• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.11a
• /
• pp.701-705
• /
• 2002

This paper describes implementation of IPv6-IPv4 transition toolbox named as 6TALK(IPv6 TrAansLator of Krv6) and some scenarios using 6TALK which enables IPv6 island to connect other IPv6 island or IPv4 island seamlessly. 6TALK implements some transition mechanisms suggested in NGTrans Working Group of IETF. Those mechanisms are composed of basic mechanism, tunneling, and applied mechanism such as DSTM. 6TALK provides functions which enable IPv6 network at the edge of existing network to communicate with IPv4 network by using these transition mechanisms. As major transition mechanisms in 6TALK we adopt NAT-PT/SIIT and DSTM/DSTM options and as implementation environment we use Linux Kernel 2.4.18 and Netfilter framework. Software modules implemented in Linux kernel was ported to hardware box using Motorola MPC 8260 processor. The transition mechanisms used in 6TALK are the ones predicted to be used in initial transition step to IPv6.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.641-644
• /
• 2008

This paper describes the GUI implementation of an intelligent embedded system which can be used for a personal information platform and an industrial mobile application system. It shows the architecture and the necessary structure and components of X Window graphic system. The embedded system used in this paper has low power and high performance processor, and has a large memory size with a nand-flash memory device. We configured the linux kernel with a TIT-LCD and touch screen device for the operation of X Window system. And we used GTK+2 for running application softwares on the platform embedded system. The GUI library of GTK+2 is useful for providing the same graphics programming environment with host Linux PC. We have developed in this paper the X Window system and the GUI environment for GTK+2 in a new embedded system, and verified the full operation of X Window system and application softwares using GTK+2. The embedded system with large memory size can be used in X Window application softwares for providing a personal information service with a mobile embedded system.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.12
• /
• pp.968-972
• /
• 2009

The multi-core processors are being widely exploited by many high-end systems. With significant advances in processor architecture, the network band-width required on the high-end systems is increasing drastically. It is therefore highly desirable to manage multiple cores efficiently to achieve high network band-width with minimum resource requirements. Modern operating systems, however, still have significant design and optimization space to leverage the network performance over multi-core systems. In this paper, we suggest a novel networking process scheduling scheme, which decides the best processor affinity of networking processes based on the processor cache layout, communication intensiveness, and processor loads. The experimental results show that the scheduling scheme implemented in the Linux kernel can improve the network bandwidth and the effectiveness of processor utilization by 20% and 59%, respectively.

• KIISE Transactions on Computing Practices
• /
• v.23 no.8
• /
• pp.504-509
• /
• 2017

Preserving the integrity of the booting process is important. Recent rootkit attacks and subverting OS attacks prove that any post-OS security mechanism can be easily circumvented if the booting process is not properly controlled. Using an actual case as an example, the hacker of the Se-jong government office simply bypassed the user's password authentication by compromising the normal booting process. This paper analyzes existing pre-OS protection using secure boot and measured boot, and proposes another bootloader that overcomes the limitations. The proposed bootloader not only guarantees the integrity of all the pre-OS binaries, bootloaders, and kernel, it also makes explicit records of integrity in the booting process to the external TPM device, so that we can track modifications of BIOS configurations or unintended booting process modifications.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.65-67
• /
• 2013

The recent high-performance network equipment is required, and also require high network bandwidth utilization. It is a trend to develop increasingly using multi-core processors for high-performance network servers. Propose a method to improve the performance of the network sub-system, considering the characteristics of multi-core as a way to improve these high-performance and high network throughput. In this paper, we confirm through experiments on how to improve the communication performance, optimize performance and take full advantage of multi-core by Network communication process to improve the performance of the multi-core processor architecture, the process of concentration, the overhead for each core, based on network traffic according to the interrupt affinity in this process to determine the optimal core to give. The experiments were implemented in the Linux kernel, and experiments to improve the network throughput up to 30%, bringing reduces the Linux communication process to improve the performance of the processor overhead of up to 10%.

