• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5B
• /
• pp.414-426
• /
• 2003

XML is being used to describe components and applications in a vendor and language neutral. Therefore it already has a role in distributed system. XML is also being used as a data interchange format between components and applications in loosely coupled large-scale application. Until now, policy is described for specific applications and devices. Its use has been very limited. In current network management system, we can only invoke predefined operations and actions using policy-based network management. The main motivation for the recent interests in policy-based networks is to support dynamic adaptability of behavior by changing policy without recoding or stopping system. For these reasons we present the use of the XML for describing the policy and PIB(Policy Information Base) in COPS-PR. It improves flexibility and interoperability among heterogeneous network systems. It also can add new functionality into network components. In this paper, we propose a dynamically extensible network management architecture using XML-based PIB.

• Convergence Security Journal
• /
• v.10 no.3
• /
• pp.69-75
• /
• 2010

At present, deterioration in service quality, which caused by increased network traffic from a lot of users in the same network, makes smooth communication service difficult. In this paper, we present policy-based QoS management system for VoIP service in order to supply smooth VoIP service to users. The presented system can guarantee quality of VoIP service even in huge traffic situation, and makes it possible to operate whole network in an efficient manner.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.574-576
• /
• 2002

VPN, 전자상거래 등의 인터넷 서비스들이 인터넷을 통해 빠르게 퍼져가고 있지만, 인터넷이 가지고 있는 보안 취약성 때문에 항상 해킹의 위험에 노출되어 있다. 이러한 해킹의 피해를 최소화하고 동적으로 침입을 감지할 수 있는 침입 탐지 시스템과 같은 보안 솔루션이 필요하다. 그리고, 보안 정책이 없는 관리 시스템은 보안 환경의 변화에 민첩하게 대처하지 못하고 통합된 관리 방법을 제시하지 못한다 이 논문에서는 표준화된 보안 정책과 분석, 유지, 복구 기능을 가지고 정책을 기반으로 동작하는 보안 관리 시스템을 설계하였다. 보안 관리 시스템은 정책에 따라 관리 상태를 설정하고, 정책의 통신을 위해 COPS를 이용한다. 그리고, 네트워크상의 패킷을 필터링하고 침입을 탐지하며 불법 침입을 통보한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.4B
• /
• pp.174-183
• /
• 2008

In this paper we design and implement a sensor network management framework(SNMF) for ubiquitous sensor networks(USNs). The SNMF employs the policy-based management approach for the autonomous and energy-efficient management of USNs. Moreover, a new light-weight policy distribution protocol called TinyCOPS-PR is designed and USN PIB for low-level policy is also defined. This allows the high-level policies defined by an administrator to translate into the specific low-level policies. The low-level policies are executed on sensor nodes so it can fulfill the proper management actions. The sensor nodes that receive some policies from an administrator perform local management actions according to those policies. SNMF can therefore realize small energy consumption and bring long network lifetime. It can also manage USNs automatically with a minimum of human interference.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1072-1075
• /
• 2007

유비쿼터스 컴퓨팅은 사용자에게 장소와 시간에 제약이 없이 자유롭게 네트워크에 접속 할 수 있는 환경을 제공하고 있다. 이러한 환경은 모든 정보의 공유 및 접근이 쉽게 이루어지는 반면, 인가되지 않은 사용자의 불법적인 접근도 쉽게 이루어질 수 있기 때문에 적합한 보안 정책이 필요하다. 특히 유비쿼터스 센서 네트워크의 센서 디바이스들은 제한된 전력을 이용하고 하드웨어적으로 작은 크기를 유지해야 하기 때문에 보안 정책 수립에 많은 제한이 발생하게 된다. 본 논문에서는 유비쿼터스 센서 네트워크에서 센서 노드의 제한적인 환경에서도 사용 가능한 공개키 기반의 보안 정책을 제안한다. 제안한 보안 프로토콜은 센서 노드에서 키 관리 및 보안 정책 적용을 최소한으로 포함시켜 저전력으로 사용 할 수 있는 공개키 기반의 보안 정책을 구현하였다. 성능 평가 결과 제안한 유비쿼터스 센서 네트워크에서 공개키를 사용한 저전력 보안 프로토콜은 센서 노드의 하드웨어 성능이 낮은 환경에서도 상대적으로 저전력으로 보안 정책의 활용이 가능 하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.131-138
• /
• 2003

With the Internet winning a huge popularity, there rise urgent problems which are related to Network Security Managements such as Protecting Network and Communication from un-authorized user. Accordingly, Using Security equipments have been common lately such as Intrusion Detection Systems, Firewalls and VPNs. Those systems. however, operate in individual system which are independent to me another. Their usage are so limited according to their vendors that they can not provide a corporate Security Solution. In this paper, we present a Hierarchical Security Management Model which can be applicable to a Network Security Policies consistently. We also propose a Policy Negotiation Mechanism and a Prototype which help us to manage Security Policies and Negotiations easier. The results of this research also can be one of the useful guides to developing a Security Policy Server or Security Techniques which can be useful in different environments. This study also shows that it is also possible to improve a Security Characteristics as a whole network and also to support Policy Associations among hosts using our mechanisms.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.5
• /
• pp.1-6
• /
• 2009

MANET(Mobile Ad-hoc NETwork), a network characterized that its moving nodes freely constructs Network topology, has other different characteristics. Because Policy based Network Management in MANET guarantees QoS between nodes, it is essential in applied areas like VANET which targets safety and convenience. In this paper, we use COPS-PR which is appropriate Policy Exchange Protocol for MANET, and implement DiffServ-based QoS in the real networks and experiment its capability.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.9
• /
• pp.1189-1198
• /
• 2002

Policy base management system that can satisfy various user's request in distributed system environment recently and manage network resources efficiently is required. Described policy base management information consisted of ECA(Event-Condition-Action) rules so that efficient management of various communication network and consistent management policy may be available in this paper. Policy is consisted of Event, Condition and Actions to achieve when condition is satisfied. And we can present formality of dynamic function of management object as applying policy to ATM congestion control model been applying in real environment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.1373-1376
• /
• 2002

인터넷 환경에서 멀티캐스팅 서비스를 제공하기 위한 응용프로그램과 양질의 서비스를 받고자 하는 사용자들의 요구를 만족시키기 위해 네트워크 관리에 관한 정책이 필요하며, 정책시스템은 네트워크에서 QoS를 가능하게 하는 요소이다. 본 논문에서는 리눅스 기반 환경에서 정책을 적용할 수 있는 정책서버에 해당하는 PDP와 클라이언트인 PEP구현, 디렉토리 서비스 프로토콜인 LDAP 사용 환경 구축에 초점을 두어 설계 및 구현하였다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.10C
• /
• pp.1033-1044
• /
• 2003

In this paper, we propose security management architecture that manages efficiently security systems that are produced by different companies and programmable middleware that can reduce the load of management traffic. The proposed architecture applies programmable networks technology to policy based network management (PBNM). The proposed architecture manages and cooperates various security systems using security policy. Also, the programmable middleware provides convenience of management and reduces the overhead of a policy server by translating security policy into execution command. In addition, using programmable middleware, an administrator can manage various security systems that are produced by different companies. We showed that the programmable middleware could reduce the load of management traffic by comparing processing time for enforcing and transferring of policies/messages between the proposed architecture and PBNM architecture.