• Journal of Information Technology Services
• /
• v.4 no.2
• /
• pp.109-123
• /
• 2005

Interoperability among defense information systems is one of the most important technologies in the modern information and electronic wars. Computer-aided interviewing has been used in popular for measuring the interoperability among information systems in military domain. In this paper, we suggest a new approach, testing after interviewing, in order to resolve the weakness of interviewing approach. In the testing after reviewing approach, the potential level of interoperability predicted by computer-aided interviewing is explored by distributed testing techniques. For this purpose, test requirements of each interoperability level are identified and appropriate testing model and test cases are suggested. Finally, a distributed testing tool is designed for automating the execution of suggested test cases.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1024-1027
• /
• 2008

RFID는 자동 객체 식별 기술로써 유비쿼터스 환경과의 연결을 통해서 적용 범위가 더욱 확대되고 있다. 그러나 RFID 시스템은 전파를 이용하는 통신 구조와 낮은 태그 가격 제약으로 인해서 사용자의 프라이버시 문제와 악의적인 공격노출 등의 위험이 발생하고 있다. 이런 문제점들을 해결하기 위해 물리적인 방법과 암호학적인 접근 방법 등 많은 방법들이 제안되었다. 그 중에서 해시 체인 기법은 다른 방법과 비교하여 강력한 보안 수준을 제공하면서도 간단한 인증 과정이 장점이다. 그러나 재전송 공격과 스푸핑 공격에 취약한 문제점을 가지고 있다. 따라서 본 논문은 기존 해시 체인의 장점을 유지하면서 보안 취약성을 개선한 RFID 인증 프로토콜을 제안한다. 계산 효율성을 고려하여 최소한의 난수와 비트 연산(XOR)을 이용하여 보안 취약성을 개선한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.8C
• /
• pp.1025-1033
• /
• 2004

This paper covers the detection of covert direct sequence spread spectrum signal without the PN(Pseudo Noise) code information. Due to its low probability of interception, the difficulty of spectrum surveillance increases. Detection parameters are the signal existence of given bandwidth, the length of spreading sequence used by transmitter, and the identification of spreading code for detected chip length. The triple correlation function(TCF) value which is one of the higher order statistical signal processing techniques can be used to detect spread spectrum signal without a prior knowledge, but, it has weakness that TCF results depend on the spread data sequence in actual application. This paper proposes the new scheme that not only overcomes the weakness but also presents better performance than the traditional TCF scheme. The performance comparison of conventional TCF with proposed technique shows that the triple correlation estimator(TCE) has better detection capability.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.564-567
• /
• 2003

XML has weakness problems on document modulation and elimination of data Because of the XML gives priority to present data format, XML electrical signature, XML cryptography, or XML access control is provided to overcome those weakness problems. However, structured XML efficiency contravention problem occurred from XML encryption and absence of protection from DTD attack are still remains unsolved. In this paper, we provide XML scheme that satisfies both efficiency and encryption. DTD is unnecessary because XML scheme supports formatting(Well-Formed XML) XML documents and it also include meta information. Because of the XML scheme has possibility to generate each XML document dynamically and self efficiency investigator rule, it has an advantage on extendability of DID based encryption of XML documents.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.2
• /
• pp.127-137
• /
• 2012

Recently, as modern Internet uses mashups, Web 3.0, JavaScript/AJAX widely, the rate at which new vulnerabilities are being discovered is increasing rapidly. It can subsequently introduce big security threats. In order to efficiently mitigate these web application vulnerabilities and security threats, it is needed to rank vulnerabilities based on severity and consider the severe vulnerabilities during a specific phase of software development lifecycle (SDLC) for web applications. In this paper, we have first verified whether the risk rating methodology of OWASP Top 10 vulnerabilities is a reasonable one or not by analyzing the vulnerability data of web applications in the US National Vulnerability Database (NVD). Then, by inspecting the vulnerability information of web applications based on OWASP Top-10 2010 list and CWE (Common Weakness Enumeration) directory, we have mapped the web-related entries of CWE onto the entries of OWASP Top-10 2010 and prioritized them. We have also presented which phase of SDLC is associated with each vulnerability entry. Using this approach, we can prevent or mitigate web application vulnerabilities and security threats efficiently.

