• Title/Summary/Keyword: Proxy Server

Search Result 228, Processing Time 0.024 seconds

Interworking of SIP Authentication with DIAMETER and Security Analysis (SIP와 DIAMETER의 인증 연동 및 안전성 분석)

  • 박성준;정수환;이병길;김현곤
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.3C
    • /
    • pp.426-435
    • /
    • 2004
  • The DIAMETER protocol provides Authentication, Authorization, and Accounting (AAA) transactions across the Internet. SIP(Session Initiation Protocol) will be used for new types of signaling, such as instant messaging and application level mobility across networks. And SIP will be a major signaling protocol for next generation wireless networks. But the Digest authentication scheme is not using a secure method of user authentication in SIP, and it is vulnerable to man-in-the-middle attacks or dictionary attacks. This study focused on designing a SIP proxy for interworking with AAA server with respect to user authentication and security analysis. We compared and analyzed the security aspects of the scenarios and propose two proposals that a response which include the user address and password-based mutual authentication and key agreement protocol. It is claimed to be more secure against common attacks than current scenarios.

Projection-based Performance Measurement Methodology of Session Initiation Protocol for the Next Generation Convergence Network (차세대 네트워크를 위한 프로젝션 기법 기반 SIP 성능 측정 방법론)

  • Lee, Kyou-Ho;Sung, Kil-Young
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.13 no.12
    • /
    • pp.2533-2540
    • /
    • 2009
  • Performance of processing protocols is one most important goal in a network or systems constituting the network. Measurement of performance, thus, is an essential element to not only establish the network but also develop systems. A projection in vector mathematics is the transformation of points and lines in one plane onto another plane by connecting corresponding points on the two planes with parallel lines. This is a method, as an application of vector mathematics, which is widely used in engineering as well to consider elements dedicated to the measurement object. This paper proposes a sound methodology for measuring the performance of the SIP protocol, which is based on the projection. The SIP protocol is a typical standard protocol for call-processing in the internet telephony of Next Generation Convergence Network. Owing to use the projected protocol which excludes unnecessary operation paths, the methodology can be effective in implementation and resource utilization. This paper also presents a process based on the proposed methodology to measure the performance of a SIP proxy server.

Real-Time Monitoring System Based on IPv6 over BLE (BLE 상의 IPv6 기반의 실시간 모니터링 시스템)

  • Kim, Seong-Woo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.2
    • /
    • pp.309-315
    • /
    • 2017
  • Recently it has drawn much attention on the technologies about Internet of Things (IoT) which connects objects with constrained resource and heterogenous communication module in order to communicate information via internet. We propose a real-time sensor monitoring system based on IPv6 over Bluetooth Low Energy (BLE), which is included in Bluetooth 4.2 Specification. Since this system uses a publish-subsribe based IoT protocol, so called Message Queueing Telemetry Transport (MQTT), neither transforming network data nor any proxy server is needed in order to transmit data. Through the web client connected to this system, you can monitor sensor data sent by BLE device in real-time, intermediated via MQTT broker and then delivered to the client via HTTP and websocket protocol. In this paper we evaluated network capacity and availability of the implemented test platform. Thus by using this system it is possible to make development cost low and to construct IoT network with heterogenous devices easily.

Cooperative Video Streaming and Active Node Buffer Management Technique in Hybrid CDN/P2P Architecture

  • Lee, Jun Pyo
    • Journal of the Korea Society of Computer and Information
    • /
    • v.24 no.11
    • /
    • pp.11-19
    • /
    • 2019
  • Recently, hybrid CDN/P2P video streaming architecture is specially designed and deployed to achieve the scalability of P2P networks and the desired low delay and high throughput of CDNs. In this paper, we propose a cooperative video streaming and active node buffer management technique in hybrid CDN/P2P architecture. The key idea of this streaming strategy is to minimize network latency such as jitter and packet loss and to maximize the QoS(quality of service) by effectively and efficiently utilizing the information sharing of file location in CDN's proxy server which is an end node located close to a user and P2P network. Through simulation, we show that the proposed cooperative video streaming and active node buffer management technique based on CDN and P2P network improves the performance of realtime video streaming compared to previous methods.

Securing Sensitive Data in Cloud Storage (클라우드 스토리지에서의 중요데이터 보호)

