• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10c
• /
• pp.694-696
• /
• 1999

최근에는 Non-PC 디바이스들을 위한 Embedded OS들이 PCS, PDA, 핸드헬드(Handheld) 컴퓨터, 터미널, 산업용 제어기 및 다른 소형 컴퓨터에서부터 인터넷 TV, 디지털 셋탑 박스, 웹폰, 인터넷 디바이스, 및 Mobile Computing 분야에 이르기까지 다양한 분야에서 그 요구가 급증하고 있다. 현재 이러한 응용들은 사용자의 응답시간이 빠른 표준 API(Application Programming Interface)의 사용을 필요로 한다. Window System의 Application을 개발하기 위해서는 보통 Win32 API를 사용한다. 그런, Win32 API에서 제공하는 자료형과 관련 함수들이 크기가 크고 속도가 느려서 소형의 적은 메모리와 빠른 속도를 필요로 하는 PCS 단말기에는 적합하지가 않다. 따라서 기존의 API의 기능을 충실히 수행하면서 PCS에 최적화된 API에 대한 연구가 필요하다. 본 논문에서는 PCS 정보단말기용 소형 운영체제에 적합한 API를 GWES(Graphics, Windowing, and Events Subsystem) 모델을 기반으로 설계하였으며 사용자 응답시간 지연을 해결하기 위해서는 Event 처리를 최소화하는 다중 메시지 처리 방식을 개발하였다.

• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.1-11
• /
• 2006

The files of intellectual property on computer systems have increasingly been exposed to such threats that they can be flowed out by internal users or outer attacks through the network. The File Outflow Protection System detects file outflow when users not only copy files on client computers into storage devices, but also print them. This Protection system has been designed to Win32 API hooking by I/O Manager in kernel level if files are flowed out by copying. As a result, the monitoring system has exactly detected file outflows, which is proved through testing.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.27-34
• /
• 2004

The recent explosive use of the Internet and the development of computer communication technologies reveal serious computer security problem. Inspite of many studies on secure access to the system, generally, the attackers do not use the previous intrusion techniques or network flaw, rather they tend to use the vulnerabilities residing inside the program, which are the running programs on the system or the processes for the service. Therefore, the security managers must focus on updating the programs with lots of time and efforts. Developers also need to patch continuously to update the Program, which is a lot of burden for them. In order to solve the problem, we need to understand the vulnerabilities in the program, which has been studied for some time. And also we need to analyze the functions that contains some vulnerabilities inside. In this paper, we first analyzed the vulnerabilities of the standard C library, and Win32 API functions used in various programs. And then we described the design and implementation of the automated scanning tool for writing secure source code based on the analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.51-60
• /
• 2005

The riles or intellectual property on computer systems have increasingly been exposed to such threats that they can be flowed out by internal users or outer attacks through the network. The File Outflow Monitoring System monitors file outflows at server by making the toe when users copy files on client computers into storage devices or print them, The monitoring system filters I/O Request packet by I/O Manager in kernel level if files are flowed out by copying, while it uses Win32 API hooking if printed. As a result, it has exactly made the log and monitored file outflows, which is proved through testing in Windows 2000 and XP.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.398-400
• /
• 2003

현재 전 세계 근로자의 상당수가 업무와는 무관한 인터넷 사용을 위해 많은 시간을 소모하고 있는 실정이다. 본 논문에서는 이러한 불필요하고 불건전한 인터넷의 사용을 감시하여 네트워크 상에 불필요한 트래픽의 발생을 억제함으로써 업무생산성을 높이고 회선 비용 절감 효과를 가질 수 있도록 하기 위해, 네트워크 상에서 발생하는 웹 트래픽을 감시하는 시스템을 설계하고 구현하였다. 본 논문에서 개발한 시스템은 Windows 계열 운영체제에서 실행들 수 있도록 하기 위해 BNF와 호환이 되는 "Winpcap" API를 사용하였으며, 또한 다중 쓰레드를 사용하여 실시간 처리가 가능 하도록 하였다. 본 시스템은 현재 웹 트래픽 만을 분석 처리하도록 되어 있지만, 향후 다른 프로토콜들에 대한 처리를 보안할 경우, 네트워크 감시 프로그램으로도 사용될 수 있을 것이다. 수 있을 것이다.

• The KIPS Transactions:PartC
• /
• v.11C no.1
• /
• pp.47-54
• /
• 2004

The growth of computer resource and network speed has increased requests for the use of remotely located computer systems by connecting through computer networks. This phenomenon has hoisted research activities for application service provision that uses server-based remote computing paradigm. The server-based remote computing paradigm has been developed as the ASP (Application Service Provision) model, which provides remote users through application sharing protocol to application programs. Security requirement such as confidentiality, availability, integrity should be satisfied to provide ASP service using centralized computing system. Existing Telnet or FTP service for a remote computing systems have satisfied security requirement by a simple access control to files and/or data. But windows-based centralized computing system is vulnerable to confidentiality, availability, integrity where many users use the same application program installed in the same computer. In other words, the computing system needs detailed security level for each user different from others, such that only authorized user or group of users can run some specific functional commands for the program. In this paper, we propose windows based centralized computing system that sets security policies for each user for the use of instructions of the application programs, and performs access control to the instructions based on the security policies. The system monitors all user messages which are executed through graphical user interface by the users connecting to the system. Ail Instructions, i.e. messages, for the application program are now passed to authorization process that decides if an Instruction is delivered to the application program based on the pre-defined security polices. This system can be used as security clearance for each user for the shared computing resource as well as shared application programs.

