• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.10
• /
• pp.1101-1108
• /
• 2015

In this paper, to provide a method and system for providing a network separation virtual machine environment. How to provide this virtual machine environment include phase generating necessary virtual resource requirement for the perform of virtual function and transfer to network changing protocol about request of registration virtual resource. For this reason, Registration procedure is to use a virtual machine for a virtual computing resource allocation and separation combined network any time, it became possible between servers and clients, or mobile phone. At any time, it is possible to process the work in the same environment as in a computer to access the Internet.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.37 no.6
• /
• pp.1-11
• /
• 2000

In this paper, we propose a novel control signaling protocol that efficiently controls connection setup and increases the utilization of network resources. The proposed protocol, Separated Control Signaling Protocol(SCSP), separates bearer control from call control lot WDM optical networks. The main function of call control is to check the availability of network resources such as wavelengths and receivers at destination node. Bearer control is to reserve and assign wavelengths. The signaling architecture of this protocol consists of call controller and hearer controller The call controller handles call setup and release, activates the beater controller, and manages the status of call and bearer. The bearer controller reserves wavelengths, sets up bearer, tears down bearer. and notifies the status of beater to call controller. The state transition diagrams of each controller are designed. Using control messages and related primitives, the information flows for call setup and bearer setup, hearer teardown and call release, and reaction for setup failures are described to evaluate the performance. The simulation results show that the separated control signaling protocol is superior to conventional one in terms of call blocking probability and resource utilization.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.27-32
• /
• 2019

Along with the growth of u-Healthcare, we propose a security enhancement based on network separation for CloudHIS with for handling healthcare information to cope with cyber attack. To protect against all security threats and to establish clear data security policies, we apply desktop computing servers to cloud computing services for CloudHIS. Use two PCs with a hypervisor architecture to apply physical network isolation and select the network using KVM switched controller. The other is a logical network separation using one PC with two OSs, but the network is divided through virtualization. Physical network separation is the physical connection of a PC to each network to block the access path from both the Internet and the business network. The proposed system is an independent desktop used to access an intranet or the Internet through server virtualization technology on a user's physical desktop computer. We can implement an adaptive solution to prevent hacking by configuring the CloudHIS, a cloud system that handles medical hospital information, through network separation for handling security enhancement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.525-536
• /
• 2012

This paper proposes methods of securing Smart Grid system against various types of cyber threats by separating AMI networks from the public network, the Internet, and providing an AMI specific authentication framework. Due to the fact that thousands and millions of AMI devices to be deployed would be directly or indirectly connected to the public network without any authentication procedures for access control, currently being developed AMI architectures could be widely exposed to considerable number of penetrating attacks. Furthermore, there have not been a sufficient number of researches on authentication frameworks with basis on the specific circumstances of AMI networking that should support varied authentication protocols among security associations and AMI linking devices. This work makes a proposal of isolating smart meters from HAN devices and the Internet and integrating network/application level authentication frameworks with an EAP-based authentication architecture. These approaches are beneficial to deploy AMI with security and efficiency.

• Journal of the Korea Convergence Society
• /
• v.11 no.10
• /
• pp.37-44
• /
• 2020

Due to the recent COVID 19 pandemic, public institutions are increasingly working from home. Working in public institutions is rapidly changing into a smart work environment where time and space constraints disappear. However, many public institutions currently lack a security model for an efficient smart work environment due to the physical network separation system that separates the Internet network and the business network. Therefore, in this paper, we describe the current limitations for implementing smart work in a physical network separation environment of public institutions, and propose a security model necessary for a work environment to supplement them. As a related study, explain SSL VPN and explain smart work business model through security model research of SDP (Software Defined Perimeter), RDP (Remote Desktop Protocol), and VDI (Virtual Desktop Infrastructure) to overcome the security limitations of SSL VPN. As a result, we intend to propose a security model for a smart work environment suitable for public institutions while complying with the physical network separation security guide.

• Journal of Digital Convergence
• /
• v.11 no.2
• /
• pp.43-50
• /
• 2013

Recently, Cyber threats that is doing intelligence and sophistication from the organization's information assets to secure order technical disciplines, as well as managerial and environmental sectors, such as mind-response system is must established. In this paper, possible to analyze the case for the theory in network security, such as the logical network and physical network separation suitable for the corporate environment and constantly respond and manage the Information Security Management Model A secure network design is proposed. In particular, the proposed model improvements derived from the existing network, network improvements have been made in order to design improved ability to respond to real-time security and central manageability, security threats, pre-emptive detection and proactive coping, critical equipment in the event of a dual hwalreu through applied features such as high-availability, high-performance, high-reliability, ensuring separation of individual network security policy integrated management of individual network, network security directional.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.12
• /
• pp.42-53
• /
• 2011

As IT industry using networks have been developed explosively, online operations that were conducted in offline are increasing rapidly, and even relationship with other people made online. As online crimes are increasing accordingly, building security networks is getting very important. As a result, network separation between business and organization network has been performed recently, but this causes network user inconvenience and efficiency reduction. In this paper, we propose reassociation methods for already separated networks for many public organizations. We implement two reassociation methods using NAT device and shared storage and show their experimental results.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.11 no.1
• /
• pp.37-44
• /
• 2016

In this paper, to provide a method for providing a network separation subscriber's facilities. How to provide this subscriber's facilities include phase generating authorization key in server, saving activation file in portable data medium included server's authorization key, executing saved activation file in client's portable storage and providing virtual machine by result client's execute file. In case of moving work, the virtual subscriver's facility can provide for a business traveler.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.784-787
• /
• 2006

In this paper, we propose a method for nonlinear grapheme segmentation in Korean printed character type classification. The characters are subdivided into six types based on character type information. The feature vector is consist of mesh features, vertical projection features and horizontal projection features which are extracted from gray-level images. We classify characters into 6 types using Back propagation. Character segmentation regions are determined based on character type information. Then, an optimal nonlinear grapheme segmentation path is found using multi-stage graph search algorithm. As the result, a proposed methodology is proper to classify character type and to find nonlinear char segmentation paths.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2001.05a
• /
• pp.625-628
• /
• 2001

In this paper, it is shown that the car number plate are recognized more efficiently by using Fuzzy-ARTM AP. We use the location information of characters in the car number plate area and the color intensity difference between the character region and the background region int the tar number plate area. For segmented plate region, the car plate region is extracted by deciding the X-axis region composed by horizontal histogram and the Y-axis region composed by the variance histogram of vertical histogram. Our method then directly recognizes the extracted character region by using Fuzzy-ARTMAP neural network.