• Journal of Information Processing Systems
• /
• v.3 no.2
• /
• pp.43-53
• /
• 2007

The use of agent paradigm in today's applications is hampered by the security concerns of agents and hosts alike. The agents require the presence of a secure and trusted execution environment; while hosts aim at preventing the execution of potentially malicious code. In general, hosts support the migration of agents through the provision of an agent server and managing the activities of arriving agents on the host. Numerous studies have been conducted to address the security concerns present in the mobile agent paradigm with a strong focus on the theoretical aspect of the problem. Various proposals in Intrusion Detection Systems aim at securing hosts in traditional client-server execution environments. The use of such proposals to address the security of agent hosts is not desirable since migrating agents typically execute on hosts as a separate thread of the agent server process. Agent servers are open to the execution of virtually any migrating agent; thus the intent or tasks of such agents cannot be known a priori. It is also conceivable that migrating agents may wish to hide their intentions from agent servers. In light of these observations, this work attempts to bridge the gap from theory to practice by analyzing the security mechanisms available in Aglet. We lay the foundation for implementation of application specific protocols dotted with access control, secured communication and ability to detect tampering of agent data. As agents exists in a distributed environment, our proposal also introduces a novel security framework to address the security concerns of hosts through collaboration and pattern matching even in the presence of differing views of the system. The introduced framework has been implemented on the Aglet platform and evaluated in terms of accuracy, false positive, and false negative rates along with its performance strain on the system.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.7
• /
• pp.149-155
• /
• 2013

Commonly, one seeks a particular pattern suitable for stock cutting and the number of such patterns through linear programming. However, since the number of the patterns increases exponentially, it is nearly impossible to predetermine all the existing patterns beforehand. This paper thus proposes an algorithm whereby one could accurately predetermine the number of existing patterns by applying Suliman's feasible pattern method. Additionally, this paper suggests a methodology by which one may obtain exact polynomial-time solutions for feasible patterns without applying linear programming or approximate algorithm. The suggested methodology categorizes the feasible patterns by whether the frequency of first occurrence of all the demands is distributed in 0 loss or in various losses. When applied to 2 data sets, the proposes algorithm is found to be successful in obtaining the optimal solutions.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.10
• /
• pp.191-200
• /
• 2007

As the IEEE 802.11 WLAN has widely installed as a high-speed wireless network information infrastructure, there has been growing interest in both security and mobility of mobile terminals. However, for the case of mobile terminal employing IEEE 802.11i security standard, it is known that the user authentication procedure of IEEE 802.1x for stronger security enforcement may, due to its large delay, not be suitable for real-time multimedia communication. In this paper, we have proposed fast authentication method to resolve the above authentication delay problem, and verifies its performance via simulation analysis. Mobile terminals can get AP information reliably, and selectively execute authentication in advance during handover, which results in fast user authentication. In addition, by effectively managing the authentication information in mobile terminal, which are distributed in advance for pre-authentication, the problem of long-time revelation of authentication information has been solved.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.11 no.11
• /
• pp.1083-1092
• /
• 2016

In this paper, the performance of the optical code-division multiple access (OCDMA) technology on a plastic optical fiber (POF) access network, which had received much attention due to its low weight, large core diameter, flexibility, easy installation, and especially its high bandwidth, is analyzed. Recently, POF was a very attractive candidate for transmission media in an access network based on OCDMA technology. But the conventional OCDMA system only allows finite units to transmit and access simultaneously according to the number of channels which are restricted by BER, and so, in this paper, to resolve this problem a novel multi-priority reservation protocol is also proposed. By using this reservation scheme and a distributed arbitration algorithm, channel collision and destination conflict could be avoided. And this protocol can efficiently support the transmission of multimedia messages that require the different time-delay. The network throughput and average delay using various system parameters have been investigated by numerical analysis and simulation experiments. These results shows that the multi-priority reservation protocol in this POF access network based on OCDMA technology is valid and efficient.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.951-958
• /
• 2004

Nowadays NGN is developed for supporting the e-Commerce, Internet trading, e-Government, e-mail, virtual-life and multimedia. Internet gives us the benefit of remote access to the information but causes the attacks that can break server and modify information. Since 2000 Nimda, Code Red Virus and DSoS attacks are spreaded in Internet. This attack programs make tremendous traffic packets on the Internet. In this paper, we designed and developed the Bandwidth Controller in the gateway systems against the bandwidth saturation attacks. This Bandwidth con-troller is implemented in hardware chipset(FPGA) Virtex II Pro which is produced by Xilinx and acts as a policing function. We reference the TBF(Token Bucket Filter) in Linux Kernel 2.4 and implemented this function in HDL(Hardware Description Language) Verilog. This HDL code is synthesized in hardware chipset and performs the gigabit traffic in real time. This policing function can throttle the traffic at the rate of band width controlling policy in bps speed.

