• Journal of the Korea Society of Computer and Information
• /
• v.16 no.9
• /
• pp.145-153
• /
• 2011

In this paper, we propose a CMS(Career Management System) based on the Android Platform, which is able to manage the result of MBTI, an aptitude test and English skills such as TOEIC, conversation, writing, etc. and to deal with the performance of the on-the-job practice, internship, project participation, graduation exhibition, contest exhibition, etc. during the period of attendance at school, This system is divided into the server module and the client one. First, the server module is used to build up the web site of the CMS that can serve to save the data related to each student's career. Second, the client module is to develop the application based on the Android Platform. This application can easily access the career-related information and always function as maintaining and managing the new data. If we make good use of the CMS proposed in this study, the relevant departments and bureaus in colleges and universities can activate the service capacity and also enhance the employment competitiveness by adding value to the students.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3B
• /
• pp.503-516
• /
• 2010

In this paper, we propose the converged profile and authentication scheme for supporting converged media services of broadcasting & communications convergence in fixed mobile convergence networks. The proposed scheme supports the management of access, service, mobility and IPTV profiles on subscriber and a function of open API(Application Program Interface) for providing the subscriber profile for the third party service provider with the PUSH/PULL method. The open API is based on a web service and a REST(Representational State Transfer) and provides various services for the third party service provider with ease. In addition, the proposed scheme supports a function of SSO(Single Sign-on). After user succeeded in establishing an access connection, user can sustain the same authentication state with this function although connected access network is changed or IMS(IP Multimedia Subsystem) service network is attached. We evaluate and analyze the performance of the proposed scheme through the implementation of CUPS(Converged User Profile Server) system test-bed.

• Journal of Digital Convergence
• /
• v.11 no.9
• /
• pp.201-207
• /
• 2013

Recently, the interest in a Mobile Office is increasing dramatically and the Smart Phone App Service begin in earnest to be requested in an area of applying SAP system to PC. This study aims to research the system which can be easily implemented with the configuration and Mobile App which cause difficulties in embodying SAP system-based Apps suitable for a mobile environment. First, by realizing SAP system interface that can operate in mobile devices in the form of GUI, assisting the connecting parts of SAP for the users-friendly set-up, providing the communication method of Client, Application, and SAP Service in the form of web service through TCP/IP, and finally showing cases of implementing the method of delivering the data request and result value of Server and Client in the form of XML suggest more effective and new method, the research suggests a new way of making the linkage of SAP more efficient.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.303-308
• /
• 2019

Spring framework is widely used as a base technology for e-government frameworks and to the extent it is a standard for web service development tools of Korean public institutions. However, recently, a remote code execution vulnerability(CVE-2018-1270) was found in an application using a spring framework. This paper proposes a method of analyzing the vulnerability experiment using a hacking scenario, Proof Of Concept(POC), in which the spring framework is a hazard to the server. We propose the patch to version 4.3.16 and version 5.0.5 or later as an ultimate response. It is also expected that the proposed experiment analysis on vulnerability of hacking scenario will be used as a data for improving performance of security programs and establishing a new authentication system.

• IEIE Transactions on Smart Processing and Computing
• /
• v.4 no.5
• /
• pp.340-348
• /
• 2015

The "stamp rally" is an event that participants go the round with predetermined points for the purpose of collecting stamps. They bring the stamp card to these points. They, however, sometimes leave or lose the card. In this case, they may not reach the final destination of the stamp rally. The purpose of this research is the construction of the stamp rally system which distinguishes each participant with his or her hand instead of the stamp card. We have realized our method distinguishing a hand posture by the image processing. We have also evaluated it by 30 examinees. Furthermore, we have designed the data communication between the server and the checkpoint to implement our whole system. We have also designed and implemented the process for the registering participant, the passing checkpoint and the administration.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.1
• /
• pp.169-179
• /
• 2010

iA-Canvas is HMI program which is the industrial automation application developed based on the Java language, and can run on any OS such as Windows, UNIX, Linux. The iA-Canvas is built on object-oriented open structure and consider network functionality and user experience as a system of centralized management and distributed management. iA-Canvas is composed of several components such as Builder, IO Server, Viewer, and Web Service Module and provides a GUI control environment. This paper explains design and implementation of iA-Canvas that is a tool for development of integrated management system, and shows practical examples of integrated management system that use iA-Canvas.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.2
• /
• pp.53-59
• /
• 2020

Malicious file upload attacks mean that the attacker to upload or transfer files of dangerous types that can be automatically processed within the web server's environment. Uploaded file content can include exploits, malware and malicious scripts. An attacker can user malicious content to manipulate the application behavior. As a method of detecting a malicious file upload attack, it is generally used to find a file type by detecting a file extension or a signature of the file. However, this type of file type detection has the disadvantage that it can not detect files that are not encoded with a specific program, such as PHP files. Therefore, in this paper, research was conducted on how to detect and block any program by using essential commands or variable names used in the corresponding program when writing a specific program. The performance evaluation results show that it detected specific files effectively using the suggested method.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06b
• /
• pp.181-184
• /
• 2011

소프트웨어와 인터넷 연결이 일반화되고 소프트웨어 규모가 복잡해짐에 따라, 소프트웨어 보안 취약점 발생 수 및 관련 보안 사고가 나날이 증가하고 있다. 소프트웨어 보안 사고를 예방하기 위한 하나의 방법은 소프트웨어 개발 단계에서 취약점을 발견하여 제거하는 것이다. 이에 본 논문에서는 취약점 발견에 사용되는 대표적 테스팅 기법인 퍼징에 대해 연구하였다. 먼저, 웹 애플리케이션 서버와 관련된 기존의 공개된 취약점 정보를 분석하여 퍼징에 필요한 오용 케이스(misuse case) 생성 방법을 보인다. 생성된 오용 케이스는 URL과 HTTP 요청 메시지의 각 필드에 대한 테스팅 정보를 포함하고 있으며, 이 오용 케이스를 웹 애플리케이션 서버에 퍼징하여 실제 보안 관련 결함이 나타남을 확인하였다.

• Annual Conference of KIPS
• /
• 2003.05b
• /
• pp.1071-1074
• /
• 2003

Now internet is very popular. Many company services various contents in Web. One of the best way for internet community is network game service for internet member. There are some company to service high quality network game for gathering members. Those company make success for getting fee from their member. Global on-line game market is small but stability growing. Thus Microsoft invest on line game. On this paper, one of a java network turn game system called by "Hoola" is designed and implemented. This Application consist of Client/Server and Database module and multi-tier Architecture, because of easily translation to PDA or mobile phone.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.11 no.6
• /
• pp.369-377
• /
• 2016

Recently, many changes have been made to people's life patterns as the technological advances in the ICT industry. The fusion of smart phones and various IT technologies has brought people convenience and welfare. A typical example of such fusion is the smart home. However, the existing smart home systems are difficult to be changed or extended. So we design a new smart home system with extensibility that can easily adopt legacy appliances and be scaled up. Among a variety of smart home features, this paper deals with IoT Devices that are responsible for controlling power or transmitting and receiving sensing values, IoT Gateway that connects users and consumer electronics via Internet, and Smart Home Manager that monitors and controls these components in the proposed smart home system.