• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.576-578
• /
• 2016

Various smart home IoT devices and services while the Internet of things is the development has been provided. The core of the smart home IoT service is that user control the device via the Internet communication. Communication of IoT devices, because most with an IP address within the private network, there is a difficulty in the remote control to control access from outside the network. Any of the methods for remote control, to determine the IP address of each other, there is a UDP hole punching for communication. To ensure the data communication success rate closed to 100%, the UDP hole punching must undergo a process of three stages in some cases. In this paper, to provide a system for managing the remote control policy based on the CEP in order to omit the unnecessary steps on the remote control of IoT devices using UDP hole punching.

• Journal of the Economic Geographical Society of Korea
• /
• v.25 no.2
• /
• pp.237-253
• /
• 2022

This article offers an account of how regional development policy in Korea has evolved under the influence of actor-networks comprising the cultural circuit of soft capitalism. In so doing, the roles played by transnational actor-networks forged between global consulting firms and national business media are emphasized. For this discussion, the waning of spatial Keynesianism in the country is contextualized in the first place, with particular attention to changing planning goals of key regional development policies including consultancies, influential policy gurus (e.g., Michael Porter and Richard Florida), and local business media outlet Maekyong are found to be key movers and shakers in the transition. These empirical findings call for striking a balance between dominant structuralist accounts and emerging actor-oriented approaches, and also help shed a new light on the dualistic conceptualization of managerialist and entrepreneurial governance in a way that the latter may be a new form of the former.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2022.05a
• /
• pp.510-511
• /
• 2022

물관리기본법의 시행 및 제1차 국가물관리기본계획의 이행에 따라 물관리 자료의 정보화 요구가 증가하고 있다. 과거 농업용수관리는 기초자료의 오류, 계측데이터의 부족 등이 한계점으로 지적되었으며, 과학화·표준화된 농업용수 물수급 분석 체계 구축 및 물정보의 정확성이 요구된다. 최근 통합물관리 국가정책 대응을 위한 물수급 분석 기반 마련을 목적으로 한국농어촌공사에서는 농업용수 용 배수 계통 정밀조사, 공간자료 재구축 등을 통한 농업용수 디지털 정보체계 구축 사업이 진행되고 있다. 연속수치지형도 및 토지피복, 스마트팜맵 등의 디지털 공간자료를 수집하고 현장조사와 영농조사를 바탕으로 최신화된 용배수계통도, 수혜면적 자료를 구축하였다. 본 연구에서는 디지털화한 용배수계통도를 이용하여 수리해석 모델 기초자료를 구축하고, 들녘단위 (주·보조수원, 저수지 및 양수장 등) 용수계통도 구현함으로써 수원공별 용수공급 네트워크를 분석하고자 한다. 농업용수 공급체계 반영이 가능한 EPA-SWMM (United States Environmental Protection Agency Storm Water Management Model)을 활용하여 다양한 물공급 시나리오를 적용하여 최적의 물관리 방안을 제시하고자 한다. 본 연구에서는 경기도 안성시 고삼저수지를 대상으로 연속수치지형도, 농경지전자지도, 고해상도 DEM 등을 활용한 디지털 조사와 수로 표고, 길이 및 너비 등 현장조사를 수행하였으며, 현장 물관리 방안을 적용하여 물분배 모의가 가능한 EPA-SWMM 기반 수원공-용수로-수혜구역을 연결하는 용수공급 네트워크를 구축하였다. 농촌용수종합정보시스템 (Rural Agricultural Water Resource Information System, RAWRIS)에서 제공하는 계측 자료를 활용하여 관개기간의 강수량, 소비수량, 증발산량, 공급량 등을 적용하여 농업용수 공급량, 배분량을 추정하였다. 본 연구의 결과는 물관리 담당자에게 상세한 현행 용수공급량 및 용수공급체계 정보 제공과 향후 국가물관리기본계획, 농어촌용수이용합리화계획의 물수급 분석 기초자료로 활용 가능할 것으로 사료된다.

• Journal of Internet Computing and Services
• /
• v.11 no.1
• /
• pp.35-48
• /
• 2010

For the next generation mobile communication system, diverse wireless network techniques such as beyond 3G LTE, WiMAX/WiBro, and next generation WLAN etc. are proceeding to the form integrated into the All-IP core network. According to this development, Beyond 3G integrated into heterogeneous wireless access technologies must support the vertical handover and network to be used of several radio networks. However, unified management of each network is demanded since it is individually serviced. Therefore, in order to solve this problem this study is introducing the theory of Common Radio Resource Management (CRRM) based on Generic Link Layer (GLL). This study designs the structure and functions to support the vertical handover and propose the vertical handover algorithm of which policy-based and MCDM are composed between LTE and WLAN systems using GLL and CRRM. Finally, simulation results are presented to show the improved performance over the data throughput, handover success rate and the system service cost.

