• Journal of Internet Computing and Services
• /
• v.13 no.1
• /
• pp.75-81
• /
• 2012

Previous RFID systems exclusively manage the tags and readers for each company in individual manner. Thus, RFID system manager should understand and design specifications such as tag events, data format, and etc, based on individual companies. But it is very difficult to know all statements. To resolve theses problems, there has been conceptual research about policy-based RFID service management model that is not restrained from standards of typical RFID systems, including EPCglobal standard, and ISO/IEC standard. However, previous proposed service management model only aimed event management without including device management. Therefore, in this paper, we propose extended device management policy model for giving shape to the proposed policy-based RFID service management model. If the proposing device management policy model is used for device management, we can integrate control management for heterogeneous middleware, diverse RFID devices, and applications for each company. Moreover, we show that the RFID device management policy is translated and processed as an example using the proposing policy model in real-time RFID system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.6
• /
• pp.1364-1370
• /
• 2005

There are many security models for database systems using policy-based access control. RBAC (Role-based Access Control) is used for complementing MAC (Mandatory Access Control) and DAC (Discretionary Access Control) and is for performing flexibly security policies meet applied environment. We implemented the database security system that applies DAC, MAC, and RBAC to meet security requirements of users. However, security policies are constructed redundantly whenever security policies are needed to each user in this system. Even though the proposed security system can flexibly control more complicated 'read' access to various data sizes for individual users, it is obvious that there is a possibility that a new policy can be a duplication of existing policies. In this paper, we introduce the problem of policy duplication and propose the policy management module. With this proposed module, constructed policies are checked for duplication and deleted or merged with existing policies.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.119-125
• /
• 2007

On account of limited resources and diverse topology change. it is difficult to manage MANET and guarantee QoS. In current MANET, QoS grantee is exceedingly significant. However, today's MANET are being concentrately worked on MAC protocols and routing protocols. Thus we proposed a framework for effective management of MANET and supporting QoS using policy based network management paradigm and active network technology. Since this framework employs the policy-based management approach in active network environment, it provides an abstract and autonomous management method to network managers.

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.289-300
• /
• 2005

This paper proposed an analytical framework to compare and model the policy-based network management; centralized and distributed typed model. Policy-based network is introduced in various application fields, and a policy framework can offer different processing performance according to application. Therefore, we evaluated the performance and extensibility of each PBNM model when we apply the policy process to the models. The evaluated measurement metrics are policy provisioning time, traffic occurrence amount, PDP processing rate, and global conflict detection in qualitative simulation. The results show that the suitable structure is required according to the analysis for the careful application characteristics, when PBNM is adopted. The modeling framework presented in this paper is intended to quantify the merits and demerits among the currently suggested PBNM models.

• The KIPS Transactions:PartC
• /
• v.8C no.5
• /
• pp.573-584
• /
• 2001

Policy-Based Network Management (PBNM) architecture is to meet various needs of network users and to provide effective management facilities in distributed and large scale networks to network managers. In PBNM, network managers perform network management operations by stipulating a set of rules rather than control each network component. On the other hand, providing security services such as authentication, privacy of messages as well as a new flexible and extensible administration framework, SNMPv3 enables network managers to monitor and control the operation of network components more secure way than ever before. Despite of its enhanced security services, SNMPv3 has difficulties in managing distributed, large-scaled network because it does not provide centralized security management facilities. In this paper, we propose a new security model called Role-based Security Management model (RSM) with security management policy to support scalable and centralized security management for SNMP-based networks. Also, the structure and the operation of the security system as well as the efficiency analysis of RSM in terms of security management are also described.

