• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권1호
• /
• pp.282-304
• /
• 2014

Each cloud service has numerous owners and tenants, so it is necessary to construct a privacy preserving identity management and access control mechanism for cloud computing. On one hand, cloud service providers (CSP) depend on tenant's identity information to enforce appropriate access control so that cloud resources are only accessed by the authorized tenants who are willing to pay. On the other hand, tenants wish to protect their personalized service access patterns, identity privacy information and accessing newfangled cloud services by on-demand ways within the scope of their permissions. There are many identity authentication and access control schemes to address these challenges to some degree, however, there are still some limitations. In this paper, we propose a new comprehensive approach, called Privacy pReserving Identity and Access Management scheme, referred to as PRIAM, which is able to satisfy all the desirable security requirements in cloud computing. The main contributions of the proposed PRIAM scheme are threefold. First, it leverages blind signature and hash chain to protect tenant's identity privacy and implement secure mutual authentication. Second, it employs the service-level agreements to provide flexible and on-demand access control for both tenants and cloud services. Third, it makes use of the BAN logic to formally verify the correctness of the proposed protocols. As a result, our proposed PRIAM scheme is suitable to cloud computing thanks to its simplicity, correctness, low overhead, and efficiency.

• 한국컴퓨터정보학회논문지
• /
• 제24권10호
• /
• pp.25-32
• /
• 2019

본 논문에서는 보호대상 서버 네트워크에 디코이 트랩을 통한 공격 표면 확장의 적용 방법을 제안한다. 보호대상 서버 네트워크는 많은 수의 디코이들과 보호대상 서버로 구성되며, 각 보호대상 서버는 Hidden Tunner Networking이라는 네트워크 기반 이동 표적 방어 기법에 따라 IP 주소와 포트 번호를 변이한다. 이동 표적 방어는 공격을 막기 위하여 지속적으로 시스템의 공격 표면을 변경하는 사이버 보안에서의 새로운 접근방법이다. 공격 표면 확장은 공격을 막기 위해 디코이와 디코이 그룹을 활용하는 접근방법이다. 제안하는 방법에서는 공격자가 디코이 트랩에서 공격자의 모든 시간과 노력을 허비하도록 커스텀 체인과 RETURN 타켓을 사용하여 보호대상 서버의 NAT 테이블을 수정한다. 본 논문에서는 제안하는 방법이 적용되기 전과 후에 보호대상 서버 네트워크에서의 공격자 성공률을 수식으로 계산한다. 제안하는 방법은 보호대상 서버가 공격자에 의해 식별되고 공격당할 확률을 현저히 줄일 것으로 기대된다.

• 정보처리학회논문지:컴퓨터 및 통신 시스템
• /
• 제10권12호
• /
• pp.319-328
• /
• 2021

인터넷에서의 대용량 콘텐츠들에 대한 서비스가 일반화됨에 따라 기존 TCP/IP 프로토콜에서의 비효율적인 데이터 전송에 대한 문제점들이 제기되었고, 그 결과로 정보중심네트워크 (Information-centric networking) 패러다임이 새롭게 제시되었다. 정보중심네트워크에서는 IP와 같은 위치 식별자를 대신하여 콘텐츠 이름을 통해 콘텐츠 접근이 이루어지며, 네트워크 노드들 (e.g., 라우터)은 캐시를 활용하여 전송중인 콘텐츠들을 저장하여 이후 발생하는 사용자 요청들에 대한 서비스를 수행할 수 있다. 사용자 요청이 멀리 위치한 콘텐츠 서버가 아닌 가까운 네트워크 캐시에서 서비스될 수 있게 됨에 따라 서비스 지연 감소, 네트워크 대역폭의 효율적 사용, 서비스 확장성 확보 등의 이점이 소개되었다. 그런데 이와 같은 정보중심네트워크에서의 이점들은 캐시에 저장되어 있는 콘텐츠가 얼마나 적극적으로 활용될 수 있느냐에 의해 결정될 수 있다. 본 논문에서는 1) 정보중심네트워크의 대표적인 아키텍쳐 중의 하나인 Named-data Networking (NDN) 에서의 콘텐츠 접근 기법에 대해 소개하고, 2) 특별히 라우팅 경로를 벗어나 캐시되어 있는 콘텐츠들을 접근할 수 있도록 하기 위해 제안된 기법들에 대한 리뷰를 진행하며, 3) ndnSIM 시뮬레이터를 활용해 이들 기법들에 대한 성능 비교 평가를 진행한다.