• Journal of Internet Computing and Services
• /
• v.22 no.2
• /
• pp.11-17
• /
• 2021

Software-defined networking provides a programmable and flexible way to manage the network by separating the control plane from data plane. However, the limited switch memory restricts the number of flow entries in the flow table used to forward packets. This leads to flow table overflow and flow entry reinstallation, which severely degrade the network performance. Therefore, this paper proposes a comprehensive policy for timely eviction of inactive flow entries to optimally maintain flow tables usage. In particular, statistics of user datagram protocol flow entries are periodically sampled to enable the inactive entries to be evicted early. Through traffic-based experiments, we found that the proposed system reduces the number of overflow occurrences and flow entries reinstallation compared to the random and FIFO policies.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1095-1098
• /
• 2004

IP VPN의 사용은 현재 보편화 되었고 네트워크 장비의 통합 추세에 따라 IP VPN과 방화벽 통합제품의 생산이 활발히 이루어지고 있다. 통합 보안 제품은 비용 효율성과 관리의 편리성, 확장성, 유연성과 같은 장점을 제공하지만 높은 성능 지원을 요구한다. 방화벽의 성능 인자의 하나로서 정책의 개수는 그 수에 비례하여 검색 시간이 지연되는 문제를 발생시키고, 이러한 성능 저하 문제는 VPN과 통합 시 더욱 가중된다. 더욱이 차세대 네트워크인 IPv6로 환경에서는 IP의 비트수가 증가하여 검색 성능 문제 해결이 필수적으로 요구된다. 본 논문에서는 이러한 통합 제품의 검색 성능 문제에 관한 해결 방안으로 IPv6 주소의 특성을 사용한 메커니즘을 제안한다. 제시한 메커니즘은 보안 정책 테이블의 주소 필드를 IPv6 주소에 포함된 인터페이스 식별자로 대체하여 보안 정책 테이블의 검색 속도를 향상시키는 방법이다. 이 방법은 차세대 네트워크 환경에서 주목 되고 있는 보안 및 성능 문제에 대해 큰 역할을 할 것으로 기대된다.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.11a
• /
• pp.32-35
• /
• 2003

최근 국내외적으로 침해 공격 사고율이 증가에 대한 방안으로 여러 보안 기술이 개발되어 왔다. 그 중 방화벽은 내부의 중요한 자원과 외부 네트워크와의 경계를 생성하고, 정책기반의 접근제어를 효과적으로 제공하고 있지만 DoS공격, 변형 프로토콜을 통한 공격에는 효과적으로 막지 못한다. 또한 침입탐지 시스템은 공격, 침입, 원하지 않는 트래픽을 구별할 수 있다는 점에서 가치가 있지만 정확한 시점에 공격을 차단하지 못하며 침입탐지 이후에 생기는 불법행동에 대한 커다란 위협이 따르며, 실질적인 방어는 관리자의 수동적인 개입을 필요로 하게 된다. 본 논문에서는 이에 대한 해결 방안으로 방화벽의 침입차단 기능과 침입탐지 시스템의 실시간 침입탐지 기능을 갖춘 리눅스 기반의 공개 보안 툴을 결합한 침입방지 시스템을 설계 및 구현한다.

• The KIPS Transactions:PartC
• /
• v.17C no.3
• /
• pp.271-280
• /
• 2010

For the next generation mobile communication system, diverse wireless network techniques such as beyond 3G LTE, WiMAX/WiBro, and next generation WLAN etc. are proceeding to the form integrated into the All-IP core network. According to this development, Beyond 3G integrated into heterogeneous wireless access technologies must support the vertical handover and network to be used of several radio networks. However, unified management of each network is demanded since it is individually serviced. Therefore, in order to solve this problem this study is introducing the theory of Common Radio Resource Management (CRRM) based on Generic Link Layer (GLL). This study designs the structure and functions to support the vertical handover and propose the vertical handover algorithm of which policy-based and MCDM are composed between LTE and WLAN systems using GLL. Finally, simulation results are presented to show the improved performance over the data throughput, handover success rate, the system service cost and handover attempt number.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.10
• /
• pp.3171-3181
• /
• 2000

With a remarkable growth and expansionof Internet, the security issues emerged from intrusions and attacks such as computer viruses, dental of servives and backings to destroy intormation have been considered as serious threats for Internet and the provate networks. To protect networks from those attacks, many nendors have developed various security systems such as firewalls, intrusion detection systems, and access control systems. However managing those systems individually requres too much work and high cost. Thus, integrated security managemanet and eatabliashment of consistent security policy for various security products has become more important. In this paper, we propose integrated security manabement system called WISMSF(Web based Integrated Security Management System for Fireswalls) to monitor and contro various kinds of firewalls WISMSF consists of three components-clients, integrated engine, and agents. It supports the transparent management functions of security products, easy ways of defining security policies, and simple expansion of managed ranges.

• The Transactions of the Korea Information Processing Society
• /
• v.13 no.2
• /
• pp.48-59
• /
• 2024

As functions that support virtualization on their own in hardware are developed, user applications having various workloads are operating efficiently in the virtualization system. SR-IOV is a virtualization support function that takes direct access to PCI devices, thus giving a high I/O performance by minimizing the need for hypervisor or operating system interventions. With SR-IOV, network I/O acceleration can be realized in virtualization systems that have relatively long I/O paths compared to bare-metal systems and frequent context switches between the user area and kernel area. To take performance advantages of SR-IOV, network resource management policies that can derive optimal network performance when SR-IOV is applied to an instance such as a virtual machine(VM) or container are being actively studied.This paper evaluates and analyzes the network performance of SR-IOV implementing I/O acceleration is compared with Virtio in terms of 1) network delay, 2) network throughput, 3) network fairness, 4) performance interference, and 5) multi-network. The contributions of this paper are as follows. First, the network I/O process of Virtio and SR-IOV was clearly explained in the virtualization system, and second, the evaluation results of the network performance of Virtio and SR-IOV were analyzed based on various performance metrics. Third, the system overhead and the possibility of optimization for the SR-IOV network in a virtualization system with high VM density were experimentally confirmed. The experimental results and analysis of the paper are expected to be referenced in the network resource management policy for virtualization systems that operate network-intensive services such as smart factories, connected cars, deep learning inference models, and crowdsourcing.