• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.4
• /
• pp.81-87
• /
• 2015

Recently, with the development of the ICT environment, the use of the software is growing rapidly. And the number of the web server software used with a variety of users is also growing. However, There are also various damage cases increased due to a software security vulnerability as software usage is increasing. Especially web shell hacking which abuses software vulnerabilities accounts for a very high percentage. These web server environment damage can induce primary damage such like homepage modification for malware spreading and secondary damage such like privacy. Source code weaknesses checking system is needed during software development stage and operation stage in real-time to prevent software vulnerabilities. Also the system which can detect and determine web shell from checked code in real time is needed. Therefore, in this paper, we propose the system improving security for web server by detecting web shell attacks which are invisible to existing detection method such as Firewall, IDS/IPS, Web Firewall, Anti-Virus, etc. while satisfying existing secure coding guidelines from development stage to operation stage.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.2
• /
• pp.155-166
• /
• 2002

Even the short history of the Web system, the technology related to the Web system has been developed rapidly. Yet, the quality of the Web-based application software has not been improved that much. For this reason, the efficient method to develop the Web-based application software is needed. This paper describes the items necessary to develop the Web-based application software. On the basis of ISO/IEC 12207-Software Life Cycle Processes this paper mainly suggests the analysis and design stage of the Web-based model for developing software. Also, this paper describes the methods to define the process and the entity for applying contents to Web-based application software. With the web-based model suggested in this paper the Web-RoadMap Methodology of KCC Information & Communication, a system provider in Korea, has been applied to the public-domain projects. Through the application, Web-RoadMap Methodology has been proved to be an applicable model for analyzing and designing the systems based on the web environments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.817-828
• /
• 2018

Modern software, especially web-based software, is broadly used in various fields. Most web applications employ design patterns, such as a model-view-controller (MVC) pattern and a factory pattern as development technology, so the application can have a good architecture to facilitate maintenance and productivity. A web application, however, may have defects and developers must fix the defects when a user submits bug reports. In this paper, we propose a novel approach to improving fault traceability in web application by using software revision information and software behavior model to reduce costs and effectively handle the software defect. We also provide a case study to show effectiveness of our approach.

• The KIPS Transactions:PartD
• /
• v.12D no.4 s.100
• /
• pp.569-582
• /
• 2005

As information and business communication via Internet are growing up, web-based software is wide spread and more important on the viewpoint of software qualify than stand-alone. Research on verification of web content links and web-based Program was tried, but has short on covering various types of web based software and making experiments to be applied in real testing practice. This paper suggests a modeling technique to be applied to dynamic and various types of web-based software. First, it identifies each elements consisting of web-based software and then construct a model of Object Control Flow Graph and Object Relationship Diagram. We can generate test cases covering all test paths of ORD or invoking key points test route. Suggested modeling method and test case selection technique are verified by applying five types of web-based software and compared with other web-based test techniques.

• Korean Journal of Remote Sensing
• /
• v.25 no.6
• /
• pp.559-569
• /
• 2009

During over decades, metadata on spatial data have been developed, and they have been widely applied at the national and international metadata standards such as file structure, format, and data model. However, in the web 2.0 paradigm toward user participation and openness, sources and contents of geospatial products are also diversified, not being limited to well-organized and structured data sets or databases. Especially, software products in both open source software and commercially packaged software are considered into important resources in the geospatial domain. But there are no reports or studies regarding software metadata from the side of software engineering or information technology, till now. The motivation of this study is based on practical needs to build search engine in the intelligent geospatial web. Brief review on current metadata standards is presented, and necessity for software metadata is discussed as well as related works. Basic elements, initially considered, of software metadata are presented. This work is the first attempt for software metadata, although it just covers geospatial software products. Further practical works to meet industrial demands need to actual applications of software metadata.

• Journal of Internet Computing and Services
• /
• v.5 no.2
• /
• pp.85-95
• /
• 2004

The web-based project is seriously not efficient area at software engineering. In order to develop a web-based system, UI(User Interface) designers usually first design display layout and then business logic developers bring to complete the coding of the display layout source. In the case of maintenance, it goes through the same process, This kinds of web-based software development method were proposed by the various methods same as the tag library of JSP, But there are many problems to apply them and they are low productive comparing to the CIS based software development method, WFS(Neb Form System), which is suggested on this thesis, separates UI design from business logic on a web project and offers the better environment to develop web based software, Eventually WFS will improve the productivity to develop web based software.

• The Journal of the Korea Contents Association
• /
• v.2 no.4
• /
• pp.59-66
• /
• 2002

As for the software development, it is complicated, and size of software is growing larger. And contraction of a software development period is required acutely because it is short a period of software life cycle. Also, it becomes harder development and a maintenance because it is short a life cycle of developed software. According to this an effort is increased in order to reduce a development cost and time as using a component to have been implemented previously in development of software. A current component technology is developing into a very fast speed and is bringing a large change into development of a Web base system in addition to existing software development method. In this paper, we were handling a related technology for Web system development of a CBD base systematically and derived an issue to apply it to development of a Web system and presented an efficient practical use method of a component technology. First of all we looked into a component technology and a CBD methodology systematically and described a component technology in Web. Also, we proposed a method to increase development and efficiency of practical use of a Web system based on a component. The this study result can decrease a development cost of a Web system and a load of maintenance management through the re-use of a code.

• Journal of Institute of Control, Robotics and Systems
• /
• v.17 no.9
• /
• pp.908-915
• /
• 2011

As the requirement of user for robot functionality, the function and interface for controlling the robot system is more sophisticated and complicated. Accordingly development process of robot is more complicated and it takes much longer time to develop a robot system. Software development using project management tool is more important in software engineering because of the complexity of software, especially robot system. This paper proposes SEED (Software Engineering Equipment for Development), which is a web-based and integrated software engineering tool to provide independent tools for robot software development. SEED includes the document management tool, the software configuration management tool, the software testing tool on developing robot software and provide a functionality of collaborated and remote development due to WEB-based operations.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2007.05a
• /
• pp.101-110
• /
• 2007

Current strategic trends in service distribution and software development in response to Web as a platform represent a paradoxical concurrent pursuit of 'economy of scale' and 'service'. From the software perspective, the major novel elements of the Web 2.0 era are Web as a platform and the emergence of long-tail service enabling web sites to function as an independent distribution channel. The current study analyzed the platform strategy for establishing a community of interactive developer and customers taking the issue of economy of scale into consideration. Software industry should face the new reality and utilize the open source community for cost minimization and securing customer base. Furthermore, Lego-style software development should be adopted for maintaining cost-competitiveness in customized software development.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.1
• /
• pp.33-54
• /
• 2010

Providing a secure 3-tier Web application has become a high priority for companies as e-businesses have increased the amount and the sensitivity of corporate information that can be accessed through the web. Web applications become more difficult to secure with this very increase in online traffic and transactions. This paper first reviews the 3-tier of web application, types of attacks that can threaten web application services and security principles. We then are designing and implementing a secure web application with open source software that able to mitigate the web application vulnerable to attack.