• Journal of Digital Convergence
• /
• 제12권3호
• /
• pp.227-235
• /
• 2014

Mobile virtualization is an approach to mobile device management in which two virtual platforms are installed on a single wireless device. A smartphone, a single wireless device, might have one virtual environment for business use and one for personal use. Mobile virtualization might also allow one device to run two different operating systems, allowing the same phone to run both RTOS and Android apps. In this paper, we propose the techniques to virtualize the cores of a multicore, allowing the reassign any number of vCPUs that are exposed to a OS to any subset of the pCPUs. And then we also propose the real-time scheduling method to assigning the vCPUs to the pCPU. Suggested technology in this paper solves problem that increases time of real-time process when interrupt are handled, and is able more to fast processing than previous algorithm.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제18권11호
• /
• pp.2670-2677
• /
• 2014

The technique of virtual machine construction using hypervisor such as Xen and KVM is mainly used for implementation of cloud computing infrastructure. This technique is efficient in allocating and managing resources compared to the existing operation methods. However it requires high resource usage when constructing virtual machines and results in wasting of resources when not using the allocated resources. Docker is a technique based on the container method to resolve such a problem. This paper shows the container method such as Docker is efficient as a web construction technique by comparing virtual machine method to container method. It is shown to be especially useful when storing data into DB or storage devices in such environments of web server or program development. In the upcoming cloud computing environment the container method such as Docker is expected to improve the resource efficiency and the convenience of management.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 한국정보통신학회 2014년도 춘계학술대회
• /
• pp.291-294
• /
• 2014

By building an environment that can utilize big data, many companies are interested in the cloud computing technology that has increased its popularity recently. By developing cloud environments from existing virtual environments, in the process, we discovered a variety of security vulnerabilities such as management, virtual machines, hypervisors, hardware etc. The security techniques from administrative aspects in the cloud environment provide the environment which can securely store data by the identification and control of security threats. In this paper, we investigate a list of companies which supports the cloud services and the types of services, and analyze the security threats according to the administrative aspects in the cloud environment. In addition, we suggest the direction for future improvements by investigating accidents or incidents which occurred recently.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제22권6호
• /
• pp.1355-1362
• /
• 2012

As the utilization of cloud computing service rapidly increases to meet demands for various forms of service recently, the virtualization technology has made a rapid rise, further leading to some issues related to security, such as safety and reliability. As a system to provide environments what multiple virtual operating systems can be loaded, hypervisors may be a target of various attacks, such as control loss and authority seizure, since all the agents fcan be damaged by a malicious access to the virtualization layer. Therefore, this paper was conducted to investigate the access control for agents and suggest a plan to control malicious accesses to the cloud virtualization internal environment. The suggested technique was verified not to have effect on the performance of the system and environment through an analysis of its performance.

• The Journal of Korean Institute of Next Generation Computing
• /
• 제13권3호
• /
• pp.26-33
• /
• 2017

Recently container technologies have been receiving attention for efficient use of the cloud platform. Container virtualization technology has the advantage of a highly portable, high density when compared with the existing hypervisor. Container virtualization technology, however, uses a virtualization technology at the operating system level, which is shared by a single kernel to run multiple instances. For this reason, the feature of container is that the attacker can obtain the root privilege of the host operating system internal the container. Due to the characteristics of the container, the attacker can attack the root privilege of the host operating system in the container utilizing the vulnerability of the kernel. In this paper, we propose a framework for efficiently detecting and responding to root privilege attacks of a host operating system in a container. This framework uses a memory trap technique to detect changes in a specific memory area of a container and to suspend the operation of the container when it is detected.

• Journal of Convergence for Information Technology
• /
• 제9권9호
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.