• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.9
• /
• pp.337-346
• /
• 2015

There is great need for efficient user rights management method to provide a flexible service on variety protocols, domains, applications of IoT environments. In this paper, we propose a IoT service platform with CapSG to provide efficient access control for IoT various services of the environment. CapSG uses a token including authentication and access rights to perform authentication and access control service entity providing services. In addition, the generated token for service management, delegation, revocation, and provides a function such as denied. Also, it provides functions such as generation, delegation, disposal and rejection for service token management. In this paper, it provides the flexibility and efficiency of the access control for various services require of the IoT because of it is available to access control specific domain service by using the token group for each domain and is designed to access control using specific service token of tokens group.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.6
• /
• pp.951-956
• /
• 2011

CAN communication developed for communication between electric control devices in vehicle, was recently applied to automatic breaking devices, and can also be applied to field bus for production automation. Recently, field bus is introduced in engine control etc., for large ship. In this paper, cabin access control system is implemented, based on CAN communication. The cabin access control system based on CAN communication consists of access control server, embedded system based on ARM9, and micro-controller built-in CAN controller. The access control server can be able to manage overall access control system by accessing with manager. And embedded system adopted ARM9 processor transmits access information of RFID reader controller connected with CAN networks to server, also performs access control. The embedded system carry CAN frames to server, so it is used as gateway.

• The KIPS Transactions:PartA
• /
• v.11A no.3
• /
• pp.109-114
• /
• 2004

Increasing popularity of WLAN and advancement of WPAN allow user to connect to the Internet easily today. The increasing of number of networking mobile device such as laptop and PDA requires computing devices to share high speed Internet line or work on networks in most cases. This has stimulated the demand of access point that supports multiple network interfaces. This paper describes the process of design, implementation and test of the wired/wireless integrated access point that supports multiple network interfaces such as wired LAN, wireless LAN, Bluetooth, and Broadband network. We designed and developed the hardware system and protocol software to integrate heterogeneous network. The system has shown compatibility with standard specification and good performance through testing with various network devices.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.8B
• /
• pp.755-761
• /
• 2004

Currently, Wireless LAN(WLAN) service is widely deployed to provide high speed wireless Internet access through the mobile stations such as notebook and PDA. To provide enhanced security and user access control in the public WLAN area, WLAM access points should have the capability of IEEE 802.1x-based user authentication and authorization functionality. In this paper, we provide a brief understanding of IEEE 802. 1x standards and related protocols likeEAPoL(Extended Authentication Protocol Over LAN), EAP, RADIUS and describe how the IEEE 802.1x is designed and implemented in our embedded linux-based WLAN AP which is named i-WiNG.(Intelligent Wireless Internet Gateway).

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.1 s.39
• /
• pp.167-176
• /
• 2006

In this paper, a home network access agent, which controls and monitors networked appliances at home using various terminals regardless of user's location, is designed and implemented. The proposed access agent integrates wire and wireless network on a home gateway (or home server) and is accessed with consistent messages using various terminals such as a web terminal, a PDA and a cellular phone. Also, in order to verify the operation and availability of the agent, a user interface for the various terminals is designed and a home network testbed which is accessed and controlled by the terminals is implemented.

• Journal of Communications and Networks
• /
• v.13 no.4
• /
• pp.408-417
• /
• 2011

The stringent performance requirement for the high efficiency of routing protocols on the Internet can be satisfied by exploiting the threaded border gateway protocol (TBGP) on multi-cores, but the state-of-the-art TBGP performance is restricted by a mass of contentions when racing to access the routing table. To this end, the highly-efficient parallel access approach appears to be a promising solution to achieve ultra-high route processing speed. This study proposes a general routing table structure consisting of two-level tries for fast parallel access, and it presents a heuristic-based divide-and-recombine algorithm to solve a mass of contentions, thereby accelerating the parallel route updates of multi-threading and boosting the TBGP performance. As a projected TBGP, this study also modifies the table operations such as insert and lookup, and validates their correctness according to the behaviors of the traditional routing table. Our evaluations on a dual quad-core Xeon server show that the parallel access contentions decrease sharply by 92.5% versus the traditional routing table, and the maximal update time of a thread is reduced by 56.8 % on average with little overhead. The convergence time of update messages are improved by 49.7%.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.24 no.66
• /
• pp.27-35
• /
• 2001

The Gateway Server Authorization System(GSAS) presented in this thesis is a database authorization system. GSAS is responsible for user\`s authorization, and privilege management, audit service. Only users that are filtered in GSAS can access the DBMS(Data Base Management System) through middleware. GSAS is located at the DBMS and already contains an authorization record for user accessing a specific DBMS. GSAS on consists of several components, namely an authorization manager, a privilege manager, and an audit manager. As an authorization manager and a privilege manager can only approve a pass at the same time, a user can get accessibility for DBMS.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.647-650
• /
• 2008

The 'convergence service' in NGN implies the integration of services in NGN with a unified manner to access each service in order to interwork with each service. This paper shows the convergence model for NGN based on Web Services and provides a detailed scenario of each convergence model in form of Web Services.

• Proceedings of the IEEK Conference
• /
• 2003.11c
• /
• pp.51-54
• /
• 2003

This paper describes the design and implementation of HNCP bundle in the OSGi framework targeted to the home network system. The developed home network system is composed of a home server and several networked home appliances, and is connected via residential gateway to the external access network. The developed HNCP bundle allows a user to control and monitor home appliances in HNCP domain. We show the feasibility of the implemented HNCP bundle in the OSGi framework.

• Annual Conference of KIPS
• /
• 2002.11b
• /
• pp.1325-1328
• /
• 2002

엑세스 게이트웨이는 차세대 통신망(NGN)으로의 진화과정에서 PSTN, xDSL 등 다양한 서비스 가입자가 망으로의 접속을 가능하게 해주기 위해 필요한 시스템이다 이 시스템을 안정적으로 운용하기 위해서는 주요보드가 이중화되어 처리되어야 한다. 본 논문에서는 엑세스 게이트웨이 제어부의 이중화 설계 및 구현 방법에 대하여 논한다.