• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.1-8
• /
• 2021

With the rapid growth of intelligent devices and communication technologies, 5G network environment has become more heterogeneous and complex in terms of service management and orchestration. 5G architecture requires supportive technologies to handle the existing challenges for improving the Quality of Service (QoS) and the Quality of Experience (QoE) performances. Among many challenges, traffic steering is one of the key elements which requires critically developing an optimal solution for smart guidance, control, and reliable system. Mobile edge computing (MEC), software-defined networking (SDN), network functions virtualization (NFV), and deep learning (DL) play essential roles to complementary develop a flexible computation and extensible flow rules management in this potential aspect. In this proposed system, an accurate flow recommendation, a centralized control, and a reliable distributed connectivity based on the inspection of packet condition are provided. With the system deployment, the packet is classified separately and recommended to request from the optimal destination with matched preferences and conditions. To evaluate the proposed scheme outperformance, a network simulator software was used to conduct and capture the end-to-end QoS performance metrics. SDN flow rules installation was experimented to illustrate the post control function corresponding to DL-based output. The intelligent steering for network communication traffic is cooperatively configured in SDN controller and NFV-orchestrator to lead a variety of beneficial factors for improving massive real-time Internet of Things (IoT) performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4364-4384
• /
• 2021

The dynamic network state and the mobility of the terminals make the service function chain (SFC) orchestration mechanisms based on static and deterministic assumptions hard to be applied in SDN/NFV mobile edge computing networks. Designing dynamic and online SFC orchestration mechanism can greatly improve the execution efficiency of compute-intensive and resource-hungry applications in mobile edge computing networks. In order to increase the overall profit of service provider and reduce the resource cost, the system running time is divided into a sequence of time slots and a dynamic orchestration scheme based on an improved column generation algorithm is proposed in each slot. Firstly, the SFC dynamic orchestration problem is formulated as an integer linear programming (ILP) model based on layered graph. Then, in order to reduce the computation costs, a column generation model is used to simplify the ILP model. Finally, a two-stage heuristic algorithm based on greedy strategy is proposed. Four metrics are defined and the performance of the proposed algorithm is evaluated based on simulation. The results show that our proposal significantly provides more than 30% reduction of run time and about 12% improvement in service deployment success ratio compared to the Viterbi algorithm based mechanism.

• Journal of Information Processing Systems
• /
• v.9 no.2
• /
• pp.189-204
• /
• 2013

The confinement problem was first noted four decades ago. Since then, a huge amount of efforts have been spent on defining and mitigating the problem. The evolution of technologies from traditional operating systems to mobile and cloud computing brings about new security challenges. It is perhaps timely that we review the work that has been done. We discuss the foundational principles from classical works, as well as the efforts towards solving the confinement problem in three domains: operating systems, mobile computing, and cloud computing. While common issues exist across all three domains, unique challenges arise for each of them, which we discuss.

• Electronics and Telecommunications Trends
• /
• v.31 no.1
• /
• pp.25-35
• /
• 2016

Mobile Edge Computing(MEC)은 무선 기지국에 분산 클라우드 컴퓨팅 기술을 적용하여 다양한 서비스와 캐싱 콘텐츠를 이용자 단말에 가까이 전개함으로써 모바일 코어망의 혼잡을 완화하고, 새로운 로컬 서비스를 창출하는 기술이다. 현재는 European Telecommunications Standards Institute(ETSI)주도로 규격 작업이 진행되고 있으며, 동시에 산업계에서는 LTE 모바일 네트워크에 적용하는 시도들이 이루어지고 있다. 그러나 MEC기술은 Software Defined Network(SDN)/Network Functions Virtualization(NFV) 기술들과 함께 향후 2020년대에 도입될 5G 네트워크의 주요 구성 기술로서 부상하고 있다. 본고에서는 MEC의 개념과 다양한 서비스 시나리오, MEC 플랫폼 구조 및 기술동향 등을 살펴보고, 5G에서의 역할과 앞으로 도전하여야 할 기술적인 과제들에 대하여 분석한다.

