• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.3
• /
• pp.1002-1015
• /
• 2018

The advent of Internet of Things (IoT) and the evident inadequacy of Cloud networks concerning management of numerous end nodes have brought about a shift of paradigm giving birth to Fog computing. Fog computing is an extension of Cloud computing that extends Cloud resources at the edge of the network, closer to the user. Cloud computing has become one of the essential needs of people over the Internet but with the emerging concept of IoT, traditional Clouds seem inadequate. IoT entails extremely low latency and for that, the Cloud servers that are distant and unknown to the user appear to be unsuitable. With the help of Fog computing, the Fog devices installed would be closer to the user that will provide an immediate storage for the frequently needed data. This paper discusses data migration between different storage types especially between Cloud devices and then presents a mechanism to migrate data between Cloud and Fog Layer. We call this mechanism Adaptive Deadline-Aware Scheme (ADAS) for Data migration between Cloud and Fog. We will demonstrate that we can access and process latency sensitive "hot" data through the proposed ADAS more efficiently than with a traditional Cloud setup.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.21-27
• /
• 2023

In the cloud computing environment, servers and applications can be set up within minutes, and recovery in case of fail ures has also become easier. Particularly, using virtual servers in the cloud is not only convenient but also cost-effective compared to the traditional approach of setting up physical servers just for temporary services. However, most of the und erlying networks and security systems that serve as the foundation for such servers and applications are primarily hardwa re-based, posing challenges when it comes to implementing cloud virtualization. Even within the cloud, there is a growing need for virtualization-based security and protection measures for elements like networks and security infrastructure. This paper discusses research on enhancing the security of cloud networks using network virtualization technology. I configured a secure network by leveraging virtualization technology, creating virtual servers and networks to provide various security benefits. Link virtualization and router virtualization were implemented to enhance security, utilizing the capabilities of virt ualization technology. The application of virtual firewall functionality to the configured network allowed for the isolation of the network. It is expected that based on these results, there will be a contribution towards overcoming security vulnerabil ities in the virtualized environment and proposing a management strategy for establishing a secure network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.3
• /
• pp.762-777
• /
• 2014

With the increasing usage of cloud applications such as MapReduce and social networking, the amount of data traffic in data center networks continues to grow. Moreover, these appli-cations follow the incast traffic pattern, where a large burst of traffic sent by a number of senders, accumulates simultaneously at the shallow-buffered data center switches. This causes severe packet losses. The currently deployed TCP is custom-tailored for the wide-area Internet. This causes cloud applications to suffer long completion times towing to the packet losses, and hence, results in a poor quality of service. An Explicit Congestion Notification (ECN)-based approach is an attractive solution that conservatively adjusts to the network congestion in advance. This legacy approach, however, lacks scalability in terms of the number of flows. In this paper, we reveal the primary cause of the scalability issue through analysis, and propose a new congestion-control algorithm called FaST. FaST employs a novel, virtual congestion window to conduct fine-grained congestion control that results in improved scalability. Fur-thermore, FaST is easy to deploy since it requires only a few software modifications at the server-side. Through ns-3 simulations, we show that FaST improves the scalability of data center networks compared with the existing approaches.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.599-612
• /
• 2019

Cloud networks are used to provide various services. As services are increasingly deployed using cloud networks, there are a number of resources in the cloud that leverage a variety of environments and protocols. However, there is a security intrusion on these resources, and research on cloud network vulnerability detection is required as threats to cloud resources emerge. In this paper, we propose a vulnerability detection scheme using STRIDE and HARM for vulnerability detection of resources utilizing various environments and protocols, and present cloud network vulnerability detection scheme through vulnerability detection scenario composition.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.8
• /
• pp.3455-3473
• /
• 2016

Cloud computing is a paradigm in which information is permanently stored in servers on the Internet and cached temporarily on clients. Virtual private network (VPN) is the most widely used technology for secure cloud access. Unfortunately, VPN-based cloud services become unavailable when a VPN failure occurs. In this paper, we propose a new scheme to improve the availability of VPN connections against such failures, called high-availability virtual communication (HAVC). Unlike most of the multipath transmission schemes in the literature, the proposed scheme is implemented by using a virtualization technique, and its protocol functions are independent of existing networks - potential clients are not required to modify their applications or operating systems. Simulation results show that the HAVC can not only tolerate VPN failures but also achieve high transmission performance.

