• ETRI Journal
• /
• v.28 no.3
• /
• pp.311-319
• /
• 2006

This paper presents a terminal-assisted frame-based packet reservation multiple access (TAF-PRMA) protocol, which optimizes random access control between heterogeneous traffic aiming at more efficient voice/data integrated services in dynamic reservation TDMA-based broadband access networks. In order to achieve a differentiated quality-of-service (QoS) guarantee for individual service plus maximal system resource utilization, TAF-PRMA independently controls the random access parameters such as the lengths of the access regions dedicated to respective service traffic and the corresponding permission probabilities, on a frame-by-frame basis. In addition, we have adopted a terminal-assisted random access mechanism where the voice terminal readjusts a global permission probability from the central controller in order to handle the 'fair access' issue resulting from distributed queuing problems inherent in the access network. Our extensive simulation results indicate that TAF-PRMA achieves significant improvements in terms of voice capacity, delay, and fairness over most of the existing medium access control (MAC) schemes for integrated services.

• Journal of Communications and Networks
• /
• v.17 no.6
• /
• pp.592-601
• /
• 2015

Multitenancy has gained growing importance with the development and evolution of cloud computing technology. In a multitenant environment, multiple tenants with different demands can share a variety of computing resources (e.g., CPU, memory, storage, network, and data) within a single system, while each tenant remains logically isolated. This useful multitenancy concept offers highly efficient, and cost-effective systems without wasting computing resources to enterprises requiring similar environments for data processing and management. In this paper, we propose a novel approach supporting multitenancy features for Apache Hadoop, a large scale distributed system commonly used for processing big data. We first analyze the Hadoop framework focusing on "yet another resource negotiator (YARN)", which is responsible for managing resources, application runtime, and access control in the latest version of Hadoop. We then define the problems for supporting multitenancy and formally derive the requirements to solve these problems. Based on these requirements, we design the details of multitenant Hadoop. We also present experimental results to validate the data access control and to evaluate the performance enhancement of multitenant Hadoop.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.11
• /
• pp.1-11
• /
• 2022

In this paper, we propose an NFT(Non-Fungible Token)-based access control method for safely sharing data between users in blockchain environment. Since all data stored in the blockchain can be accessed by anyone due to the nature of the technology, it is necessary to control access except for authorized users when sharing sensitive data. For that, we generate each data as NFT and controls access to the data through the smart contract. In addition, in order to overcome the limitations of single ownership of the existing NFT, we separated the NFT into ownership and use rights, so that data can be safely shared between users. Ownership is represented as an original NFT, use rights is represented as a copied NFT, and all data generated as NFT is encrypted and uploaded, so data can be shared only through the smart contract with access control. To verify this approach, we set up a hypothetical scenario called Building Information Modeling (BIM) data trade, and deployed a smart contract that satisfies 32 function call scenarios that require access control. Also, we evaluated the stability in consideration of the possibility of decryption through brute-force attack. Through our approach, we confirmed that the data can be safely shared between users in blockchain environment.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.14 no.2
• /
• pp.87-96
• /
• 2019

Low power issue is one of the most critical problems in the Internet of Things (IoT), which are powered by battery. To solve this problem, various approaches have been presented so far. In this paper, we propose a method to reduce the power consumption by reducing the numbers of accesses into the flash memory consuming a large amount of power for on-chip software execution. Our approach is based on using cooperative logging structure to distribute the sampling overhead in single sensor node to adjacent nodes in case of rare-event applications. The proposed algorithm to identify event occurrence is newly introduced with negative feedback method by observing difference between past data and recent data coming from the sensor. When an event with need of flash access is determined, the proposed approach only allows access to write the sampled data in flash memory. The proposed event detection algorithm (EDA) result in 30% reduction of power consumption compared to the conventional flash write scheme for all cases of event. The sampled data from the sensor is first traced into the random access memory (RAM), and write access to the flash memory is delayed until the page buffer of the on-chip flash memory controller in the micro controller unit (MCU) is full of the numbers of the traced data, thereby reducing the frequency of accessing flash memory. This technique additionally reduces power consumption by 40% compared to flash-write all data. By sharing the sampling information via LoRa channel, the overhead in sampling data is distributed, to reduce the sampling load on each node, so that the 66% reduction of total power consumption is achieved in several IoT edge nodes by removing the sampling operation of duplicated data.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.2
• /
• pp.171-179
• /
• 2008

