• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.8
• /
• pp.3821-3841
• /
• 2019

Cloud radio access networks (C-RANs) have been regarded in recent times as a promising concept in future 5G technologies where all DSP processors are moved into a central base band unit (BBU) pool in the cloud, and distributed remote radio heads (RRHs) compress and forward received radio signals from mobile users to the BBUs through radio links. In such dynamic environment, automatic decision-making approaches, such as artificial intelligence based deep reinforcement learning (DRL), become imperative in designing new solutions. In this paper, we propose a generic framework of autonomous cell activation and customized physical resource allocation schemes for energy consumption and QoS optimization in wireless networks. We formulate the problem as fractional power control with bandwidth adaptation and full power control and bandwidth allocation models and set up a Q-learning model to satisfy the QoS requirements of users and to achieve low energy consumption with the minimum number of active RRHs under varying traffic demand and network densities. Extensive simulations are conducted to show the effectiveness of our proposed solution compared to existing schemes.

• Journal of Convergence for Information Technology
• /
• v.8 no.5
• /
• pp.69-75
• /
• 2018

The purpose of access control is to prevent computing resources from illegal behavior such as leakage, modification, and destruction by unauthorized users. As the cloud computing environment is expanded to resource sharing services using virtualization technology, a new security model and access control technique are required to provide dynamic and secure cloud-based computing services. The virtualization management convergence access control model provides a flexible user authorization function by applying the dynamic privilege assignment function to the role based access control mechanism. In addition, by applying access control mechanism based on security level and rules, we solve the conflict problem in virtual machine system and guarantee the safeness of physical resources. This model will help to build a secure and efficient cloud-based virtualization management system and will be expanded to a mechanism that reflects the multi-level characteristics.

• Journal of KIISE:Databases
• /
• v.36 no.3
• /
• pp.235-246
• /
• 2009

As demands intending to treat an access control on a client side that was conventionally controlled at a server are surged. it needs a way to treat query processing in effective and secure manners in an environment that has limited resources. Because the access control having been previously performed was only focused on safety, there was little effort to consider the access control in terms of efficiency. Researches about security including access control are started as the security issues are cropped up in a recent stream environment. This paper proposes a method for efficient and secure query processing of XML data streams like a PDA and a portable terminal at the client that is in limited resources. Specifically, this study suggests (1) an access control processing that possesses small overhead for attaining a secure result in a limited memory and (2) a way to enhance the performance, finding the parts being capable of optimizing in each processing step for offsetting the overhead caused by an addition of the access control processing. Superiority of the new method was analyzed by experiment.

• 한국IT서비스학회:학술대회논문집
• /
• 2002.11a
• /
• pp.355-359
• /
• 2002

웹 서비스의 등장으로 XML이 기반 기술로서 자리 매김하고 있는 현재, XML을 이용하여 여러 표준기술을 제정하려는 움직임이 많아지고 있다. XACML은 접근제어 리스트 (access control list)를 통해 보안이 요구되는 자원에 대해 미세한 접근 제어 서비스를 제공 할 수 있는 XML 기반의 언어이다. XACML은 SAML PDP(Policy Decision Point)의 일부로서 역할을 수행 할 수 있으며 각 정의에 따라 각각의 사용자 별 XML 문서 접근 정책을 수립하고 적용 할 수 있다. 본 논문에서는 XML기반의 Access Control 표준인 XACML에 대하여 분석하고 적용 방법에 대하여 연구하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.6
• /
• pp.1565-1585
• /
• 2012

The characteristics of ad hoc networks, such as the absence of infrastructure, a dynamic topology, a shared wireless medium and a resource-constrained environment pose various security challenges. Most previous studies focused on the detection of misbehavior after it had occurred. However, in this paper we propose a new way of thinking to evade the occurrence of misbehavior. In our scheme, we firstly present a clustering algorithm that employs a powerful analytic hierarchy process methodology to elect a clusterhead for each cluster. The clusterhead in each cluster is then allowed to assign the backoff values to its members, i.e., originators, rather than permitting the originators to choose the backoff values by themselves. Through this media access control layer misbehavior detection mechanism, the misuse of the backoff in the media access control layer in the 802.11 distributed coordination function can be detected.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.265-272
• /
• 2003