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.896-914
• /
• 2020

With the rapid growth of network traffic, a large number of connected devices, and higher application services, the traditional network is facing several challenges. In addition to improving the current network architecture and hardware specifications, effective resource management means the development trend of 5G. Although many existing potential technologies have been proposed to solve the some of 5G challenges, such as multiple-input multiple-output (MIMO), software-defined networking (SDN), network functions virtualization (NFV), edge computing, millimeter-wave, etc., research studies in 5G continue to enrich its function and move toward B5G mobile networks. In this paper, focusing on the resource allocation issues of 5G core networks and radio access networks, we address the latest technological developments and discuss the current challenges for resource management in 5G.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.6
• /
• pp.1449-1454
• /
• 2015

Virtualization lacks capabilities for enabling the application to scale efficiently because of new applications components which are raised to be configured on demand. In this paper, we propose an architecture that affords mobile app based on nomadic smartphone using not only mobile cloud computing-cloudlet architecture but also a dedicated platform that relies on using virtual private mobile networks to provide reliable connectivity through LTE(Long Term Evolution) wireless communication. The design architecture lies with how the cloudlet host discovers service and sends out the cloudlet IP and port while locating the user mobile device. We demonstrate the effectiveness of the proposed architecture by implementing an android application responsible of real time analysis by using a vehicle to applications smartphone interface approach that considers the smartphone to act as a remote users which passes driver inputs and delivers outputs from external applications.

• Journal of Computing Science and Engineering
• /
• v.5 no.4
• /
• pp.331-337
• /
• 2011

Recently, Virtual Desktop Infrastructure (VDI) has been widely adopted to ensure secure protection of enterprise data and provide users with a centrally managed execution environment. However, user experiences may be restricted due to the limited functionalities of thin clients in VDI. If thick client devices like laptops are used, then data leakage may be possible due to malicious software installed in thick client mobile devices. In this paper, we present Data Firewall, a security framework to manage and protect security-sensitive data in thick client mobile devices. Data Firewall consists of three components: Virtual Machine (VM) image management, client VM integrity attestation, and key management for Protected Storage. There are two types of execution VMs managed by Data Firewall: Normal VM and Secure VM. In Normal VM, a user can execute any applications installed in the laptop in the same manner as before. A user can access security-sensitive data only in the Secure VM, for which the integrity should be checked prior to access being granted. All the security-sensitive data are stored in the space called Protected Storage for which the access keys are managed by Data Firewall. Key management and exchange between client and server are handled via Trusted Platform Module (TPM) in the framework. We have analyzed the security characteristics and built a prototype to show the performance overhead of the proposed framework.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.6 no.4
• /
• pp.249-254
• /
• 2011

A user desktop service can be made available on internet or local area network with the help of virtualization and cloud technologies. The service is usually called a virtual desktop or a desktop cloud. However, a user interface is limited to I/O capabilities of a user's mobile terminal. In order to enhance a user interface on a remote virtual desktop, it is important to connect full-featured I/O devices which are founded locally. Our previous work called SoD (System-on- Demand) has proposed a technique to associate local full-featured I/O devices with a remote virtual desktop in Xen. On the technique, it is required to install a SoD client agent in a user's mobile terminal for connecting a remote virtual desktop. In this paper, we propose a new framework called Web-SoD that does not require any explicit installation to make SoD service available. The SoD client agent is provided by the web technology so that the agent can be installed transparently, and the platform independency is also achieved. Due to insufficient network socket performance of current web technologies, we extend Native Client (NaCl) proposed by Google to support a network functionality by modifying a NaCl library and a service runtime. With conducted experiment, we show that the network extension supports a full socket functionality over the compromised overhead on the web environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.974-987
• /
• 2018

This paper presents a novel and efficient data transmission scheme based on mobile edge computing for the massive IoT environments which should support various type of services and devices. Based on an accurate and precise synchronization process, it maximizes data transmission throughput, and consistently maintains a flow's latency. To this end, the proposed efficient software defined data transmission scheme (ESD-DTS) configures and utilizes synchronization zones in accordance with the 4 usage cases, which are end node-to-end node (EN-EN), end node-to-cloud network (EN-CN), end node-to-Internet node (EN-IN), and edge node-to-core node (EdN-CN); and it transmit the data by the required service attributes, which are divided into 3 groups (low-end group, medium-end group, and high-end group). In addition, the ESD-DTS provides a specific data transmission method, which is operated by a buffer threshold value, for the low-end group, and it effectively accommodates massive IT devices. By doing this, the proposed scheme not only supports a high, medium, and low quality of service, but also is complied with various 5G usage scenarios. The essential difference between the previous and the proposed scheme is that the existing schemes are used to handle each packet only to provide high quality and bandwidth, whereas the proposed scheme introduces synchronization zones for various type of services to manage the efficiency of each service flow. Performance evaluations show that the proposed scheme outperforms the previous schemes in terms of throughput, control message overhead, and latency. Therefore, the proposed ESD-DTS is very suitable for upcoming 5G networks in a variety of massive IoT environments with supporting mobile edge computing (MEC).

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.471-476
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices. The domain separation based smart device security platform technology in this paper blocks unauthorized access and leakage of sensitive information in device. Also it will be the solution can block transmission and execution of malicious code in various area including variety of IoT devices in internet rather than just smart devices.