• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37B no.10
• /
• pp.877-888
• /
• 2012

Network virtualization technology is a crucial research issue of Future Internet which pursues a service-oriented architecture so-called NaaS (Network as a Service) or SDN (Software Defined Network). Network virtualization is expected to play an important role in Future Internet researches as a network testbed technology which enables innovative protocols to be experimented independently on a common testbed environment. We propose a control framework in order to provide user defined topology and bandwidth services with network virtualization and to separate and manage multiple-user traffics in a small and medium scale - single domain research network. The proposed framework (VIMS; Virtual network Integrated control and Management System) supports testbed expansions without any changes of heterogeneous virtual network support equipments through accommodation of each equipment's control plane. The framework shows a feasibility through applied to KOREN and we describe the differences and further study directions for improvement the framework comparing with GENI control framework.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.4B
• /
• pp.235-245
• /
• 2005

In this paper, a simplified QoS model of MPLS-based backbone network. Conventional scheme proposed by IETF(IETF schem) is to embed a DiffServ model in MPLS network. However, this approach results in overall upgrade of MPLS system and so it is difficult to deploy this approach. Our proposed model, however, uses a Vidual Link which is a set of Label Switched Path(LSP) connected from an Ingress Label Edge Router(LER) to an Egress LER. In this model, Per-Hop-Behavior(PHB) is implemented only at each LSP in ingress LER and Core Label Switch Routers(LSRs) just guarantee each LSP's bandwidth, not service. This bandwidth guarantee service is fully provided by legacy MPLS model. Also we propose flow allocation mechanism and the flow distribution among LSPs of the virtual link by the flow according to the network status. To evaluate the simplified approach, the characteristics of the approach are compared logically with these of IETF's one through simulations.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06a
• /
• pp.313-315
• /
• 2011

인터넷의 급속한 발달로 빈번히 발생하고 있는 해킹 및 악성프로그램과 같은 사이버 공격으로부터 중요 정보를 보호하기 위한 망분리 기술이 요구되고 있다. 망분리에는 외부와 내부망을 물리적으로 분리하는 물리적 망분리와 가상화 기술을 이용하여 분리하는 논리적 망분리가 있다. 물리적 망분리는 망구축 및 유지비용이 높으며, 논리적 망분리는 보안 신뢰성이 낮다. 제안하는 LNP는 사이버 공격을 대응할 수 있는 논리적 망분리 방안으로 트래픽 유형을 탐지하여 망을 분리하고, 위협 요소 제거 시 망분리를 해제한다. 논리적으로 망을 분리하는 LNP는 트래픽 경로를 차단하여 중요 정보를 안전하게 보호할 수 있다.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.49 no.12
• /
• pp.164-170
• /
• 2012

A Virtual Reality Modeling Language (VRML) database access in remote virtual reality control platform for dyeing enterprise $MiWi^{TM}$ thermal sensor network is presented in this paper. The VRML-ASP framework is introduced for 3D real-time data plotting in this application. The activities of thermal sensor nodes and sensor area are analyzed. The database access framework is optimized for $MiWi^{TM}$ wireless sensor networks. The experimental results show that VRML-ASP database access framework could be a reliable and competitive data-manage candidate for targeted virtual reality remote industrial visualization application.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.625-632
• /
• 2003

We are view of the information on VPN(Virtual private Network) into each difference layer protocol. network on mutuality exchanged of information is importance of the confidentiality and Integrity. But it is presented problems about compatability and availability between variable equipment as several protocol. hence, it was achieved of the transmission through encryption and authentication of information, although there is secured an intended attack from the third intruder. so tunneling VPN system on achieving, each layer position transmit of mutuality exchanged. This study will investigate the codification and certified security status when layer2 and layer 3 informations are each transmitted using protocol with integrity Public Key. In addition, we will using protocol and the performance analysis difference between layers and layers.

