• Convergence Security Journal
• /
• v.17 no.3
• /
• pp.3-9
• /
• 2017

NFV is a technology that allows network services to be controlled and managed in software by separating various net work functions (NFs) from hardware devices in dedicated network equipment and implementing them in a high-performance general-purpose server. Therefore, standardized virtualization of network functions is one of the most important factors. However, until the introduction of NFV to provide commercial services, there are many technical issues to be solved such as guaranteeing performance, stability, support for multi-vendor environment, ensuring perfect interoperability, and linking existing virtual and non-virtual resources. In this paper, we propose a method to provide an end-to-end network virtualization service based on OSM R2 in KREONET.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.7
• /
• pp.1618-1626
• /
• 2013

Virtualization service processes all operation including the data creation, storing, and disposal in a server and transmits processed data as the streaming media form. Therefore, client can use the same environment as the traditional desktop environment without considering the type of device. Virtualization service should consider not only the video quality but also the delay bounds and continuity of video playback for improving the user perceived Quality of Service(QoS) of streaming service. In this paper, we propose a network-adaptive transmission architecture that focuses on guaranteeing QoS requirements for virtualization service. In order to provide those, the proposed architecture have the transmission rate adaptation function based on available bandwidth and the content bit-rate control function based on sender buffer state. Through each function, proposed architecture guarantee the delay bounds and continuity of virtualization contents playback. The simulation results show that proposed network-adaptive transmission architecture provides a improve performance of throughput and transmission delay.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.8
• /
• pp.1071-1076
• /
• 2020

The importance of network separation is due to the use of the Internet with existing business PCs, resulting in an internal information leakage event, and an environment configured to allow servers to access the Internet, which causes service failures with malicious code. In order to overcome this problem, it is necessary to use network virtualization to separate networks and network interconnection systems. Therefore, in this study, the construction area was constructed into the network area for the Internet and the server farm area for the virtualization system, and then classified and constructed into the security system area and the data link system area between networks. In order to prove the excellence of the proposed method, a network separation construction study using network virtualization was conducted based on the basis of VM Density's conservative estimates of program loads and LOBs.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.27-32
• /
• 2014

Utilization of web application has been widely spread and complication in recent years by the rapid development of network technologies and changes in the computing environment. The attack being target of this is increasing and the means is diverse and intelligent while these web applications are using to a lot of important services. In this paper, we proposed security model using virtualization technology to prevent attacks using vulnerabilities of web application. The request information for query in a database server also can be recognized by conveying to the virtual web server after ID is given to created session by the client request and the type of the query is analyzed in this request. VM-Master module is constructed in order to monitor traffic between the virtual web servers and prevent the waste of resources of Host OS. The performance of attack detection and resource utilization of the proposed method is experimentally confirmed.

• KIISE Transactions on Computing Practices
• /
• v.22 no.9
• /
• pp.473-478
• /
• 2016

Server virtualization provides abstraction of physical resources to users and thus accomplishes high resource utilization and flexibility. However, the characteristics of server virtualization, such as the limited number of physical resources shared by virtual machines, can cause problems, mainly performance interference. The performance interference is caused by the fact that the CPU scheduler running on the host operating system schedules virtual machines without considering the characteristics of the virtual machine's internal process. To address performance interference, a number of research activities to improve performance interference have been conducted, but do not deal with the fundamental analysis of performance interference. In this paper, in order to analyze the cause of performance interference, we carry out profiling in a variety of scenarios in a virtualized environment based on KVM. As a result, we analyze the phenomenon of the performance interference in terms of CPU scheduling and propose an efficient scheduling solution.

• KNOM Review
• /
• v.21 no.2
• /
• pp.26-34
• /
• 2018

With the proliferation of cloud computing and services, the internet traffic and the demand for better quality of service are increasing. For this reason, server virtualization and network virtualization technology, which uses the resources of internal servers in the data center more efficiently, is receiving increased attention. However, the existing hardware Test Access Port (TAP) equipment is unfit for deployment in the virtual datapaths configured for server virtualization. Virtual TAP (vTAP), which is a software version of the hardware TAP, overcomes this problem by duplicating packets in a virtual switch. However, implementation of vTAP in a virtual switch has a performance problem because it shares the computing resources of the host machines with virtual switch and other VMs. We propose a vTAP implementation technique based on the extended Berkeley Packet Filter (eBPF), which is a high-speed packet processing technology, and compare its performance with that of the existing vTAP.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.1
• /
• pp.125-129
• /
• 2010

Stateless computing supports a mobility of computing environment easily. It is becoming a major technology for securing personal user's information on shared computing environment. With the advance of virtualization technology and cloud computing, stateless computing is an essential part of personal computing environment connectivity (user's setting and data is stored in remote server or some storage, and it can be restored at any computing environment) In this paper, we propose uPC player that supports stateless computing execution environment on Windows. uPC player provides Windows operating system to user by using an uPC OS virtualization module. In this paper, we leverage how uPC player is designed and implemented for supporting a stateless computing execution environment. uPC player provides a desktop switch between host-system execution environment and uPC virtual execution environment. And it needs just one second for loading uPC virtual execution environment by using OS virtualization-based technique.

• KIISE Transactions on Computing Practices
• /
• v.21 no.7
• /
• pp.506-511
• /
• 2015

IOV is a technology that supports one or more virtual desktops, and can share a single physical device. In general, the virtual desktop uses the virtual IO devices which are provided by virtualization SW, using SW emulation technology. Virtual desktops that use the IO devices based on SW emulation have a problem in which service quality and performance are declining. Also, they cannot support the high-end application operations such as 3D-based CAD and game applications. In this paper, we propose a physical network separation system using Virtual Desktop Service based on HW direct assignments to overcome these problems. The proposed system provides independent desktops that are used to access the intranet or internet using server virtualization technology in a physical desktop computer for the user. In addition, this system can also support a network separation without network performance degradation caused by inspection of the network packet for logical network separations and additional installations of the desktop for physical network separations.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1670-1673
• /
• 2010

서버 기반 컴퓨팅(Server Based Computing)은 데이터와 작업 처리가 서버에서 이루어지기 때문에 데이터를 효과적으로 통합하고 관리를 할 수 있다. 본 논문에서는 서버 기반 컴퓨팅을 이용하여 사용자에게 본인만의 데스크톱 환경을 제공하고, 언제 어디서나 필요한 정보와 애플리케이션을 실행할 수 있는 방법을 제안한다. 이러한 환경 하에서 최대한 서버의 활용률을 높이고 낭비하는 자원을 줄이기 위해 서버 가상화 기법(Server Virtualization)과 가상 OS 메모리 할당 알고리즘을 도입하였다. 서버와 사용자의 수에 따른 메모리 할당 방식을 hard handoff 라고 명하고, 사용자에게 메모리를 적절히 할당할 수 있도록 하였다. 또한 기존 사용자에 대한 메모리 재할당의 경우, Immutable OS와 별도의 사용자 데이터 공간으로 나누어 관리하여 가상 OS의 재접속 시간을 단축시킬 수 있었다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.01a
• /
• pp.111-112
• /
• 2014

가상화 기반 기술이란 단일 서버의 자원을 다수의 정보시스템이 서로 나누어 사용할 수 있는 기술이다. 본 논문에선 현재 운영되고 있는 서버에 대하여 유지 보수 계약 등의 원가 절감 및 고 사양 HW를 제공한다. 그리고 다양한 가상화 솔루션 제공 및 발전(안정성, 고가용성)에 대해 알아본다. 통합 및 가상화 구성시 비용절감 및 효율성 극대화를 위한 표준화된 설계 방법론이 필요하다.