• Journal of Information Technology Services
• /
• v.21 no.4
• /
• pp.63-74
• /
• 2022

Globally researchers at medical institutions are actively sharing COHORT data of patients to develop vaccines and treatments to overcome the COVID-19 crisis. OMOP-CDM, a common data model that efficiently shares medical data research independently operated by individual medical institutions has patient personal information (e.g. PII, PHI). Although PII and PHI are managed and shared indistinguishably through de-identification or anonymization in medical institutions they could not be guaranteed at 100% by complete de-identification and anonymization. For this reason the security of the OMOP-CDM database is important but there is no detailed and specific OMOP-CDM security inspection tool so risk mitigation measures are being taken with a general security inspection tool. This study intends to study and present a model for implementing a tool to check the security vulnerability of OMOP-CDM by analyzing the security guidelines for the US database and security controls of the personal information protection of the NIST. Additionally it intends to verify the implementation feasibility by real field demonstration in an actual 3 hospitals environment. As a result of checking the security status of the test server and the CDM database of the three hospitals in operation, most of the database audit and encryption functions were found to be insufficient. Based on these inspection results it was applied to the optimization study of the complex and time-consuming CDM CSF developed in the "Development of Security Framework Required for CDM-based Distributed Research" task of the Korea Health Industry Promotion Agency. According to several recent newspaper articles, Ramsomware attacks on financially large hospitals are intensifying. Organizations that are currently operating or will operate CDM databases need to install database audits(proofing) and encryption (data protection) that are not provided by the OMOP-CDM database template to prevent attackers from compromising.

• Journal of Digital Contents Society
• /
• v.12 no.4
• /
• pp.491-499
• /
• 2011

Though there has been great advances in films' computer graphics both in technical and artistic side, there is still a big gap between computer graphics (a.k.a CG) studios in South Korea and major CG studios in US. Therefore, in this research, based on working experience at Disney Animation and information from working professionals in major CG studios, this paper analyzes strengths and weakness of character pipeline that major CG studios have by using examples and then suggest what CG studios in South Korea need. Steps of research process is to analyze what CG studios in South Korea developed, what are the strengths and weakness of Disney's character pipeline system and how these strengths can be applied to CG studios in South Korea.

• Journal of Information Technology Services
• /
• v.10 no.2
• /
• pp.259-269
• /
• 2011

The B$\'{e}$k$\'{e}$sy audiometer is used to determine not only hearing threshold but also assumption of recruit phenomenon and cause of disease. However, current B$\'{e}$k$\'{e}$sy audiometer takes an operational model, so called face-to-face model, in which model one audiometrist can assess only one subject at a time. As a result, the face-to-face model leads to high audiometrist's labor cost and long waiting time when there exist many subjects. To improve such weakness, this paper extends PC based B$\'{e}$k$\'{e}$sy audiometer to support client/server model in which model one audiometrist enables to concurrently access several subjects. As providing capabilities such as real-time transfer of assessment result, video monitoring of subject and video chat, the same effect as face-to-face model but overcomes weakness of face-to-face model.

• Korean Journal of Acupuncture
• /
• v.28 no.4
• /
• pp.169-175
• /
• 2011

Objectives : The aim of this study is to find a desirable way for acupuncture treatment of Vascular Dementia. Methods : The author reviewed several literatures related with Vascular Dementia. Based on the literatures, the author interpreted the causes and symptoms of Vascular Dementia on viewpoint of three yin and three yang. In addition, research about desirable way for acupuncture treatment was carried out. Results and Conclusions : The cause of Vascular Dementia is thought to be the functional weakness of lesser yin, the heart meridian. Also, the related-factors represent functional excess of reverting yin and greater yin, as well show functional weakness of lesser yin. Accordingly, for the acupuncture treatment of Vascular Dementia, it is necessary to tonify lesser yin. On the other hand, the activation of lesser yang is thought to be helpful.

• Journal of the Korean Society of Food Culture
• /
• v.21 no.2
• /
• pp.131-141
• /
• 2006

The purpose of this research is to develop the management strategy for a take-out specialty sore on the basis of SWOT analysis which requires analysis of internal and external environmental informations. The survey was performed in order to gather the internal and external customer informations for a take-out specialty store. The questionnaires developed were distributed to customers (N=188) and employees (N=23) at 5 take-out specialty store branches from April 25, 2002 to April 29, 2002. The statistical data analysis was completed by SPSS WIN 10.0 for descriptive analysis, factor nalaysis, and Pearson's correlation. IPA(Importance-Performance Analysis) was applied in order to identify the critical management issues which would be explained with the organization's weakness or strength. SWOT analysis was performed through identifying the organizational strength and weakness as internal environment factors and external environmental opportunity and threat as uncontrollable external factors.