  • Lee, Shir-Ly;Lee, Hoon-Jae
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2011.04a
    • /
    • pp.871-874
    • /
    • 2011
  • The fast emerging of network technology and the high demand of computing resources have prompted many organizations to outsource their storage and computing needs. Cloud based storage services such as Microsoft's Azure and Amazon's S3 allow customers to store and retrieve any amount of data, at anytime from anywhere via internet. The scalable and dynamic of the cloud storage services help their customer to reduce IT administration and maintenance costs. No doubt, cloud based storage services brought a lot of benefits to its customer by significantly reducing cost through optimization increased operating and economic efficiencies. However without appropriate security and privacy solution in place, it could become major issues to the organization. As data get produced, transferred and stored at off premise and multi tenant cloud based storage, it becomes vulnerable to unauthorized disclosure and unauthorized modification. An attacker able to change or modify data while data inflight or when data is stored on disk, so it is very important to secure data during its entire life-cycle. The traditional cryptography primitives for the purpose of data security protection cannot be directly adopted due to user's lose control of data under off premises cloud server. Secondly cloud based storage is not just a third party data warehouse, the data stored in cloud are frequently update by the users and lastly cloud computing is running in a simultaneous, cooperated and distributed manner. In our proposed mechanism we protect the integrity, authentication and confidentiality of cloud based data with the encrypt- then-upload concept. We modified and applied proxy re-encryption protocol in our proposed scheme. The whole process does not reveal the clear data to any third party including the cloud provider at any stage, this helps to make sure only the authorized user who own corresponding token able to access the data as well as preventing data from being shared without any permission from data owner. Besides, preventing the cloud storage providers from unauthorized access and making illegal authorization to access the data, our scheme also protect the data integrity by using hash function.

Design and Implementation of a WML Converter and WML Editor for Automatic Generation of Wireless Internet Content (무선 인터넷 컨텐츠의 자동 생성을 위한 WML 변환기와 WML 편집기의 설계 및 구현)

  • Jeon Yun-Ju;Choi Eun-Hye;Jung Hyun-Suk;Cho Hyeyoung;Lee Minsoo;Yong Hwan-Seung
    • The KIPS Transactions:PartD
    • /
    • v.12D no.2 s.98
    • /
    • pp.309-318
    • /
    • 2005
  • In order to present wireless Internet users with previously created HTML contents and applications, it is essential to research and develop the technology to efficiently convert HTML documents into documents and further provide a way to edit the WML documents. This paper describes the design and development of a WML converter and WML editor The WML converter can convert HTML pages in real time into WML documents that are suitable for the WAP environment. The WML editor enables creation and modification of WML documents in a WYSIWYG fashion. These tools enable the previous services based on HTML documents to be easily adapted to the wireless environment. The developed WML converter can be installed on a proxy server to support real time conversion of Web contents. It is superior to other converters in terms of the various image formats it supports and the improvements on the conversion of the link and frame tags. Users can continuously browse via links and also view frames. Automatic dividing of large WML documents into WML cards md user defined conversion rules are also supported. The WML editor is also integrated with the converter and provides an integrated WYSIWYG environment for creating, converting and publishing WML documents.

Web Document Transcoding Technique for Small Display Devices (소형 화면 단말기를 위한 웹 문서 변환 기법)

  • Shin, Hee-Sook;Mah, Pyeong-Soo;Cho, Soo-Sun;Lee, Dong-Woo
    • The KIPS Transactions:PartD
    • /
    • v.9D no.6
    • /
    • pp.1145-1156
    • /
    • 2002
  • We propose a web document transcoding technique that translates existing web pages designed for desktop computers into an appropriate form for hand-held devices connected to the wireless internet. By defining a content block based on a visual separation and using it as a minimum unit for analyzing and converting processes, we can get web pages converted more exactly. We also apply the reallocation of the content block and the generation of new index in order to provide convenient interface without left-right scrolling in small screen devices. These methods, compared with existing ways such as text level summary or partial extraction method, can provide efficient navigation and a full recognition of web documents. To gain those transcoding benefits, we propose the Layout-Forming Tag Analysis Algorithm that analyzes structural tags, which motivate visual separation and the Component Grouping Algorithm that extracts the content block. We also classify and rearrange the content block and generate the new index to produce an appropriate form of web pages for small display devices. We have designed and implemented our transcoding system in a proxy server and evaluated the methods and the algorithms through an analysis of transcoded results. Our transcoding system showed a good result on most of popular web pages that have complicated structures.

Page Logging System for Web Mining Systems (웹마이닝 시스템을 위한 페이지 로깅 시스템)

  • Yun, Seon-Hui;O, Hae-Seok
    • The KIPS Transactions:PartC
    • /
    • v.8C no.6
    • /
    • pp.847-854
    • /
    • 2001
  • The Web continues to grow fast rate in both a large aclae volume of traffic and the size and complexity of Web sites. Along with growth, the complexity of tasks such as Web site design Web server design and of navigating simply through a Web site have increased. An important input to these design tasks is the analysis of how a web site is being used. The is paper proposes a Page logging System(PLS) identifying reliably user sessions required in Web mining system PLS consists of Page Logger acquiring all the page accesses of the user Log processor producing user session from these data, and statements to incorporate a call to page logger applet. Proposed PLS abbreviates several preprocessing tasks which spends a log of time and efforts that must be performed in Web mining systems. In particular, it simplifies the complexity of transaction identification phase through acquiring directly the amount of time a user stays on a page. Also PLS solves local cache hits and proxy IPs that create problems with identifying user sessions from Web sever log.

  • PDF