• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.3
• /
• pp.172-183
• /
• 2010

Virtual memory systems (VM) reduce disk I/Os caused by page faults using page prefetching, which reads pages together with a desired page at a page fault in a single disk I/O. Operating systems including 4.4BSD attempt to prefetch as many pages as possible at a page fault regardless of page access patterns of applications. However, such an approach increases a disk access time taken to service a page fault when a high portion of the prefetched pages is not referenced. More seriously, the approach can cause the memory pollution, a problem that prefetched pages not to be accessed evict another pages that will be referenced soon. To solve these problems, we propose an adaptive page prefetching control scheme (APC), which periodically monitors access patterns of prefetched pages in a process unit. Such a pattern is represented as the ratio of referenced pages among prefetched ones before they are evicted from memory. Then APC uses the ratio to adjust the number of pages that 4.4BSD VM intends to prefetch at a page fault. Thus APC allows 4.4BSD VM to prefetch a proper number of pages to have a better effect on reducing disk I/Os, though page access patterns of an application vary in runtime. The experiment of our technique implemented in FreeBSD 6.2 shows that APC improves the execution times of SOR, SMM, and FFT benchmarks over 4.4BSD VM by up to 57%.

• The KIPS Transactions:PartD
• /
• v.10D no.5
• /
• pp.773-780
• /
• 2003

SecuROS(Secure & Reliable Operating System) prevents and blocks possible system cracking by implementing additional security functions in FreeBSD 4.3 operating system (OS) kernel, including access control, user authentication, audit trail, encryption file system and trusted channel. This paper describes access control technique, which is one of core technologies of SecuROS, introduces the implementations of DAC, MAC and RBAC, all of which are corresponding access control policies, and show security and results of performance measurement on the basis of application of access control policies. Finally, security and performance between conventional OS environment and environment adopting access control policy is described.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.145-147
• /
• 2003

Qlpus 실시간 운영체제는 네트워크 지원을 위해 범용 목적으로 사용되는 4.4 BSD 기반의 통신 프로토콜을 가지고 있으므로 메모리 요구량이나 동작 면에서 자원이 제약된 소형 임베디드 시스템에는 적합하지 않다. 본 연구에서는 인터넷 접속을 위한 필수 기능만을 포함하여 정보가전기기와 같은 소형 시스템에 적합한 마이크로 TCP/IP를 Qplus의 네트워크 모듈로 이식하고, 이를 기반으로 사용자가 웹 브라우저를 통해 실험보드를 제어할 수 있도록 임베디드 웹 서버와 CGI를 구현하였다.

• Journal of KIISE:Computer Systems and Theory
• /
• v.36 no.6
• /
• pp.476-487
• /
• 2009

The virtual memory system in 4.4 BSD operating systems exploits a clustering scheme to reduce disk I/Os in paging out (or flushing) modified pages that are intended to be replaced in order to make free rooms in memory. Upon the page out of a victim page, the scheme stores a cluster (or group) of modified pages contiguous with the victim in the virtual address space to swap disk at a single disk write. However, it fails to find large clusters of contiguous pages if applications change pages not adjacent with each other in the virtual address space. To address the problem, we propose a new clustering scheme called Multiple-Object Clustering (MOC), which together stores multiple clusters in the virtual address space at a single disk write instead of paging out the clusters to swap space at separate disk I/Os. This multiple-cluster transfer allows the virtual memory system to significantly decrease disk writes, thus improving the page-out performance. Our experiments in the FreeBSD 6.2 show that MOC improves the execution times of realistic benchmarks such as NS2, Scimark2 SOR, and nbench LU over the traditional clustering scheme ranging from 9 to 45%.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.205-207
• /
• 2002

컴퓨터의 이동성을 지원하기 위해 1996년 IETF (Internet Engineering Task Force)에서 mobile IPv4 를 제정하였고 이에 따른 구현 사례가 등장하였다. 그러나 현재까지 국내외 대학에서 발표된 구현 사례는 주로 유닉스 기반의 플랫폼(리눅스, BSD)에서 개발되었으며 가장 보편적으로 사용되고 있는 운영체제인 윈도우에서, 라우팅 정보가 변경되면 재부팅을 해야 하는 결함때문에 개발에 어려움이 있었다. NT 기반의 윈도우즈가 출시됨에따라 윈도우 플랫폼에서 Mobile IP의 구현이 가능하게 되었으며 본 연구실에서는 윈도우즈 2000 플랫폼에서 Mobile IPv4를 위한 mobile node를 설계하여 POSTECH MIP mobile node를 개발하였다. FOSTECH MIP mobile node는 확장성과 효율성을 목표로 설계되어 커널 스페이스(kernel space)와 유저 스페이스 (user space)에서 동작하도록 구현되었다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1747-1750
• /
• 2003

IT 제품 및 시스템의 보안성 평가를 위한 국제표준(ISO/IEC15408)인 공통평가기준(CC)은 해당 평가 보증등급(EAL, Evaluation Assurance Level)의 요구사항에 따라 평가대상 제품(TOE, Target of Evaluation), 제품의 개발 및 운영 문서를 포함하는 평가제출물을 요구하고 있다. 개발자가 공통평가기준을 적용하여 제품의 보안성을 개선하고 성공적으로 평가인증서를 받기 위해서는 상당한 노력이 요구된다. 대부분의 개발자는 제품 개발 완료 후 제품의 보안성을 검토하고 평가를 준비하므로 리엔지니어링 등 추가적인 비용과 시간을 투입해야 하는 문제가 있다. 본 논문에서는 BSD(Berkeley Software Distributions) 4.4 기반의 운영체제인 MTOS(Mitretek)를 개발한 사례를 통하여 개발과정과 요구사항 및 평가준비를 위한 평가제출물 작성과의 연계성을 제시하였다. 개발자는 본 논문에서 제시한 연계성을 활용하여 소프트웨어 제품의 개발과정에 공통평가기준을 적용하여 제품의 보안성을 제고하고 보안성 평가를 준비하는데 시간과 노력을 절감할 수 있다.

• The KIPS Transactions:PartA
• /
• v.15A no.5
• /
• pp.275-286
• /
• 2008

Fast File System(FFS) utilizes large disk bandwidth to improve the write performance of large files. One way to improve the performance is to write multiple blocks of a large file at a single disk I/O through the disk bandwidth. However, rather than disk bandwidth, the performance of small file writes is limited by disk access times significantly impacted by disk movements such as disk seek and rotation because FFS writes each of small files at a single disk write. We propose CW-FFS (Co-Writing Fast File System) to improve the write performance of small files by minimizing the disk movements that are needed to write small files to disks. Its key technique called co-writing scheme is to dynamically collect multiple small files named by a given directory and then write them at a single disk I/O to contiguous disk locations. Co-writing several small files at a single disk I/O reduces multiple disk movements that are needed for small file writes to one single disk movement, thus increasing the overall write performance of write-intensive applications. Furthermore, a file allocation scheme is introduced to prevent co-writing scheme from having a negative impact on disk spatial locality of small files named by a given directory. The measurement of our technique implemented in the OpenBSD 4.0 shows that CW-FFS increases the performance of small file writes over FFS in the range from 5 to 35% in the Postmark benchmark.