• Journal of Communications and Networks
• /
• v.15 no.4
• /
• pp.398-406
• /
• 2013

In this paper, we investigate two types of in-phase and quadrature-phase (IQ) data transfer methods for cloud multiple-input multiple-output (MIMO) network operation. They are termed "after-precoding" and "before-precoding". We formulate a cloud massive MIMO operation problem that aims at selecting the best IQ data transfer method and transmission strategy (beamforming technique, the number of concurrently receiving users, the number of used antennas for transmission) to maximize the ergodic sum-rate under a limited capacity of the digital unit-radio unit link. Based on our proposed solution, the optimal numbers of users and antennas are simultaneously chosen. Numerical results confirm that the sum-rate gain is greater when adaptive "after/before-precoding" method is available than when only conventional "after-precoding" IQ-data transfer is available.

• Journal of Information Processing Systems
• /
• v.17 no.2
• /
• pp.284-296
• /
• 2021

The cloud has already become the core infrastructure of information systems, and government institutions are rapidly migrating information systems to the cloud. Government institutions in several countries use private clouds in their closed networks. However, because of the advantages of public clouds over private clouds, the demand for public clouds is increasing, and government institutions are expected to gradually switch to public clouds. When all data from government institutions are managed in the public cloud, the biggest concern for government institutions is the leakage of confidential data. The public-private-partnership (PPP) cloud provides a solution to this problem. PPP cloud is a form participation in a public cloud infrastructure and the building of a closed network data center. The PPP cloud prevents confidential data leakage and leverages the benefits of the public cloud to build a cloud quickly and easily maintain the cloud. In this paper, based on the case of the PPP cloud applied to the Korean government, the concept, architecture, operation model, and contract method of the PPP cloud are presented.

• ETRI Journal
• /
• v.36 no.2
• /
• pp.197-205
• /
• 2014

This paper proposes a novel framework for virtual content delivery networks (CDNs) based on cloud computing. The proposed framework aims to provide multimedia content delivery services customized for content providers by sharing virtual machines (VMs) in the Infrastructure-as-a-Service cloud, while fulfilling the service level agreement. Furthermore, it supports elastic virtual CDN services, which enables the capabilities of VMs to be scaled to encompass the dynamically changing resource demand of the aggregated virtual CDN services. For this, we provide the system architecture and relevant operations for the virtual CDNs and evaluate the performance based on a simulation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.5
• /
• pp.2346-2361
• /
• 2017

A major challenge in cloud infrastructure is the efficient allocation of virtual network elements on top of substrate network elements. Path algebra is a mathematical framework which allows the validation and convergence analysis of the mono-constraint or multi-constraint routing problems independently of the network topology or size. The present study proposes a new heuristic approach based on mathematical framework "paths algebra" to map virtual nodes and links to substrate nodes and paths in cloud. In this approach, we define a measure criterion to rank the substrate nodes, and map the virtual nodes to substrate nodes according to their ranks by using a greedy algorithm. In addition, considering multi-constraint routing in virtual link mapping stage, the used paths algebra framework allows a more flexible and extendable embedding. Obtained results of simulations show appropriate improvement in acceptance ratio of virtual networks and cost incurred by the infrastructure networks.

• Journal of Information Processing Systems
• /
• v.17 no.6
• /
• pp.1035-1043
• /
• 2021

An Internet of Things (IOT) sensor network is an effective solution for monitoring environmental conditions. However, IOT sensor networks generate massive data such that the abilities of massive data storage, processing, and query become technical challenges. To solve the problem, a Hadoop cloud platform is proposed. Using the time and workload genetic algorithm (TWLGA), the data processing platform enables the work of one node to be shared with other nodes, which not only raises efficiency of one single node but also provides the compatibility support to reduce the possible risk of software and hardware. In this experiment, a Hadoop cluster platform with TWLGA scheduling algorithm is developed, and the performance of the platform is tested. The results show that the Hadoop cloud platform is suitable for big data processing requirements of IOT sensor networks.