• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10c
• /
• pp.175-177
• /
• 2001

전화 서비스를 교환 기능에서 분리하여 생성, 수행, 관리하는 개념으로 서비스를 전달계층으로부터 분리하여 제어계층에 두어 다양하고 유연한 서비스를 제공 가능하게 함으로써 망의 지능을 실현하게 하는 것을 지능망과 급속도로 팽창하고 있는 인터넷 망과의 연동은 차세대 ALL-IP망으로 가기 위해 과도기적으로 필요한 과정이다. 이 논문에선 SIP 기반으로 NGN에서의 지능망 서 비스 구조를 제안한다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.10
• /
• pp.1101-1108
• /
• 2015

In this paper, to provide a method and system for providing a network separation virtual machine environment. How to provide this virtual machine environment include phase generating necessary virtual resource requirement for the perform of virtual function and transfer to network changing protocol about request of registration virtual resource. For this reason, Registration procedure is to use a virtual machine for a virtual computing resource allocation and separation combined network any time, it became possible between servers and clients, or mobile phone. At any time, it is possible to process the work in the same environment as in a computer to access the Internet.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.37 no.6
• /
• pp.1-11
• /
• 2000

In this paper, we propose a novel control signaling protocol that efficiently controls connection setup and increases the utilization of network resources. The proposed protocol, Separated Control Signaling Protocol(SCSP), separates bearer control from call control lot WDM optical networks. The main function of call control is to check the availability of network resources such as wavelengths and receivers at destination node. Bearer control is to reserve and assign wavelengths. The signaling architecture of this protocol consists of call controller and hearer controller The call controller handles call setup and release, activates the beater controller, and manages the status of call and bearer. The bearer controller reserves wavelengths, sets up bearer, tears down bearer. and notifies the status of beater to call controller. The state transition diagrams of each controller are designed. Using control messages and related primitives, the information flows for call setup and bearer setup, hearer teardown and call release, and reaction for setup failures are described to evaluate the performance. The simulation results show that the separated control signaling protocol is superior to conventional one in terms of call blocking probability and resource utilization.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.525-536
• /
• 2012

This paper proposes methods of securing Smart Grid system against various types of cyber threats by separating AMI networks from the public network, the Internet, and providing an AMI specific authentication framework. Due to the fact that thousands and millions of AMI devices to be deployed would be directly or indirectly connected to the public network without any authentication procedures for access control, currently being developed AMI architectures could be widely exposed to considerable number of penetrating attacks. Furthermore, there have not been a sufficient number of researches on authentication frameworks with basis on the specific circumstances of AMI networking that should support varied authentication protocols among security associations and AMI linking devices. This work makes a proposal of isolating smart meters from HAN devices and the Internet and integrating network/application level authentication frameworks with an EAP-based authentication architecture. These approaches are beneficial to deploy AMI with security and efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.859-866
• /
• 2019

Cybersecurity attack targeting a specific user is rising in number, even enterprises are trying to strengthen their cybersecurity. Network segmentation environment where public network and private network are separated could block information coming from the outside, however, it is unable to control outside information for business efficiency and productivity. Even if enterprises try to enhance security policies and introduce the network segmentation system and a solution incorporating CDR technology to remove unnecessary data contained in files, it is still exposed to security threats. Therefore, we suggest a system that uses file format conversion to transmit a secure file in the network separation environment. The secure file is converted into an image file from a document, as it reflects attack patterns of inserting malicious code into the document file. Additionally, this paper proposes a system in the environment which functions that a document file can keep information for incident response, considering forensic readiness.

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.43-50
• /
• 2013

Recently, Cyber threats that is doing intelligence and sophistication from the organization's information assets to secure order technical disciplines, as well as managerial and environmental sectors, such as mind-response system is must established. In this paper, possible to analyze the case for the theory in network security, such as the logical network and physical network separation suitable for the corporate environment and constantly respond and manage the Information Security Management Model A secure network design is proposed. In particular, the proposed model improvements derived from the existing network, network improvements have been made in order to design improved ability to respond to real-time security and central manageability, security threats, pre-emptive detection and proactive coping, critical equipment in the event of a dual hwalreu through applied features such as high-availability, high-performance, high-reliability, ensuring separation of individual network security policy integrated management of individual network, network security directional.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.12
• /
• pp.42-53
• /
• 2011

As IT industry using networks have been developed explosively, online operations that were conducted in offline are increasing rapidly, and even relationship with other people made online. As online crimes are increasing accordingly, building security networks is getting very important. As a result, network separation between business and organization network has been performed recently, but this causes network user inconvenience and efficiency reduction. In this paper, we propose reassociation methods for already separated networks for many public organizations. We implement two reassociation methods using NAT device and shared storage and show their experimental results.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.11 no.1
• /
• pp.37-44
• /
• 2016

In this paper, to provide a method for providing a network separation subscriber's facilities. How to provide this subscriber's facilities include phase generating authorization key in server, saving activation file in portable data medium included server's authorization key, executing saved activation file in client's portable storage and providing virtual machine by result client's execute file. In case of moving work, the virtual subscriver's facility can provide for a business traveler.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.784-787
• /
• 2006

In this paper, we propose a method for nonlinear grapheme segmentation in Korean printed character type classification. The characters are subdivided into six types based on character type information. The feature vector is consist of mesh features, vertical projection features and horizontal projection features which are extracted from gray-level images. We classify characters into 6 types using Back propagation. Character segmentation regions are determined based on character type information. Then, an optimal nonlinear grapheme segmentation path is found using multi-stage graph search algorithm. As the result, a proposed methodology is proper to classify character type and to find nonlinear char segmentation paths.