• 대한전자공학회논문지TC
• /
• 제40권10호
• /
• pp.8-15
• /
• 2003

본 논문에서는 동적 파장 할당 기법을 이용한 광 버스트 스위칭 네트워크에서의 절대적 QoS (qualify of service) 제공 방안에 대하여 기술한다. 버퍼 또는 offset time 을 이용한 기존의 QoS 보장 방법과는 달리 본 논문에서 제안하는 동적 가상 파장 분할 (DVLP： dynamic virtual lambda partitioning) 방법은 버퍼 혹은 추가적인 offset time을 필요로 하지 않으며 절대적 QoS를 보장할 수 있는 특징이 있다. 이러한 새로운 동적 가상 파장 분할 방법은 파장 자원을 몇 개의 우선순위 파장 그룹으로 나누고, 절대적 QoS를 제공하기 위해 동적으로 파장 그룹을 재 설정하는 방법이다. 제안된 알고리즘의 성능 분석 및 시뮬레이션 결과를 통하여 긴 주기 및 짧은 주기 내에서도 절대적 QoS를 제공하는 것을 볼 수 있다. 또한 제한된 FDL(fiber delay line) 버퍼를 사용하여 동적 가상 파장 분할 방법의 효율을 더욱 높일 수 있음을 보였다.

• Journal of Communications and Networks
• /
• 제18권5호
• /
• pp.846-856
• /
• 2016

Wireless sensor networks (WSNs) are widely applied in monitoring and control of environment parameters. It is sometimes necessary to disseminate data through wireless links after they are deployed in order to adjust configuration parameters of sensors or distribute management commands and queries to sensors. Several approaches have been proposed recently for data dissemination in WSNs. However, none of these approaches achieves both high efficiency and low complexity simultaneously. To address this problem, cluster-tree based network architecture, which divides a WSN into hierarchies and clusters is proposed. Upon this architecture, data is delivered from base station to all sensors in clusters hierarchy by hierarchy. In each cluster, father broadcasts data to all his children with instantly decodable network coding (IDNC), and a novel scheme targeting to maximize total transmission gain (MTTG) is proposed. This scheme employs a new packet scheduling algorithm to select IDNC packets, which uses weight status feedback matrix (WSFM) directly. Analysis and simulation results indicate that the transmission efficiency approximate to the best existing approach maximum weight clique, but with much lower computational overhead. Hence, the energy efficiency achieves both in data transmission and processing.

• 한국신재생에너지학회:학술대회논문집
• /
• 한국신재생에너지학회 2011년도 춘계학술대회 초록집
• /
• pp.76.1-76.1
• /
• 2011

With the growing penetration of distributed generation including from renewable sources, smart grid power system is needed to address the reliability problem. One important feature of smart grid is demand response. In order to design a demand response program, it is indispensable to understand how consumer reacts upon the change of electricity price. In this paper, we construct an econometrics model to estimate the hourly price elasticity of demand. This panel model utilizes the hourly load data obtained from KEPCO for the period from year 2005 to 2009. The hourly price elasticity of demand is found to be statistically significant for all the sample under investigation. The samples used for this analysis is from the past historical data under the price structure of three different time zones for each season. The result of the analysis of this time of use pricing structure would allow the policy maker design an appropriate incentive program. This study is important in the sense that it provides a basic research information for designing future demand response programs.

