• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.853-855
• /
• 2002

안전한 운영체제(Secure Operating System)는 컴퓨터 운영체제의 보안상 결함으로 인하여 발생 가능한 각종 해킹으로부터 시스템을 보호하기 위하여 기존의 운영체제 내에 보안 기능을 통합시킨 보안 커널(Security Kernel)을 추가로 이식한 운영체제이다. 본 논문에서는 polaris 8에서 동작하는 보안 커널을 설계하기 위해 안전한 운영체제와 보안 커널 개발 기술, 솔라리스 운영체제 및 커널 기술을 살펴본다. 이를 토대로 RBAC(Role-Based Access Control)을 지원하고 시스템의 취약점을 감시하는 Solaris 8 기반의 보안 강화용 LKM(Loadable Kernel Module)을 설계한다.

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.201-206
• /
• 2005

This paper designs Cryptography File System to support encrypting function. The CFS is supported in Solaris Kernel to encrypt or decrypt a plaintext or an encrypted text by using the dynamic linking mechanism. The Cryptography File System supports safe use of computer system even if an intruder gets a file by connecting with network. If he/she does not have a Cryptography File System module in the Solaris Kernel, he/she cannot read that file. The Cryptography File System was experimented into the Solaris kernel.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.12B
• /
• pp.1091-1099
• /
• 2003

Korea National Intelligence Service has been issued on K4 Firewall Certificates, and these K4 Firewalls has b een installing all Korean public organizer. I would evaluate the performance tests between the before setting and the after setting of Packet Filtering, NAT, Proxy, and Authentication services on functions of Solaris K4 Firewall System. Also I had been created by performance test between existing 32 bit and latest 64 bit K4 Firewall System on Solaris Operating System, So that the result of improved more two times passed rate on 64bit than 32bit on Solaris K4 Firewall System, At finally, I would conclude that the change direction will be useful for research and development on K4 Firewall System and Korean Firewall System which is a very competitive system in the world.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.4
• /
• pp.450-456
• /
• 2002

Open source web service softwares are usually running on UNIX-based operating systems. Choosing an operating system can affect web system performance. In this paper, we describe a source - code-level time measurement tool and measure a service time of each system call that Squid - open source web proxy cache - makes. We run Squid 2.4.STABLEl on Linux 2.4.2 and Solaris 8, and we compare the measured time. As a result, Linux 2.4.2 performs better than Solaris 8. It can be used as a guide for selecting system software on building web service using open source software, and also be used as a basis for enhancing the operating system performance of supporting web service software.

• Journal of the Korea Society of Computer and Information
• /
• v.8 no.1
• /
• pp.30-36
• /
• 2003

Korea has been issued on K4 Firewall Certificates for security, and these K4 Firewalls has been installing all Korean public organizer. In this paper, I would analysis process and functions of K4 Firewall. I had been created by difference and performance test between existing 32bit and latest 64bit K4 Firewall System on Solaris Operating System that wide use in Korea So that the result of improved more two times passed rate on 64bit than 32bit on Solaris K4 Firewall System At finally, I would conclude that the change direction will be useful for research and development on K4 Firewall System and Korean Firewall System which is a very competitive system in the world.

• Proceedings of the Korea Contents Association Conference
• /
• 2010.05a
• /
• pp.366-370
• /
• 2010

로봇 기술이 발달하면서 사람의 지령에 의해 수동적, 반복적인 작업을 수행하던 기존 전통적 로봇에서 벗어나, 스스로 외부환경을 인식하고, 상황을 판단하여 자율적으로 동작하는 지능형 로봇이 등장하였다. 이러한 로봇의 S/W개발은 편의성을 위해 범용 운영체제를 사용하여 개발하는 추세이다. 지능형 서비스의 QoS(Quality of Service)를 위해서는 로봇 미들웨어에 실시간성을 지원해야 하지만 범용 운영체제는 실시간성을 지원하지 않는 문제점이 있다. 본 논문에서는 범용 운영체제인 오픈솔라리스에 실시간성을 위한 논리적 정확성 및 시간 결정성을 보장하기 위하여 실시간 스케쥴러를 포함한 실시간 프레임 워크 RTL(Real-Time Layer)을 설계 및 구현한 내용을 기술한다. 또한 성능측정을 위해 쓰레드의 응답시간을 측정하였다.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.43-51
• /
• 2004

Operating systems and application programs have security vulnerabilities derived from the software development process. Recently, incident cases related with the abuses of these vulnerabilities are increasing and the damages caused by them are becoming very important security issues all over the nations. Patch management is one of the most important processes to fix vulnerabilities of softwares and to ensure a security of systems. Since an institute or a company has distributed hierarchical and heterogeneous systems, it is not easy to update patches promptly. In this paper, we propose patch management framework to safely distribute and install the patches on Windows, Linux, and Solaris client systems. Besides, we considered extensibility and hierarchical structure for our patch management framework to support large scaled network environment.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.199-204
• /
• 2004

Operating systems and application programs have security vulnerabilities derived from the software development process. Recently, incident cases related with the abuses of these vulnerabilities are increasing and the damages caused by them are becoming very important security issues all over the nations. Patch management is one of the most important processes to fix vulnerabilities of softwares and to ensure a security of systems. Since an institute or a company has distributed hierarchical and heterogeneous systems, it is not easy to update patches promptly. In this paper, we propose patch management framework to safely distribute and install the patches on Windows, Linux, and Solaris client systems. Besides, we censidered extensibility and hierarchical structure for our patch management framework to support large scaled network environment.

• The KIPS Transactions:PartC
• /
• v.12C no.7 s.103
• /
• pp.999-1006
• /
• 2005

The Secure OS is an operating system which adds security functions to the existing operating system, in order to secure a system from sorority problems originated from inherent frailty of applications or operating systems. With the existing Secure Oses for it is difficult to set an effective security policy securing personal resources in a multi-user environment system. To solve this problem in this paper we present two Techniques to secure user data efficiently in the RBAC-based Secure OS for a multi-user environment. Firstly we utilizes object's owner information in addition to object's filename. Secondly we make use of meta symbol('$\ast$'), which is able to describe multiple access targets. In addition this paper gives some examples to show advantages from these techniques. And these features are implemented in an solaris-based Secure OS called Secusys.

• The KIPS Transactions:PartC
• /
• v.12C no.1 s.97
• /
• pp.147-156
• /
• 2005

CGI is a standard interface rule between web server and gateway devised for the gateway's standard output to replace a static web document in UNIX environment. So, it is common to use standard I/O statements provided by the programming language for the CGI gateway. But the standard I/O mechanism is one of buffer strategies that are designed transparently to operating system and optimized for generic cases. This means that it nay be useful to apply another optimization to the standard I/O environment in CGI gateway. In this paper, we introduced standard output method and file output method as the two output optimization areas for CGI gateways written in C language in the UNIX/LINUX systems, and applied the proposed methods of each area to Debian LINUX, IBM AIX, SUN Solaris, Digital UNIX respectively. Then we analyzed the effect of them focused on execution time. The results were different from operating system to operating system. Compared to normal situation, the best case of standard output area showed about $10{\%}$ improvement and the worst case showed $60{\%}$ degradation in file output area where some performance improvements were expected.