• Journal of Korea Multimedia Society
• /
• v.7 no.5
• /
• pp.721-736
• /
• 2004

Because of increasing the notebook computer and PDA, users' requirement with respect to mobility is growing more and more. However, current IP protocol is not changed IP address and can not deliver IP packets on new location of host in case moving another network. To solve this problem, the IETF has proposed mobile IP. Today users want to be provided suitable QoS in the internet since demand of services is variety. The policy-based network management is method which can solve various problems of QoS, security, and complication of management in IP networks. This paper presents the network topology constitution, operation procedure and architecture of policy-based network management for providing internet DiffServ on mobile IP environment. In this paper we propose policy classes of policy-based DiffServ network management on mobile environment and create policy scenarios using the proposed policy description language to represent the policy classes. Finally, we implemented a policy-based DiffServ network management system on mobile IP environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5B
• /
• pp.414-426
• /
• 2003

XML is being used to describe components and applications in a vendor and language neutral. Therefore it already has a role in distributed system. XML is also being used as a data interchange format between components and applications in loosely coupled large-scale application. Until now, policy is described for specific applications and devices. Its use has been very limited. In current network management system, we can only invoke predefined operations and actions using policy-based network management. The main motivation for the recent interests in policy-based networks is to support dynamic adaptability of behavior by changing policy without recoding or stopping system. For these reasons we present the use of the XML for describing the policy and PIB(Policy Information Base) in COPS-PR. It improves flexibility and interoperability among heterogeneous network systems. It also can add new functionality into network components. In this paper, we propose a dynamically extensible network management architecture using XML-based PIB.

• Review of KIISC
• /
• v.13 no.1
• /
• pp.13-21
• /
• 2003

정보통신 기술의 발전과 인터넷의 사용자 증가로 인해 인터넷은 사회 각 분야에 다양하게 활용되고 있으나, 해킹 및 사이버테러에 대한 역기능이 증가되고 있는 실정이다. 최근 이를 위한 정보보호 시스템과 정보보호 관리기술이 연구 개발되고 있다. 본 고에서는 인터넷에 구축되어 있는 다양한 방화벽, 침입탐지 시스템 등의 정보보호 시스템을 효율적으로 관리하기 위해 인터넷에서 정책 기반의 정보보호 시스템에 대한 관리기술과 이들의 분산 시스템에서 보안정책의 정보공유 기술을 살펴본다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.11
• /
• pp.3176-3182
• /
• 2009

The PBNM on MANET is being researched to ensure the reliability and efficiency between mobile nodes. Therefore, it is essential to determine the cluster effectively which will perceive the movements of nodes and distribute the policies. In PBNM mechanism, to determine the node cluster for PDP and manage PEP nodes, Active PDP Discovery Protocol is proposed as a mechanism which is more efficient than preexistent techniques. While k-hop cluster selects the PEP nodes which PDP node manages, Active PDP Discovery actively selects the PDP node among the moving PEP node. This method prevents orphan nodes that are not connected to PDP and reduces continual broadcasting messages. This paper implements Active PDP Discovery which determines cluster in the real networks and analyzes its capability, expanding COPS-PR to detect the movement of nodes and adding MNL to PDP node.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1815-1818
• /
• 2003

인터넷 사용의 급증으로 통신망 관리와 정보보호 시스템에 대한 연구 개발이 급속히 이루어지고 있으며, 정보보호를 위한 시스템이 개별적으로, 구축하고 있다. 구축된 정보보호 시스템은 사설망과 WAN에서 독립적인 시스템으로 운영관리 되고 있는바, 사설망과 공중망 간의 통합적인 정보보호 관련 정보공유의 부재 및 상호 호환성이 없는 실정으로 사이버 테러와 효율적인 정보보호 관리에 능동적인 대처를 하지 못하고 있다. 본 논문에서는 정책 기반의 방화벽, IDS, 라우터 등의 정보보호 시스템에서 보안정책 정보를 공유하여, 보안 시스템을 손쉽게 제어관리 가능한 보안정책 정보모델을 제시하였으며, UML를 사용하여 보안정책 객체들 간의 접속과 정보공유 모델을 확인하였다.