• Journal of Computing Science and Engineering
• /
• 제3권1호
• /
• pp.27-58
• /
• 2009

Aggregation join queries are an important class of queries over data streams. These queries involve both join and aggregation operations, with window-based joins followed by an aggregation on the join output. All existing research address join query optimization and aggregation query optimization as separate problems. We observe that, by putting them within the same scope of query optimization, more efficient query execution plans are possible through more versatile query transformations. The enabling idea is to perform aggregation before join so that the join execution time may be reduced. There has been some research done on such query transformations in relational databases, but none has been done in data streams. Doing it in data streams brings new challenges due to the incremental and continuous arrival of tuples. These challenges are addressed in this paper. Specifically, we first present a query processing model geared to facilitate query transformations and propose a query transformation rule specialized to work with streams. The rule is simple and yet covers all possible cases of transformation. Then we present a generic query processing algorithm that works with all alternative query execution plans possible with the transformation, and develop the cost formulas of the query execution plans. Based on the processing algorithm, we validate the rule theoretically by proving the equivalence of query execution plans. Finally, through extensive experiments, we validate the cost formulas and study the performances of alternative query execution plans.

• 한국대기환경학회:학술대회논문집
• /
• 한국대기환경학회 2003년도 추계학술대회 논문집
• /
• pp.195-195
• /
• 2003

Combustion generated fine particles, defined as those with aerodynamic diameters less than 2.5 m, have come under increased regulatory scrutiny because of suspected links to adverse human health effects. Transition metals are of particular interest due to the results of a number of studies that have shown cardiopulmonary damage associated with exposure to these elements and their presence in coal, residual fuel oils, sewage sludge, and other combusted fuels and wastes. This lecture will review results from multi-di sciplinary studies being conducted at EPA and elsewhere examining the physical, chemical, and toxicological characteristics of combustion generated particles. The research describes how collaborative work between combustion engineers and health scientists can provide insight on how combustion processes affect particle properties and subsequent health effects as measured by a combination of in-vitro and in-vivo studies using a variety of animal models. The focus of this lecture is on the interdisciplinary approach required to address the problem. Difficulties are discussed. Engineering aspects involved in this approach are described in detail. Physical and chemical characterizations are performed using a variety of analytical approaches including new techniques of x-ray absorption fine structure (XAFS) spectroscopy and x-ray absorption near-edge structure (XANES) deconvolution of these spectra to gather metal speciation information.

• Journal of Computing Science and Engineering
• /
• 제10권2호
• /
• pp.39-50
• /
• 2016

In this paper, we present a comparative study of spatial domain features for writer identification and verification with different ink width conditions. The existing methods give high error rates, when comparing two handwritten images with different pen types. To the best of our knowledge, we are the first to design the feature with different ink width conditions. To address this problem, contour based features were extracted using a chain code method. To improve accuracy at higher levels, we considered histograms of chain code and variance in bins of histogram of chain code as features to discriminate handwriting samples. The system was trained and tested for 1,000 writers with two samples using different writing instruments. The feature performance is tested on our newly created dataset of 4,000 samples. The experimental results show that the histogram of chain code feature is good compared to other methods with false acceptance rate of 11.67%, false rejection rate of 36.70%, average error rates of 24.18%, and average verification accuracy of 75.89% on our new dataset. We also studied the effect of amount of text and dataset size on verification accuracy.

• 한국정보과학회논문지:소프트웨어및응용
• /
• 제34권5호
• /
• pp.487-501
• /
• 2007

고성능 다중 이슈 DSP의 하드웨어 리소스 사용률을 높이기 위해서, 제공되는 상용 컴파일러는 일반적으로 반복 모듈로 스케쥴링(Iterative Modulo Scheduling)을 포함하고 있다. 하지만, 통신 및 미디어 처리 응용의 루프에 존재하는 과도한 순환 데이타 의존관계는 모듈로 스케쥴링 자유도를 제한하고 있다. 결과적으로, 멀티 이슈를 위한 DSP의 병렬 기능 유닛들은 완전히 사용되고 있지 못하다. 이러한 하드웨어 리소스 저사용 문제를 해결하기 위하여, 이 논문은 효율적인 모듈로 스케쥴링을 위한 새로운 컴파일러 전처리 기법을 기술하고 있다. 제안하는 전처리 기법은 두 가지로서 클로닝과 디스맨틀링으로 불리우며, 이 두가지 기법들은 StarCore SC140 DSP 컴파일러에 구현하여 검증하였다.