• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.8
• /
• pp.1726-1731
• /
• 2003

The firewall is generally used to protect the internal information system from intruders and hackers who attack through the Internet. However, it is very difficult for a user to verify the performance of the firewall as well as the difference of the performance for the operating mode such as Bridge Mode and Gateway Mode. In this paper, the performance of a firewall on the operating systems or windows 2000, Linux, and FreeBSD is compared. Finally, The performance of a firewall on the FreeBSD is compared at different operating modes and the effect of the number of rules by testing throughput of a firewall is analyzed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.967-969
• /
• 2003

Because of the rapid growth of Internet, the firewall is generally used to protect the network sorority. The firewall on Linux or FreeBSD Kernal, which is widely used, supports either Gateway or Bridge Mode. In this study, we present the firewall which supports simultaneously Gateway and Bridge Mode. For the application service, it is suggested that the firewall which has excellent expandability ran construct a network without another proxy.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.11-16
• /
• 2003

This paper implements Multiple User Authentication System to which the system authenticating with password only has been upgraded. The 4-staged authentication including user ID, password, smart card and access control information, etc. is used at the suggested Multiple User Authentication System. The user authentication system that this paper suggests has been developed based on SecuROS/FreeBSD with the function of access control added to FreeBSD kernel. It provides both the function to limit accost range to the system to each user and the function to check that when inputting important information the demand is the one if the system ; thus, the reliability becomes increased. In the SecuROS/FreeBSD system, MAC and RBAC are being used. So, in the case of users accessing to the system, the Information about the policies of MAC and RBAC to which users would access is used in the authentication. At the time, the access to system if permitted only when the access control information that users demanded satisfies all the access control rules which have been defined In the system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2117-2120
• /
• 2003

Trusted channel provides a means of secure communication and it includes security services such as confidentiality, authentication, and so on. This paper describes the implementation of trusted channel between secure operating systems that integrates access control mechanisms with FreeBSD kernel code[1]. The trusted channel we developed offers confidentiality an4 message authentication for network traffic based on the destination address. It is implemented in the kernel level of IP layer and transparent to users.

• The KIPS Transactions:PartD
• /
• v.10D no.5
• /
• pp.773-780
• /
• 2003

SecuROS(Secure & Reliable Operating System) prevents and blocks possible system cracking by implementing additional security functions in FreeBSD 4.3 operating system (OS) kernel, including access control, user authentication, audit trail, encryption file system and trusted channel. This paper describes access control technique, which is one of core technologies of SecuROS, introduces the implementations of DAC, MAC and RBAC, all of which are corresponding access control policies, and show security and results of performance measurement on the basis of application of access control policies. Finally, security and performance between conventional OS environment and environment adopting access control policy is described.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.11
• /
• pp.2954-2964
• /
• 1999

In this paper, we propose the model to measure and compare the performances of the Linux, PC_Solaris and FreeBSD which are the heterogeneous PC based UNIX kernels connected by network. Using the stop-watch timer with the $mutextrm{s}$ unit, we measure the important performance indices of UNIX kernels which are the primitive and command execution time and disk I/O time. Also we measure the message transfer time using the TCP, UDP and RPC methods to compare the network performance of UNIX kernels. And we compare the performance of NFS for each UNIX kernels. And we display the measured data on internet.