RBAC(Role based Access Control) is effective way of managing user's access to information object in enterprise level and e-government system. The concept of RBAC is that the access right to object in a system is not directly assigned o users but assigned by being a member of a role which is defined in a organization. RBAC is utilized for controling access range of privacy but it does not support the personal legal right of control over information and right of limited access to the self. Nor it contains the way of observation of privacy flow that is guided in a legal level. In this paper, extended RBAC model for protecting privacy will be suggested and discussed. Two components of Data Right and Assigning Data Right are added to existed RBAC and the definition of each component is redefined in aspect of privacy preservation. Data Right in extended RBAC represents the access right to privacy data. This component provides the way of control over who can access which privacy and ensures limitation of access quantity of privacy. Based on this extended RBAC, implemented examples are presented and the evaluation is discussed by comparing existed RBAC with extended RBAC.

• Journal of the Korean Data and Information Science Society
• /
• v.16 no.1
• /
• pp.157-163
• /
• 2005

In the Web, the data is generally gathered automatically by Web servers and collected in server or access logs. However, as users access larger and larger amounts of data, query response times to extract information inevitably get slower. A method to resolve this issue is the use of summary tables. In this short note, we design a prototype of summary tables that can efficiently extract information from Web log data. We also present the relative performance of the summary tables against a sampling technique and a method that uses raw data.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.387-396
• /
• 2003

Many studies have been done on secure kernel and encryption filesystem for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policy like ACL, MAC, RBAC and so on, but cannot protect user or system data from stealing backup media or disk itself. In addition to access control policy, there are many studies on encryption filesystem that encrypt file data within system level. However few studies have been done on combining access control policy and encryption filesystem. In this paper we proposed a new encryption filesystem that provides a transparency to the user by integrating encryption service into virtual filesystem layer within secure kernel that has various access control policies. Proposed encryption filesystem can provide a simple encryption key management architecture by using encryption keys based on classes of MAC policy and overcome a limit of physical data security of access control policy for stealing.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.14 no.1
• /
• pp.14-21
• /
• 2021

Green networking has become a issue to reduce energy wastes and CO2 emission by adding energy managing mechanism to wired data networks. Energy consumption of the overall wired data networks is driven by access networks, expect for end devices. However, on a global scale, it is more difficult to manage centrally energy, measure and model the real energy use and energy savings potential of the access networks. This paper presented the multiple linear regression model to predict energy consumption of wired access networks using supervised learning of machine learning with data collected by existing investigated materials, actual measured values and results of many models. In addition, this work optimized the performance of it by various experiments and predict energy consumption of wired access networks. The performance evaluation of the regression model was achieved by well-knowned evaluation metrics.

• 한국정보통신설비학회:학술대회논문집
• /
• 2007.08a
• /
• pp.121-124
• /
• 2007

This article describes a function and structure of access network equipment under BcN environment. Access network until now have constructed separately to offer voice, data service. However, simplifies network structure, function that can do traffic concentration, subscriber certification, individual charging, QoS according to service and routing is required in BcN. In this paper, compare method offering by separate system with existing access network and method that offer integrating function inside system for structure of suitable access network to BcN and search structure of access network equipment for desirable access network of hereafter. Composition of this paper is as following. In Chapter 2, establishment history and structure of access network until present. In Chaprte 3, define suitable requirement and functions to BcN. And compare structure for access net work that is new with present. Last Chapter 4, suggests direction of structure of BcN access network and concludes conclusion.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.5 no.1
• /
• pp.51-64
• /
• 1995

In distributed environments, the DB secure models have been being studied to include the multi-level mechanism which is effective to control access according to the level of the data value. These mechanisms have the problems. The first, it is impossible to maintain the global data which is protected in the multi-level mechanism. The second, the access and the relation of the data is not clear due to the access revocation between the local data and the global's. In this paper, we proposed the mechanism using shema. The mechanism doesn't have the access revocation, and provides the protection of the data and the control to the global data.