• Proceedings of the Acoustical Society of Korea Conference
• /
• 1998.08a
• /
• pp.401-405
• /
• 1998

SVAPI 1.0 환경에서의 어구 종속 화자 확인 시스템에 대해 기술한다. 구현된 시스템은 궁극적으로 공중 전화망 응용이 가능한 실용 시스템을 목표로 개발되었으며 이를 위해 SVAPI 위원회에 의해 제안된 SVAPI 1.0을 개발 환경으로 사용하였다. SVAPI는 객체 지향 구조, 클라이언트-서버 및 telephony 환경의 지원등이 특징이며 어플리케이션과 엔진을 독립적으로 개발할 수 있는 이점을 제공한다. 구현된 데모 시스템은 펜티엄 프로세서와 Windows95/NT 4.0 운영체제 그리고 Win16/Win32 API를 통해 제어 가능하며 음성 입력이 가능한 디바이스를 장착한 IBM 호환 PC이다. 화자의 성문 등록은 화자가 동일한 어구를 3회 발성하여 이뤄지며 등록과 확인의 응답속도는 모두 1초 이내이다. 소프트웨어의 구성은 크게 어플리케이션과 어구 종속 화자 확인 엔진으로 구분할 수 있으며 엔진은 끝점 검출 알고리즘, 음성 특징 추출 알고리즘 그리고 연속 HMM 기반의 화자 성문 모델 등록 및 유사도 계산 등을 포함한 확인 알고리즘으로 구성되어 있다. 화자의 성문은이름과 같은 약 3음절 이상의 단어로 등록되고 테스트되었다. 엔진의 객관적인 평가를 위해 전화선을 통해 남자 6명, 여자 3명의 화자로부터 자신의 이름을 각각 40회 발성하여 구축된 음성 데이터 베이스를 사용하였으며 실험 결과 남자는 2.85%, 여자는 2.44%의 EER을 각각 얻었다.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.3-8
• /
• 2004

The majority of recent intrusions reveal that the attackers do not use the previous intrusion techniques or network flaw, rather they tend to use the vulnerabilities residing inside the program, which are the running programs on the system or the processes for the service. Therefore, the security managers must focus on updating the programs with lots of time and efforts. Developers also need to patch continuously to update the program, which is a lot of burden for them. In order to solve the problem, we need to understand the vulnerabilities in the program, which has been studied for some time. And also we need to analyze the functions that contains some vulnerabilities inside. In this paper, we first analyzed the vulnerabilities of the standard C library, and Win32 API functions used in various programs. And then we described the design and implementation of the automated scanning tool for writing secure source code based on the analysis.

• 한국HCI학회:학술대회논문집
• /
• 2009.02a
• /
• pp.227-231
• /
• 2009

The aim of the research is to focus on the cognitive principles and to achieve human-level intelligence in referring context based browser history and the Windows history. One of the major problems faced by today's computer users is insufficient and single exclusive context based reference of the browser history and the Windows history. Today we search for the browser history and Windows history in different places even though the context is the same. For e.g., When working on a research paper or preparing a business presentation, a user may require to refer many web sites on the internet and various documents on the local computer. The browser can provide only time based history. The windows document history is also time based and limited to list only few documents. Hence, we propose a tool "Cognitive Based Context Aware Reference History Management Tool" which helps to access the exclusive reference of context and time based history in one place. The tool also proposes to store image history with urls and classifies images of a specific topic accessed in different time, bookmarks management and cross browser history management. These features are very useful as we can access all related documents (doc, docx, ppt, pptx, pdf, txt, and html), web pages, images and bookmarks in one place. The tool uses the cognitive principles like classification and association to achieve the purpose.

• Journal of KIISE:Computing Practices and Letters
• /
• v.7 no.3
• /
• pp.240-247
• /
• 2001

Java is a promising runtime environment for embedded systems because it has many advantages such as platform independence, high security and support for multi-threading. One of the most famous Java run-time environments, Sun's ($PersonalJave^{TM}$) is based on Truffle architecture, which enables programmers to design various GUIs easily. For this reason, it has been ported to various embedded systems such as set-top boxes and personal digital assistants(PDA's). Basically, Truffle uses heavy-weight window managers such as Microsoft vVin32 API and X-Window. However, those window managers are not adequate for embedded systems because they require a large amount of memory and disk space. To come up with the requirements of embedded systems, we adopt Microwindows as the platform graphic system for Personal] ava A WT onto Embedded Linux. Although Microwindows is a light-weight window manager, it provides as powerful API as traditional window managers. Because Microwindows does not require any support from other graphics systems, it can be easily ported to various platforms. In addition, it is an open source code software. Therefore, we can easily modify and extend it as needed. In this paper, we implement Personal]ava A WT using Microwindows on embedded Linux and prove the efficiency of our approach.