• The KIPS Transactions:PartA
• /
• v.8A no.3
• /
• pp.217-226
• /
• 2001

In this paper, for continuous media access operations performed by Clustered Continuous Media Storage Server (CCMSS) system, we present the analytical model based on the open queueing network, which considers simultaneously two critical delay factors, the disk I/O and the internal network, in the CCMSS system. And we derive by using the analytical model the stochastic model for the total service delay time in the system. Next, we propose the integrated stochastic admission control model for the CCMSS system, which estimate the maximum number of admittable service requests at the allowable service failure rate by using the derived stochastic model and apply the derived number of requests in the admission control operation. For the performance evaluation of the proposed model, we evaluated the deadline miss rates by means of the previous stochastic model considering only the disk I/O and the propose stochastic model considering the disk I/O and the internal network, and compared the values with the results obtained from the simulation under the real cluster-based distributed media server environment. The evaluation showed that the proposed admission control policy reflects more precisely the delay factors in the CCMSS system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.12B
• /
• pp.818-830
• /
• 2005

Recently, Peer-to-Peer (P2P) overlay networks like CAN, Chord, Pastry and Tapestry offer a novel platform for scalable and decentralized distributed applications. These systems provide efficient and fault-tolerant routing, object location, and load balancing within a self-organizing overlay network. Content Delivery Network (CDN) is an intermediate layer of infrastructure that helps to efficiently deliver the multimedia content from content providers to clients. In this paper, We propose a topology-aware P2P overlay network for CDN, Rosary, in which CDN servers perform Intra-Pastry and Inter-Pastry routing based on a two-level structured overlay network. This proposed system extends pastry by adapting itself to CDN environments, where a semi-hashing based scheme for Intra-Pastry routing is introduced, and dynamic landmark technology is used to construct the topology-aware overlay network. Through simulations on NS-2, it is shown that Rosary is scalable, efficient, and flexible.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.5A
• /
• pp.751-762
• /
• 2000

In the forthcoming next generation highspeed networks, the provisioning of broadband mobile multimedia services is the most important issue while an efficient network management architecture, which can manage the network resources efficiently, is essential. The next generation highspeed networks will be composed of the ATMand SDH-based transport network systems and the H-based interworking systems. The management functions of these network systems are implemented various technologies, such as TMN and SNMP. In order to integrate these network resources efficiently with heterogeneous management functions, the distributed network management architecture such as TINA is most appropriate. In this pape, we propose an interworking architecture for TINA manager and TMN agent. where the TINA-based EML subnetwork management operations mapped into the related management operations of the TMN NE agent. The proposed interworking architecture is simpler than JIDM, and the processing overhead is minimized.

• The Journal of the Korea Contents Association
• /
• v.6 no.3
• /
• pp.108-115
• /
• 2006

e-Learning contents are composed of compounding multimedia data. It requires many professionals in contents development stage. The process of e-learning contents development can be seen as a collaborative work. In the perspective of a collaborative work process, the whole process of e-learning contents development would be regarded as collaborative work process for each participant as well as for whole group members. Most of collaborative works in contents development field are widely distributed. Members of work groups require workspaces for sharing information and communicating each other. In addition to workspaces, it also needs to support collaborative reflection such as planning for collaborative work and monitoring for work process. This paper is intended to develop the reflective collaborative work system for e-Learning contents development in order to support the systemic process of e-learning contents development. The reflective collaborative work system is composed of four supportive parts: work flow management, personal workspace, collaborative workspace, and collaborative reflection.

• Journal of Internet Computing and Services
• /
• v.8 no.2
• /
• pp.55-65
• /
• 2007

BcN is a high-quality broadband network for multimedia services integrating telecommunication, broadcasting, and Internet seamlessly at anywhere, anytime, and using any device. BcN is Particularly vulnerable to intrusion because it merges various traditional networks, wired, wireless and data networks. Because of this, one of the most important aspects in BcN is security in terms of reliability. So, in this paper, we suggest the sharing mechanism of security data among various service networks on the BcN. This distributed, hierarchical architecture enables BcN to be robust of attacks and failures, controls data traffic going in and out the backbone core through IP edge routers integrated with IDRS. Our proposed anomaly detection scheme on IDRS for BcN service also improves detection rate compared to the previous conventional approaches.