
• 2004

The OSPF protocol is the most widely used Interior Gateway Routing Protocol. Therefore, for the reliability of behavior of gigabit swiching routers, it is essential to guarantee the interoperability and the safety of the OSPF protocol. In this paper, we analyze the standard document of the OSPF protocol, so that we provide a formal specification that specifies the protocol behaviors by detailed design level using the algebraic formal method. By referring available source codes of the OSPF protocol, we supplement the formal specification to express more detailed behaviors that is not specified definitely in the standard. We also formally verify the interoperability and the safety of the protocol state machine of the specification. By showing that the formal specification specify all of the states and the transition events that appear in the standard document of the OSPF protocol, we prove that the state machine has the completeness, and prove it has the interoperability. To prove that the specification of the protocol has the safety, we formally verify the reachability, the liveness, the livelock-free property, and the deadlock-free property. As a result, we prove the protocol has the consistency. The specification and the validation are also effective to the OSPF Version 3 that inherit the protocol mechanism of the OSPF Version 2.

• The Journal of the Korea Contents Association
• /
• v.14 no.10
• /
• pp.562-569
• /
• 2014

The purpose of this study was to investigate the determinants of total payment for mental and behavioral disorders patients admitted through the emergency room. Study data was selected from the Korean National Health Insurance sample data in 2009. This data was consisted of 753 inpatients who are 331 inpatients with only main sick(F31-F39) and 422 inpatients with main sick codes(F31-F39) and sub sick(F00-F99) admitted through the emergency room. SPSS v.18 was used for the statistical analysis such as descriptive analysis, t-test, ANOVA, and multiple regression analysis. In multiple regression analysis, significant variables affecting total payment of main sick patients were gender(p<.01), treatment result(p<.001), path of the emergency room(p<.001), and length of stay(p<.001). Also, main sick patients with sub sick were gender(p<.01), age(p<.001), treatment result(p<.001), path of the emergency room(p<.001), and length of stay(p<.001). These findings implied that it is necessary to build short, middle, and longterm program and system for high risk mental and behavioral disorders groups.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.33-41
• /
• 2018

Recently, Internet technology has developed, various programs are being created and therefore various codes are being made through many authors. On this aspect, some author deceive a program or code written by other particular author as they make it themselves and use other writers' code indiscriminately, or not indicating the exact code which has been used. Due to this makes it more and more difficult to protect the code. In this paper, we propose author identification framework using Authorship Analysis theory and Natural Language Processing(NLP) based on Convolutional Neural Network(CNN). We apply Authorship Analysis theory to extract features for author identification in the source code, and combine them with the features being used text mining to perform author identification using machine learning. In addition, applying CNN based natural language processing method to source code for code author classification. Therefore, we propose a framework for the identification of authors using the Authorship Analysis theory and the CNN. In order to identify the author, we need special features for identifying the authors only, and the NLP method based on the CNN is able to apply language with a special system such as source code and identify the author. identification accuracy based on Authorship Analysis theory is 95.1% and identification accuracy applied to CNN is 98%.

• Korean Journal of Community Nutrition
• /
• v.7 no.6
• /
• pp.852-862
• /
• 2002

The purposes of this study were 1) to review the Medical Nutrition Therapy (MNT) Act of the United States, 2) to introduce the efforts of the American Dietetic Association (ADA) to expand the Medicare coverage for MNT and 3) to provide information about the reimbursement under Medicare Part B for the cost of MNT. The MNT Act defined MNT services as “the nutritional diagnostic, therapeutic, and counseling services provided by a Registered Dietitian or nutritional professional for the purpose of managing diabetes or renal diseases”. Also, the MNT Act defined “conditions for coverage of MNT”, “limitations on coverage of MNT”, and “qualifications of MNT service provider”. To expand the coverage of Medicare to include MNT, the ADA realized the need for development of a protocol for MNT, as well as studies to evaluate the effectiveness and cost-effectiveness of the MNT protocol developed. Therefore, the ADA supported the studies to develop a strong database of scientific investigations of nutritional services. Furthermore, the ADA needed credible data that could be used by Policy makers, so the ADA contracted with the Lewin Group to if out the study to gather the additional data needed to strengthen the ADA's position. In the report of the Lewin Group, which was entitled, “The Cost of Covering Medical Nutrition Therapy under Medicare : 1998 through 2004”, it was concluded, that if coverage for MNT in the Part B portion of Medicare had begun in 1998, by 2004, approximately $ 2.3 billion would have been saved through reduced hospital spending under Part A of Medicare ($ 1.2 billion) and reduced physician visits under Part B ($ 1.1 billion) Effective January 1 2002, the US Congress extended Medicare coverage to include MNT to beneficiaries with diabetes or renal diseases. The Centers for Medicare and Medicaid Services (CMS) established the duration and frequency for the MNT based on published reports or generally accepted protocols (for example, protocols suggested by the ADA). The number of hours covered by Medicare is 3 hours for the initial MNT and 2 hours for a follow-up MM. In 2002, a Medicare coverage policy was made to define the Physician's Current Procedural Terminology (CPT) codes 97802, 97803, and 97804 for MNT.

