• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.4
• /
• pp.33-41
• /
• 2015

With rapid rise of virtualization technology from diverse types of cloud computing service, security problems such as data safety and reliability are the issues at stake. Since damage in virtualization layer of cloud service can cause damage on all host (user) tasks, Hypervisor that provides an environment for multiple virtual operating systems can be a target of attackers. This paper propose a security structure for protecting Hypervisor from hacking and malware infection.

• The Journal of the Korea Contents Association
• /
• v.13 no.9
• /
• pp.1-9
• /
• 2013

In recent, the cloud computing makes it possible to provide the on-demand provision of software, hardware, and data as a service in various IT fields. This paper uses the cloud computing techniques for the real time broadcasting service of virtual 3D contents. However, the existing related solutions have many problems that the load of the server is rapidly increased or the cost of the server is very high when the number of service users is increased. Therefore, we propose a new application virtualization method to solve these problems. It promises their stable operations in multi-user services because the proposed method does not execute the rendering commands of the application at the host server but delivers and executes them to clients via the Internet. Our performance experiments show that our proposed method outperforms the existing methods.

• KNOM Review
• /
• v.21 no.2
• /
• pp.26-34
• /
• 2018

With the proliferation of cloud computing and services, the internet traffic and the demand for better quality of service are increasing. For this reason, server virtualization and network virtualization technology, which uses the resources of internal servers in the data center more efficiently, is receiving increased attention. However, the existing hardware Test Access Port (TAP) equipment is unfit for deployment in the virtual datapaths configured for server virtualization. Virtual TAP (vTAP), which is a software version of the hardware TAP, overcomes this problem by duplicating packets in a virtual switch. However, implementation of vTAP in a virtual switch has a performance problem because it shares the computing resources of the host machines with virtual switch and other VMs. We propose a vTAP implementation technique based on the extended Berkeley Packet Filter (eBPF), which is a high-speed packet processing technology, and compare its performance with that of the existing vTAP.

• Journal of Internet Computing and Services
• /
• v.14 no.5
• /
• pp.39-48
• /
• 2013

A cloud system has to deal with highly variable workloads resulting from dynamic usage patterns in order to keep the QoS within the predefined SLA. Aside from the aspects regarding services, another emerging concern is to keep the energy consumption at a minimum. This requires the cloud providers to consider energy and performance trade-off when allocating virtualized resources in cloud data centers. In this paper, we propose a resource provisioning approach based on dynamic thresholds to detect the workload level of the host machines. The VM selection policy uses utilization data to choose a VM for migration, while the VM allocation policy designates VMs to a host based on its service reputation. We evaluated our work through simulations and results show that our work outperforms non-power aware methods that don't support migration as well as those based on static thresholds and random selection policy.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.304-307
• /
• 2015

Virtualization lacks capabilities for enabling the application to scale efficiently because of new applications components which are raised to be configured on demand. In this paper, we propose an architecture that affords mobile app based on nomadic smartphone using not only mobile cloud computing-cloudlet architecture but also a dedicated platform that relies on using virtual private mobile networks to provide reliable connectivity through Long Term Evolution (LTE) wireless communication. The design architecture lies with how the cloudlet host discovers service and sends out the cloudlet IP and port while locating the user mobile device. We demonstrate the effectiveness of the proposed architecture by implementing an android application responsible of real time analysis by using a vehicle to applications smart phones interface approach that considers the smartphones to act as a remote users which passes driver inputs and delivers outputs from external applications.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.91-100
• /
• 2020

This paper presents an evaluation framework for prototyping multimedia streaming services including audio and video in a distributed and/or decentralized storage that can evaluate service quality and performance under various network conditions. The evaluation framework focuses on important indicators which measure and improve service quality by applying decentralized storage to multimedia streaming services that can mimic the scalability of the existing server-client software architecture and the issue of a single point of failure. The integrated framework not only measures performance indicators for evaluating the quality and performance of multimedia streaming on open source based multimedia content streaming services, but also adjusts network quality using network virtualization technology for comprehensive evaluations. The experimental results show that the integrated framework has low overhead in building and operating a decentralized storage with multimedia streaming services on a single host computer which validates the scalability of the developed framework.

