• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.957-960
• /
• 2001

최근 리눅스에 대한 사용이 빠른 속도로 증가하고 있다. 리눅스의 오픈 소스 정책에 따른 리눅스 보안의 필요성에 대한 여러 가지 형태의 연구 또한 진행되고 있는 실정이다. 리눅스 기반의 효과적인 보안 정책은 여러 형태로 제안되고 있지만 보안 위협에 대한 실질적인 해결책은 아직까지 없다고 해도 과언이 아닐 것이다. 이러한 보안 위협을 해결하기 위해 IP 계층에서부터 보안상의 위협을 제거할 수 있는 IPSec 에 대한 연구가 활발히 진행되고 있다. IPSec은 여러 가지 형태로 개발 및 제안되고 있지만 실제 사이트에서 사용하기에는 여러 가지 어려운 설치 문제가 따르는 편이다. 본 논문에서는 리눅스 커널의 일부 모듈을 이용하여 커널 컴파일 없이 IPSec을 서브넷에서 사용할 수 있는 구조를 제안한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.12
• /
• pp.2579-2585
• /
• 2009

It is an important problem without system breaking. Like this, to make a computer system operate normally, various commercial fault tolerant techniques are used. Almost commercial products of fault tolerant system consume much cost. This paper proposes kernel hardening technique that are reducing panic using DLM modue in Linux USB driver. I experimented the design technique in Linux O.S. By the experiment, the suggesting technique which includes USB module with DLMis working well.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.10
• /
• pp.533-543
• /
• 2003

With the increase of interests in cluster, there have been a number of research efforts to address the high availability issues on cluster. However, there are no kernel-level group communication systems to support the development of kernel-level application programs and it is not easy to use traditional user-level group communication systems for the kernel-level applications. This paper presents the design and implementation issues of KCGCS(Kernel-level Cluster Group Communication System), which is a kernel-level group communication module for linux cluster. Unlike traditional user-level group communication systems, the KCGCS uses light-weight heartbeat messages and a ring-based heartbeat mechanism, which allows users to implement scalable failure detection mechanisms. Moreover, the KCGCS improves the reliability by using distributed coordinators to maintain membership information.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.3
• /
• pp.1-10
• /
• 2013

In this paper, we propose a method of embedded linux light-weight to improve efficiency of application running on embedded systems. Three methods including fast booting scheme applying the Hibernation technique, JFFS2 file system optimization applying the Symbolic Link and virtual address mapping, kernel light-weight that guarantees the general purpose was applied. Since then check the system dependency and generate kernel image according to the target embedded kit. And embedded system performance of existing linux and linux which the method proposed in this paper was compared. In experimental result, the kernel size was 9.6% improved and the system booting time was 18% improved. And application processing speed on target embedded kit was improved 11% in the best case, 66% in the worst case. This result show that the light-weight method proposed in this paper is guarantee fast booting time and securing resources and it is good for the application processing speed improvement.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.6
• /
• pp.1333-1340
• /
• 2005

This paper is based on the study to reduce a system panic state. A panic state could be caused by a programmer or an administrator's careless mistake. The proposed hardening Operating System of this paper stops the process which is running in the kernel with an error. The error process for the value type and the address type of a certain variable have to be restored. Installed with kernel hardening, Operating System checks the recovery possibility of the process first and then restores the process which can be recovered. When it is possible to recover the kernel code with an error, it is to be recovered in ASSERT() function.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10b
• /
• pp.1145-1148
• /
• 2000

최근 멀티미디어 데이터에 대한 요구는 사용자가 증가함에 따라 데이터 양도 증가하고 있다. 이에 반해 서버시스템이나 네트워크의 대역폭은 이러한 서비스 요구를 충족시키기에 미흡하다. 본 논문에서는 리눅스 환경에서 일반적인 UDP(User Datagram Protocol) 전송 메커니즘을 SIO(Special Input/Output) 시스템 콜을 커널 내부에 추가하였다. UDP전송을 커널 내부에서 수행함으로써, 사용자 모드와 커널 모드사이의 데이터 복사의 횟수와 문맥 교환을 줄였다. 커널 내부에서 수행하게 SIO 시스템 콜을 설계하고 구현함으로써 일반적인 리눅스 환경보다 약 31%의 성능향상을 보았다. 본 논문에서는 SIO와 같은 효과적인 커널 내부의 전송 시스템 콜을 사용함으로써 멀티미디어 관련 서버에 적응할 수 있도록 하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.139-141
• /
• 2004

본 논문에서는 PDA 용 임베디드 리눅스의 파일시스템을 설계한다. 개발을 위한 Host PC 구축［크로스 컴파일러(Cross compiler)］ 및 커널 소스의 패치와 디버그를 통한 개발을 한다. 본 논문에서 PDA 시스템에 리눅스를 포팅 하여 PDA 임베디드 리눅스 시스템 및 파일 시스템을 설계한다.

• The Journal of the Korea Contents Association
• /
• v.11 no.9
• /
• pp.45-53
• /
• 2011

According to the necessity of measuring equipments for advanced military systems, real-time characteristics such as time determinism and execution accuracy pursuing low-latencies have become very important. With this reason, the market demand for real-time features in the general purpose operating system such as Linux has been enlarging. To meet these requirements, RTLinux and RTAI has been developed as dual-kernels based on Linux. However, developers should use assembler languages to facilitate real-time in RT-Linux, it is very difficult to deal with it. RTAI has disadvantage that it only provides soft real-time. To solve these problems, RTiK-Linux was developed. In this paper, we propose a new dual-kernel with hard real-time capabilities in Linux, called RTiK-Linux(Real-Time implemented Kernel for Linux). We first introduce related researches and then describe the design methodologies to guarantee the resolution which almost accords with the timer settings. Finally, we present the results of experimental measurements and analyze them in order to validate and evaluate the proposed RTiK-Linux.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.3
• /
• pp.289-300
• /
• 2003

Traditional kernel-level communication systems for clusters are dependent upon computing platforms. Futhermore, they are not easy to use and do not provide various functions for clusters. This paper presents an architecture and various implementation issues of a kernel-level communication system, KCCM(Kernel level Cluster Communication Module), for linux cluster. The KCCM provides asynchronous communication services as well as standard synchronous communication services using send and receive. The KCCM also automatically detects and recovers connection failures at runtime. This allows programmers to use KCCM when they build mission critical applications over TCP-based connection-oriented communication environments. Having developed using standard socket interfaces, it can be easily ported to various platforms. The experimental results show that the KCCM provides good performance for asynchronous communication patterns.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.365-378
• /
• 2024

The operating system (OS) of mobiles or embedded devices is based on the Linux kernel. These OSs request random numbers from the Linux kernel for system operation, such as encryption keys and security features. To provide random numbers reliably, the Linux kernel has a dedicated random number generator (Linux Pseudo Random Number Generator, LPRNG). Recently, LPRNG has undergone a major structural changes. However, despite the major changes, no security analysis has been published on the structure of the new LPRNG. Therefore, we analyze these structural changes as a preliminary study to utilize the security analysis of the new LPRNG. Furthermore, the differences between before and after the changes are divided into cryptographic and performance perspectives to identify elements that require security analysis. This result will help us understand the new LPRNG and serve as a base for security analysis.