• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.12
• /
• pp.2171-2178
• /
• 2008

Recently, Network companies have introduced security solutions to protect the network from intrusions, attacks and viruses but the network has still weakness and vulnerability. It is time to bring more stable and reliable authentication system that would meet the Internet user's need. In this study, Current broadband networks don't have hierarchic and stable authentication solutions. And so, an integrated and hierarchic system is needed to provide a various kinds of application services. I'd like to present a new authentication system which is based on unified web authentication design. It will unit various authentication systems that have been deployed in various network environment and reinforce network security to provice a various kinds of application services in a stable and safe environment. that is a simple and more secure method for fighting a rise in card-not-present fraud.

• Proceedings of the Korea Contents Association Conference
• /
• 2003.11a
• /
• pp.113-119
• /
• 2003

Both the highly developed computing environment and the rapid increase of the internet users enable the present web based cluster system accounting service to help many users access to numerous data at high speed. However, the information security of users and data is also as important as the convenience of the systematic environment. Especially, the significance of damage to the individuals and organizations resulted from the data outflow, hacking and malicious coding has risen up to one of the most essential problems in the internet service business. In this study, I suggest a more safe web based cluster system accounting service solution applying SEED, the Korean Telecommunications Technology Association (TTA) standard encryption algorithm.

• Proceedings of the IEEK Conference
• /
• 2000.11c
• /
• pp.55-58
• /
• 2000

EC, which is done the virtual space through Web, has weakly like security problem because anybody can easily access to the system due to open network attribute of Web. Therefore, we need the solutions that protect the Web security for safe and useful EC. One of these solutions is the implementation of a strong cipher system. NC(Nonpolynomial Complete) cipher system proposed in this paper is advantage for the Web security and it overcomes the limit of the 64 bits cipher system using 128 bits key length for input, output, encryption key and 16 rounds. Moreover, it is designed for the increase of time complexity by adapted more complex design for key scheduling regarded as one of the important element effected to encryption.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.11
• /
• pp.1993-1998
• /
• 2008

Web robot engine for searching web sever vulnerability and malicious code is proposed in this paper. The main web robot function is based on searching technology which is derived from analyses of private information threat. We implemented the detecting method for phishing, pharming and malicious code on homepage under vulnerable surroundings. We proposed a novel approachm which is independent of any specific phishing implementation. Our idea is to examine the anomalies in web pages.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.956-959
• /
• 2011

When SOAP message in Web Services has sensitive and important data, it is necessary to protect the message from XML rewriting attacks. These attacks create a foundation for typical faults in SOAP message and make it vulnerable to use in Web Service environment. Currently, Web Services middleware offers limited functions to detect these faults and possibly fix them. In this paper, we propose a Security Description Assistance which identifies and fixes typical faults in SOAP messages. Our system adapts simulation-based approach, which allows system to self-optimize its performance in different conditions and thus improve the reliability of Web Services.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.221-224
• /
• 2021

본 논문은 WebAssembly 가 도입된 2017 년부터 현재 2021 년까지 발생한 보안 취약점을 분석하고 분류하여, WebAssembly 에 대한 개발자들의 이해도를 높이고 WebAssembly 도입에 생길 수 있는 문제점들을 정리한다. 특히 CVE-2018-6092(Integer Overflow), CVE-2018-6036(Underflow) 사례들을 제공된 PoC 를 통하여 재현하고, PoC 코드, 원인 코드와 대처 코드까지 분석한다.

• Journal of Internet Computing and Services
• /
• v.6 no.6
• /
• pp.35-44
• /
• 2005

It is essential for any public institution to establish a systematical scheme and a management system to maintain the contents and securities of its ever-expanding web-site with efficiency. The general users want a reliable system and a simple and stress-free web environment and expect the public institutions to maintain the accuracy and conformity of information they provide to the public. In this study, I examined a web-site owned by a certain governmental research institute for the current maintenance status and problems to seek an effective and easy-to-use scheme for both users and web managers. Based on what I learned from my study, I moved on to design a web integration system and tested it on the above mentioned web-site for analysis.

• Convergence Security Journal
• /
• v.6 no.3
• /
• pp.127-133
• /
• 2006

Some Research is actively being done on a web-based collaborative learning system. This is changes in educational paradigm in the knowledge information age. A web-based collaborative learning system for question making is to improve the effect of studying through positive interactions between colleagues and to motivate studying through group competitions. This system is designed to active and self-leading studying when a learner do collaborative learning for question making in group. This system can help initiate and active studying to learner through a course of collaborative learning for question making. It can be used to achieve collaborative learning in various ways.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.1
• /
• pp.16-20
• /
• 2004

This paper developed a secure web-based digital notary system. The system conforms to international standards, and gives users very good accessibility to it. The technologies and the application systems for timestamp-related services are not yet popularized, but they are potentially meaningful to many kinds of areas such as ecommerces, digital right managements, and internet mail systems. The digital notary system uses the timestamp requests and responses which conforms to rfc 3161. The system supports secure communication between web-based notary server and its clients by using SSL(Secure Socket Layer), and use nonces for prevention of replay attacks.

• Convergence Security Journal
• /
• v.9 no.1
• /
• pp.1-10
• /
• 2009

In present, an education paradigm of new info-age is consisting by using the Internet in education field, and as that practical use of internet in education is in increasing trend and various education method is showed. Also, as using the web by teacher and student, teacher can achieve efficiently instruction and student management and students can handle various kinds item about studies efficiently. But much of the existent systems were drived on instruction management, systems of student management are very few. Therefore, in this paper, we designed and implemented system that can efficiently manage instruction and student in web. Implemented system was designed by dividing teacher module and student module and various function for instruction management and student management were included in teacher module and in student module include various functions with related to as class, report and result record.