• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.3
• /
• pp.482-488
• /
• 2012

Desktop is offered to each individual in Educational environments of school or academy, as the users are increasing, the more Desktop is required for each person. Huge Desktop accession resulted in many problems including difficulty of management, Software and Hardware cost rising, cramped places, power consumption increasing and etc. To solve those problems, we focus into uprising technology solution, such as Multi Computer, Desktop Virtualization, and DaaS(Desktop as a Service). In this paper, existing problems that can dramatically improve the private cloud computing for desktop virtualization with the requirements of the system were analyzed.

• KIISE Transactions on Computing Practices
• /
• v.21 no.7
• /
• pp.506-511
• /
• 2015

IOV is a technology that supports one or more virtual desktops, and can share a single physical device. In general, the virtual desktop uses the virtual IO devices which are provided by virtualization SW, using SW emulation technology. Virtual desktops that use the IO devices based on SW emulation have a problem in which service quality and performance are declining. Also, they cannot support the high-end application operations such as 3D-based CAD and game applications. In this paper, we propose a physical network separation system using Virtual Desktop Service based on HW direct assignments to overcome these problems. The proposed system provides independent desktops that are used to access the intranet or internet using server virtualization technology in a physical desktop computer for the user. In addition, this system can also support a network separation without network performance degradation caused by inspection of the network packet for logical network separations and additional installations of the desktop for physical network separations.

• Journal of KIISE
• /
• v.44 no.10
• /
• pp.1005-1018
• /
• 2017

Recently, virtualization has become an essential component of cloud computing due to its various strengths, including maximizing server resource utilization, easy-to-maintain software, and enhanced data protection. However, since virtualization allows sharing physical resources among the VMs, the system performance can be deteriorated due to device contentions. In this paper, we first investigate the I/O overhead based on the number of VMs on the same server platform and analyze the block I/O process of the KVM hypervisor. We also propose an in-memory block cache mechanism, called QBic, to overcome I/O virtualization latency. QBic is capable of monitoring the block I/O process of the hypervisor and stores the data with a high access frequency in the cache. As a result, QBic provides a fast response for VMs and reduces the I/O contention to physical devices. Finally, we present a performance measurement of QBic to verify its effectiveness.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.23-32
• /
• 2023

Container-based virtualization has attracted many attentions as an alternative to virtual machine technology because it can be used more lightly by sharing the host operating system instead of individual guest operating systems. However, this advantage may owe some vulnerabilities. In particular, excessive resource use of some containers can affect other containers, which is known as the noisy neighbor problem, so that the important property of isolation may not be guaranteed. The noisy neighbor problem can threat the availability of containers, so we need to consider the noisy neighbor problem as a security problem. In this paper, we investigate vulnerabilities on guarantee of isolation incurred by the noisy neighbor problem in container-based virtualization. For this we first analyze the structure of container-based virtualization environments. Then we present vulnerabilities in 3 functional layers and general directions for solutions with limitations.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2002.11a
• /
• pp.350-362
• /
• 2002

A new architecture called the Storage Area Network(SAN) was developed in response to the requirements of high availability of data, scalable growth and system performance In order to use SAN more efficiently, must SAN operating systems support storage virtualization concepts that allow users to view physical storage devices attached to SAN as a large volume virtually. A logical volume manager Days a key role in storage virtualization it realizes the storage virtualization by mapping logical addresses to physical addresses. In this paper, we design and implement an efficient and flexible mapping method for logical volume manager. The mapping method in this paper supports a snapshot that preserves a volume image at certain time and on-line reorganization to allow users to add or remove storage devices to SAN even while the system is running.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.11a
• /
• pp.350-362
• /
• 2002

A new architecture called the Storage Area Network(SAN) was developed in response to the requirements of high availability of data scalable growth, and system performance. In order to use SAN more efficiently, most SAN operating systems support storage virtualization concepts that allow users to view physical storage devices attached to SAN as a large volume virtually. A logical volume manager plays a key role in storage virtualization. It realizes the storage virtualization by mapping logical addresses to physical addresses. In this paper, we design and implement an efficient and flexible mapping method for logical volume manager. The nin method in this paper supports a snapshot that preserves a volume image at certain time and on-line reorganization to allow users to add or remove storage devices to SAN even while the system is running.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.137-147
• /
• 2011

Because of the convergence between Internet and broadcast communication, users are able to use multimedia contents anytime. In addition, with the change of existing one-way service to two-way service, the provider can offer efficient and useful broadcast communication. However, As multimedia contents is provided by STB, it can validate only end-node STB. Thus, this method is limiting possibilities of individual service. Also, providers' STB are different, so problem of compatibility is emerging as an issue. Therefore, in this paper we proposed STB virtualization based enhanced IPTV user authentication system to improve individual authentication and compatibility of services.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.69-75
• /
• 2018

The purpose of access control is to prevent computing resources from illegal behavior such as leakage, modification, and destruction by unauthorized users. As the cloud computing environment is expanded to resource sharing services using virtualization technology, a new security model and access control technique are required to provide dynamic and secure cloud-based computing services. The virtualization management convergence access control model provides a flexible user authorization function by applying the dynamic privilege assignment function to the role based access control mechanism. In addition, by applying access control mechanism based on security level and rules, we solve the conflict problem in virtual machine system and guarantee the safeness of physical resources. This model will help to build a secure and efficient cloud-based virtualization management system and will be expanded to a mechanism that reflects the multi-level characteristics.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37B no.10
• /
• pp.877-888
• /
• 2012

Network virtualization technology is a crucial research issue of Future Internet which pursues a service-oriented architecture so-called NaaS (Network as a Service) or SDN (Software Defined Network). Network virtualization is expected to play an important role in Future Internet researches as a network testbed technology which enables innovative protocols to be experimented independently on a common testbed environment. We propose a control framework in order to provide user defined topology and bandwidth services with network virtualization and to separate and manage multiple-user traffics in a small and medium scale - single domain research network. The proposed framework (VIMS; Virtual network Integrated control and Management System) supports testbed expansions without any changes of heterogeneous virtual network support equipments through accommodation of each equipment's control plane. The framework shows a feasibility through applied to KOREN and we describe the differences and further study directions for improvement the framework comparing with GENI control framework.

• Proceedings of the Korea Contents Association Conference
• /
• 2007.11a
• /
• pp.807-811
• /
• 2007

In this paper, we introduce an application virtualization method that could be supported without changing and modifying any resources and execution environment on host system, using non-installable portable software format that could be executed by one-click on any host without installing process. For the purpose of designing and implementing an application virtualization method, we construct virtual supporting system that includes virtual file system and virtual registry hive on kernel level of Windows operating system. Also, when users execute portable software on any hosts to provide consistency on using portable software, we describe method of processing information of appending and modifying files and registry datum on virtual file system and virtual registry hive through Copy-on-Write scheme.