RBAC is an Access Control Mechanism for security administration of system resource and technique attracting in commercial fields because of reducing cost and complexity of security administration in large network. Many RBAC's research is progressive but several problems such as the delegation of role have been pointed out concerning the mechanism. It is necessary that a person's role delegate someone with reliability by reasons of a leave of absence, sick leave and the others. But the existing RBAC standards don't give definition of the delegation of roles. In this paper, we propose RBAC model that delegator can delegate subset of role and permission to a delegatee so that more efficient access control may be available.

• Journal of Communications and Networks
• /
• v.15 no.5
• /
• pp.469-475
• /
• 2013

In this paper, we propose an efficient interference management technique which controls the number of resource blocks (or subcarriers) shared with other cells based on statistical interference levels among cells. The proposed technique tries to maximize average throughput of a femto cell user under a constraint on non-real time control of a femto cell network while guaranteeing a target throughput value of a macro cell user. In our proposed scheme, femto cells opportunistically use resource blocks allocated to other cells if the required average user throughput is not attained with the primarily allocated resource blocks. The proposed method is similar to the underlay approach in cognitive radio systems, but resource block sharing among cells is statistically controlled. For the statistical control, a femto cell sever constructs a table storing average mutual interference among cells and periodically updates the table. This statistical approach fully satisfies the constraint of non-real time control for femto cell networks. Our simulation results show that the proposed scheme achieves higher average femto user throughput than conventional frequency reuse schemes for time varying number of users.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38A no.5
• /
• pp.443-450
• /
• 2013

We consider user pairing and resource allocation for the uplink of cellular systems employing virtual multiple input multiple output (MIMO). As a multiple access scheme, discrete Fourier transform spread orthogonal frequency division multiple access (DFTS-OFDMA) is adopted for more flexible resource allocation than single carrier (SC)-OFDMA adopted in the Long Term Evolution (LTE) system. We formulate the optimization problems of user pairing and resource allocation to maximize the throughput of the DFTS-OFDMA system under different constraints. The DFTS-OFDMA allowing non-contiguous subcarrier allocation and redundant user assignment provides a better throughput than the SC-FDMA at lower complexity in finding the optimal solution but at the cost of the increased control information indicating the allocated resources.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.9B
• /
• pp.771-777
• /
• 2004

In a COMA system, the capacity is variable and mainly depends on multiple access interference. The multiple access interference has a deep relationship with transmitted or received power. The capacity of COMA2000 system is considered to be limited by the forward link capacity. In this paper, we show that the forward link cell load can be represented by the total transmitted power of base station and we propose a forward link call admission control (CAC) strategy for COMA2000 system. The proposed call admission scheme adopts the rate control algorithm for data call. This call admission scheme enables the system to utilize radio resource dynamically by controlling data rate according to the cell load status, and enhance the system throughput and grade of service (GoS). quality of service(QoS) such as blocking and outage probability.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.330-334
• /
• 2017

Container-based virtualization reduces performance overhead compared with other virtualization technologies and guarantees an isolation of each virtual execution environment. So, it is being studied to block access to host resources or container resources for sandboxing in restricted system resource like embedded devices. However, because security threats which are caused by security vulnerabilities of the host OS or the security issues of the host environment exist, the needs of the technology to prevent an illegal accesses and unauthorized behaviors by malware has to be increased. In this paper, we define additional access permissions to access a virtual execution environment newly and control them in kernel space to protect attacks from illegal access and unauthorized behaviors by malware and suggest the Container Access Control to control them. Also, we suggest a way to block a loading of unauthenticated kernel driver to disable the Container Access Control running in host OS by malware. We implement and verify proposed technologies on Linux Kernel.