The KIPS Transactions:PartC (정보처리학회논문지C)

Korea Information Processing Society (한국정보처리학회)
권호 표지

Secure QoS Billing System Using Audit Trail Subsystem Design & Implementation

감사 추적 시스템 설계 및 구현을 통한 안전한 QoS 빌링 시스템

  • 박우출 (한양대학교 대학원 전자공학과) ;
  • 김정녀 (한국전자통신연구원 보안운영체제연구팀장(선임연구원)) ;
  • 이병호 (한양대학교 정보통신학부)
  • Published : 2001.10.01
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we propose the delay sensitive traffic and a high bandwidth QoS service in order to supply real-time traffic such as VoIP, multimedia service. We use IntServ over DiffServ network to supply end-to-end QoS service in the IETF. We define the proposed QoS services which are Best, Good, Default service. We analyze the performance using NS simulator with end to end QoS service in IntServ over DiffServ network. The proposed billing system uses the Accounting, Authentication, Authorization (AAA) functions of RADIUS protocol and proposes the dynamic pricing method according to network usage state using end-to-end QoS of IntServ over DiffServ network. In order to secure billing system, we design and implement audit trail system by the IEEE POSIX.1E standard.

본 논문에서는 VoIP나 멀티미디어 서비스와 같은 실시간 트래픽을 위하여, IETF에서 인터넷 QoS 제공 방안으로 제시된 IntServ와 DiffServ 혼합 모델을 사용해서 Delay Sensitive 트래픽과 넓은 대역폭을 가지는 QoS 서비스를 제공하였다. 제안한 QoS 서비스를 Best, Good, Default 서비스로 정의하고, 제안된 IntServ와 DiffServ의 혼합 모델을 사용한 End-to-End QoS의 3가지 서비스 모델을 시뮬레이션을 통하여 성능을 분석하였다. 제안된 QoS 모델에 따른 서비스 요금 지불을 위하여 RADIUS 프로토콜의 Accounting, Authentication, Authorization (AAA) 기능을 이용한 IntServ와 DiffServ의 혼합 모델을 사용한 빌링시스템을 제안하였다. 안전한 빌링 시스템에서는 RADIUS 프로토콜의 감사 추적 기능을 강화하기 위하여, IEEE POSIX.1E 표준안에 의한 감사 추적 시스템을 설계 및 구현하였다.

Keywords

References

  1. Seaman, M., Smith, A., Crawley, E. and J. Wroclawski, 'Intergrated Service Mapping on IEEE 802 Networks,' RFC 2815, May. 2000
  2. J. Wroclaswski, 'The Use of RSVP with IETF Integrated Services,' RFC 2210, September, 1997
  3. S. Blake, et al., 'An Architecture for Differentiated Services,' RFC 2475, December, 1998
  4. Y. Bernet, P. Ford, R. Yavatkar and et al., 'A Framework for Integrated Services Operation over Diffserv Networks,' RFC 2998, November, 2000
  5. Rigney, C., Rubens, A., Simpson, W. and S. Willens, 'Remote Authentication Dial In User Service (RADIUS),' RFC 2138, April. 1997
  6. Rinney, C., Willats, W. and Calhoun, P., 'RADIUS Extensions,' RFC 2869, June, 2000
  7. IEEE Std 1003.1e - Draft standard for Information Technology-Portable Operating System Interface(POSIX) Part 1 : System Application Program Interface(API)- Protection, Audit and Control Interfaces
  8. IEEE Std 1003.2c - Draft standard for Information Technology-Portable Operating System Interface(POSIX) Part 2 : Shell and Utilities : Protection and Control Interfaces
  9. C. Mills, D. Hirsch and G. Ruth, 'Internet Accounting: Background,' RFC 1272, 1991
  10. H. W. Braun, K.C. Claffy and G.C. Polyzos, 'A Framework for Flow - Based Accounting on the Internet,' Proc. of the Singapore intl Conference on Networks, 1993 https://doi.org/10.1109/SICON.1993.515706
  11. M. Honig and K. Steiglitz, 'Usage-based Pricing of Packet Data Generated by a Heterogeneous User Population,' Proc. IEEE INFOCOM, Vol.2, Boston, MA, pp.867-874, Apr. 1995 https://doi.org/10.1109/INFCOM.1995.515958
  12. J. Mackie-Mason and H. Varian, 'Pricing Congestible Network Resource,' IEEE JSAC, Vol.13, No.7, pp.1141-1148, Sept. 1995 https://doi.org/10.1109/49.414634
  13. Lunt, T. Automated Audit Trail Analysis for Introduction Detection, Computer Audit Update. pp.2-8, April, 1992 https://doi.org/10.1016/0960-2593(92)90034-K
  14. National Computer Security Center. A Guide to Understanding Audit in Trusted Systems, NCSC-TG-001, Version-2. Ft. Meade, MD, 1988
  15. The UCB/LBNL/VINT NetworkSimulator (NS). URL 'http://www-mash.cs.berkelev.edu/ns/.'