• The Journal of the Korea Contents Association
• /
• v.20 no.2
• /
• pp.678-688
• /
• 2020

Occupational ethical awareness is a system of norms and standards of behavior and an important component of professionalism that affects organizational performance and commitment. The purpose of this study is to examine the mediating effect of professionalism on the relationship between job ethics and organizational commitment of civil servants. A survey was conducted on 300 central government officials with more than one year of employment. 261 copies were used for the final analysis. The results are as follows. First, the vocational ethics of civil servants had a significant effect on professionalism. The higher the years of service, the higher the level of ethics. Second, the work ethic of public officials had a significant effect on organizational commitment. These results can be interpreted as the internal commitment of civil servants to the state of work ethic. Third, the mediating effect of professionalism was verified in the relationship between public morality and organizational commitment. Based on these results, the public ethics of public servants are the basis for accepting public values and goals. Vocational expertise with embedded codes of conduct and value systems influences organizational commitment. As a practical implication for improving the ethical ethics of public officials, education programs for improving ethical consciousness according to job titles and duties were provided, and the ethical ethical competence was presented.

• Journal of Acupuncture Research
• /
• v.33 no.4
• /
• pp.109-119
• /
• 2016

Objectives : The aim of this study is to give a statistical basis for the characteristics of patients who received cooperative medical care after being referred from Western medical departments to the Department of Acupuncture and Moxibustion in a Korean medical hospital. Methods : The request records were searched for cooperative medical treatment at the Department of Acupuncture and Moxibustion in a Korean medical hospital between September 1st, 2011 and August 31, 2016, based on the Order Communication system(OCS). The records were reviewed and retrospectively analyzed according to the patient's general characteristics, the chief diagnosis code based on the 7th Korean standard classification of diseases(KCD-7) before and after the cooperative medical care in the Department of Acupuncture and Moxibustion, and the actual treatment measures which patients received as a result of the cooperative medical care. Results : Among the 2702 records, 1549 patients were included in the analysis. The male to female ratio was 1 : 1.17. Sexagenarians formed the highest age group and the number of patients whose age was over 50 was 1176(75.92 %). The surgery department requested the cooperative care from the department of Acupuncture and Moxibustion for the highest number of patients, 1194(77.08 %). When analysing specific medical departments, Neurosurgery, General Surgery, Neurology, Otorhinolaryngology, and Physical medicine and rehabilitation followed. The frequency of chief diagnosis code used before the cooperative medical care was in the order of I, C, G, S, and M code, from highest to lowest. The order of the codes after the cooperative medical care was the same. Acupuncture treatment was the most frequently-used measure after the cooperative medical care. Following were infrared, moxibustion, transfer, herbal acupuncture, cupping, electroacupuncture, and so on. Conclusion : This study provides a statistical basis for the demands placed on the Department of Acupunture and Moxibustion for cooperative medical care with the Western medical department. Based on the present condition of cooperative medical care, more preparation and effort is required for its activation.

• The KIPS Transactions:PartD
• /
• v.13D no.4 s.107
• /
• pp.549-556
• /
• 2006

In this paper, we propose a system for generating skeleton programs for directly transforming an XML document to another document, whose structure is defined in the target DTD with GUI environment. With the generated code, the users can easily update or insert their own codes into the program so that they can convert the document as the way that they want and can be connected with other classes or library files. Since most of the currently available code generation systems or methods for transforming XML documents use XSLT or XQuery, it is very difficult or impossible for users to manipulate the source code for further updates or refinements. As the generated code in this paper reveals the code along the XPaths of the target DTD, the result code is quite readable. The code generating procedure is simple; once the user maps the related elements represented as trees in the GUI interface, the source document is transformed into the target document and its corresponding Java source program is generated, where DTD is given or extracted from XML documents automatically by parsing it. The mapping is classified 1:1, 1:N, and N:1, according to the structure and semantics of elements of the DTD. The functions for changing the structure of elements designated by the user are amalgamated into the metadata interface. A real world example of transforming articles written in XML file into a bibliographical XML document is shown with the transformed result and its code.