• Journal of KIISE
• /
• v.43 no.8
• /
• pp.841-847
• /
• 2016

As network technology advances, a larger number of devices are connected through the Internet. Recently, cloud storage services are gaining popularity, as they are convenient to access anytime and anywhere. Among cloud storage services, object storage is the representative one due to their characteristics of low cost, high availability, and high durability. One limitation of object storage services is that they can access data on the cloud only through the HTTP-based RESTful APIs. In our work, we resolve this limitation with the in-memory file system which provides a POSIX interface to the file system users and communicates with cloud object storages with RESTful APIs. In particular, our flush mechanism is compatible with existing file systems, as it is based on the swap mechanism of the Linux kernel. Our in-memory file system backed by cloud storage reduces the performance overheads and shows a better performance than S3QL by 57% in write operations. It also shows a comparable performance to tmpfs in read operations.

• The KIPS Transactions:PartA
• /
• v.13A no.6 s.103
• /
• pp.517-524
• /
• 2006

In cluster computers, it is essential to Implement the single I/O space(SIOS) supporting integrated I/O substructure to efficiently process I/O intensive applications. SIOS service provides with global I/O address space to directly access peripherals and hard disks in its own or remote nodes from any node in the cluster computer In this thesis, we propose the implementation method of SIOS in Linux clusters by using only freewares. This method is implemented at device driver level that uses Enhanced Network Block Device(ENBD) and file system level that uses S/W RAID and NFS. The major strengths of this method are easiness of implementation and almost no cost due to using freewares. In addition, since freewares used are open sources, it is possible to apply this method to other platforms with only slight modification. Moreover, experiments show that I/O throughputs are up to 5.5 times higher in write operations and approximately 2.3 times higher in read operations than those of CDD method that uses the device driver developed at kernel level.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.3
• /
• pp.557-567
• /
• 2018

There are currently various file encryption solutions for encrypting and storing files on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this paper, we propose a system call supporting partial encryption function of the file. The user sets the encryption information with the system call interface at a portion where encryption of the file data is desired. And then the user writes file data, the data is encrypted and stored. Also if the user sets decryption information and reads the file data, the necessary part is decrypted by applying the set information. For the proposed system call, It consists of inspection module, management module, encryption module, decryption module, and HMAC module as per required system call. And it was implemented on the Linux environment. Also the operation of implemented system call was verified on the development board, and the performance was analyzed by measuring performance speed.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.3
• /
• pp.345-354
• /
• 2004

In these days, such services are popularized as E-commerce, E-government, multimedia services, and home networking applications. Most web traffics generated contemporarily basically use the Hyper Text Transfer Protocol(HTTP). Unfortunately, the HTTP is improper for these applications that comprise significant components of the web traffics. In this paper, we introduce a real-time contents compression architecture that maximizes the web service performance as well as reduces the response time. This architecture is built into the linux kernel-based web accelerating module. It guarantees not only the freshness of compressed contents but also the minimum time delay using an server-state adaptive algorithm, which can determine whether the server sends the compressed message considering the consumption of server resources when heavy requests reach the web server Also, We minimize the CPU overhead of the web server by exclusively implementing the compression kernel-thread. The testing results validates that this architecture saves the bandwidth of the web server and that elapsed time improvement is dramatic.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.123-129
• /
• 2013

Android file system is vulnerable to the external access of system resources via its arbitrary access mode and need user's control for SD and UMS medias due to its open architecture. In response to the device control, there is a drawback that its controlability is valid only in the case of embedded linux kernel with VDC function. Hence the solution is to directly implement VDC through system call, with another security module for device storage than system module being added to android system. In this paper the new method of android storage access control for personal information is proposed via VDC for mount system of storage. The access method for SD and UMS were implemented using VDC and mount mechanism. This access control system has been designed to control the granted users in kernel level if files are flowed out by copying. As a result, it was proved through testing that the access control system has exactly detected the write access operation.