• Journal of KIISE
• /
• v.43 no.9
• /
• pp.947-952
• /
• 2016

Most data centers attempt to consolidate servers using virtualization technology to efficiently utilize limited physical resources. Moreover, virtualized systems have commonly adopted contents-based page sharing mechanism for page deduplication among virtual machines (VMs). However, previous page sharing schemes are limited by the inability to effectively manage accumulated hints which mean sharable pages in stack. In this paper, we propose a priority-based hint management scheme to efficiently manage accumulated hints, which are sent from guest to host for improving page sharing opportunity in virtualized systems. Experimental results show that our scheme removes pages with low sharing potential, as compared with the previous schemes, by efficiently managing the accumulated pages.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.9
• /
• pp.916-920
• /
• 2008

The personal workspace consists of user- specified computing environment such as user profile, applications and their configurations, and user data. Mobile computing devices (i.e., cellular phones, PDAs, laptop computers, and Ultra Mobile PC) are getting smaller and lighter to provide personal work-space ubiquitously. However, various personal work-space mobility solutions (c.f. VMWare Pocket ACE[1], Mojopac[2], u-PC[3], etc.) are appeared with the advance of virtualization technology and portable storage technology. The personal workspace can be loaded at public PC using above solutions. Especially, we proposed a framework called ubiquitous personal computing environment (u-PC) that supports mobility of personal workspace based on wireless iSCSI network storage in our previous work. However, previous u-PC could support limited applications, because it uses IRP (I/O Request Packet) forwarding technique at filter driver level on Windows operating system. In this paper, we implement OS-level virtualization technology using system call hooking on Windows operating system. It supports personal workspace mobility and covers previous u-PC limitation. Also, it overcomes personal workspace loading overhead that is limitation of other solutions (i.e., VMWare Pocket ACE, Mojopac, etc). We implement a prototype consisting of Windows XP-based host PC and Linux-based mobile device connected via WiNET protocol of UWB. We leverage several use~case models of our framework for proving its usability.

• KIISE Transactions on Computing Practices
• /
• v.24 no.3
• /
• pp.129-137
• /
• 2018

NVMe(Non-Volatile Memory Express) SSD(Solid State Drive) is a high-performance storage that makes use of flash memory as a storage cell, PCIe as an interface and NVMe as a protocol on the interface. It supports multiple I/O queues which makes it feasible to process parallel-I/Os on multi-core environments and to provide higher bandwidth than SATA SSDs. Hence, NVMe SSD is considered as a next generation-storage for data-center and cloud computing system. However, in the virtualization system, the performance of NVMe SSD is not fully utilized due to the bottleneck of the software I/O stack. Especially, when it uses I/O stack of the hypervisor or the host operating system like Xen and KVM, I/O performance degrades seriously due to doubled-I/O stack between host and virtual machine. In this paper, we propose a new I/O engine, called Direct-AIO (Direct-Asynchronous I/O) engine, that can access NVMe SSD directly for I/O performance improvements on QEMU emulator. We develop our proposed I/O engine and analyze I/O performance differences between the existed I/O engine and Direct-AIO engine.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.10
• /
• pp.6310-6316
• /
• 2014

The increase in the Internet and smart device users requires high-level network security. Network security consists of Web Firewall, Network Firewall, IPS, DDoS system, UTM (Unified Treat Management), VPN, NAC (Network Access Control), Wireless security, Mobile security, and Virtualization. Most network security solutions running on IPv4, and IPv6 network services are not sufficiently ready. Therefore, in this paper, this study designed and implemented important functions of Network Access Control (NAC), which include IPv6 host detection, isolation, blocking and domain assignment for the IPv6 network. In particular, domain assignment function makes 128 bits IPv6 address management easy. This system was implemented on a KISA IPv6 test-bed using well known devices. Finally, the test result showed that all IPv6 based wired and wireless devices were well-controlled (detection, blocking, isolation and domain assignment).