• Journal of KIISE:Information Networking
• /
• v.37 no.2
• /
• pp.85-93
• /
• 2010

WLAN virtualization can make multiple simultaneous experiments, each of which is conducted by a separate researcher, share scarce wireless resources in an IEEE 802.11 WLAN. The experiment performed in a virtualized WLAN should be consistent with that in a non-virtualized WLAN. The more similar these two experimental results, the better the consistency. To this end, we propose a novel virtualization scheme that has good consistency by preventing multiple simultaneous experiments from interacting with one another, without any modifications to the IEEE 802.11 standard. Through an intensive simulation study, we confirm that the consistency depends not only on the number of simultaneous experiments but also on wireless channel characteristics such as Doppler frequency and Ricean factor. According to such dependencies, the proposed scheme is optimized, so that it supports good consistency.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10c
• /
• pp.4-6
• /
• 2003

IP망을 활용한 VPN(Virtual Private Network)에서의 QoS 보장 메커니즘과 광대역폭 제공에 대한 해결책으로 차세대 광 인터넷을 통한 OVPN(Optical VPN) 기술이 제시되고 있다. 차세대 광 인터넷의 구현이 IP/GMPLS(Generalized Multi­Protocol Label Switching) over DWDM(Dense Wavelength Division Multiplexing) 프로토콜 프레임워크로 표준화되고 있는 현실에 비추어, IP/GMPLS over DWDM 백본망을 통한 OVPN은 차세대 가상사설망으로써 멀티미디어 서비스 제공을 위한 최적의 방안이다. 이러한 차세대 멀티미디어 서비스 제공을 위한 OVPN에서는 서비스 클래스별로 차등화된 광 QoS 제공 및 보장 기술이 절실히 요구되고 있으므로, 본 논문에서는 차등화된 광 QoS 서비스(DOQS:Differetiated Optical QoS Service)를 제공하는 OVPN모델을 제시하고 제안된 DOQS­OVPN 모델의 QoS 지원 광경로상에서의 QoS Failure에 대한 서비스별 차등화된 Recovery 능력을 갖는 QoS 보장 프로토콜 프레임워크를 제안한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10c
• /
• pp.358-360
• /
• 2003

최근 인터넷 서비스는 최선형 서비스 제공 위주에서 인터넷 폰. 비디오 컨퍼런스, 가상현실. 인터넷 게임과 같은 실시간 멀티미디어 서비스들의 QoS 보장을 함께 지원하는 형태로 발전하고 있다. 차세대 인터넷 백본망에서 인터넷 서비스의 차별화된 요구사항을 만족시켜 주기 위해서는 각 응용 서비스들에 대한 QoS 프레임워크의 정립이 필수 불가결하다. 본 논문에서는 다양한 실시간 멀티미디어 서비스들에 대한 QoS 보장을 위해 차세대 인터넷 백본망의 QoS 프레임워크와 관계된 성능 요구사항을 분석하고. QoS 제공 기능과 트래픽 분산 기능을 용이하게 수행할 수 있는 MPLS 제어 기술과 차등화 서비스 기술을 같이 접목하여 새로운 형태의 차등화된 QoS 서비스 제공 방안을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.890-893
• /
• 2011

기업 내 주요 정보를 보호하기 위한 방안으로 다양한 솔루션이 제시되었으나 내부 자료의 유출을 막는데 한계가 존재하였다. 기업들은 이런 문제점을 해결하기 위한 대안으로 업무망과 인터넷망을 분리하여 사용하는 망 분리 솔루션을 도입하고 있다. 망 분리 솔루션은 PC 기반의 방식과 전환 장치기반, SBC 기반, PC 가상화 기반 방식으로 구분할 수 있다. 이러한 망 분리 솔루션은 망을 분리하는 방식에 따라 취약성이 존재할 수 있다. 따라서 본 논문에서는 망 분리 솔루션의 각 방식에 대하여 분석하고 망 분리 솔루션에 존재할 수 있는 취약성을 도출하고자 한다.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.69-75
• /
• 2018

The purpose of access control is to prevent computing resources from illegal behavior such as leakage, modification, and destruction by unauthorized users. As the cloud computing environment is expanded to resource sharing services using virtualization technology, a new security model and access control technique are required to provide dynamic and secure cloud-based computing services. The virtualization management convergence access control model provides a flexible user authorization function by applying the dynamic privilege assignment function to the role based access control mechanism. In addition, by applying access control mechanism based on security level and rules, we solve the conflict problem in virtual machine system and guarantee the safeness of physical resources. This model will help to build a secure and efficient cloud-based virtualization management system and will be expanded to a mechanism that reflects the multi-level characteristics.