• Journal of Information Processing Systems
• /
• v.16 no.2
• /
• pp.301-317
• /
• 2020

An enterprise patch-management system (PMS) typically supplies a single point of failure (SPOF) of centralization structure. However, a Blockchain system offers features of decentralization, transaction integrity, user certification, and a smart chaincode. This study proposes a Hyperledger Fabric Blockchain-based distributed patch-management system and verifies its technological feasibility through prototyping, so that all participating users can be protected from various threats. In particular, by adopting a private chain for patch file set management, it is designed as a Blockchain system that can enhance security, log management, latest status supervision and monitoring functions. In addition, it uses a Hyperledger Fabric that owns a practical Byzantine fault tolerant consensus algorithm, and implements the functions of upload patch file set, download patch file set, and audit patch file history, which are major features of PMS, as a smart contract (chaincode), and verified this operation. The distributed ledger structure of Blockchain-based PMS can be a solution for distributor and client authentication and forgery problems, SPOF problem, and distribution record reliability problem. It not only presents an alternative to dealing with central management server loads and failures, but it also provides a higher level of security and availability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.2
• /
• pp.846-864
• /
• 2017

Software Defined Network (SDN) realizes management and control over the underlying forwarding device, along with acquisition and analysis of network topology and flow characters through south bridge protocol. Data path Identification (DPID) is the unique identity for managing the underlying device, so forged DPID can be used to attack the link of underlying forwarding devices, as well as carry out DoS over the upper-level controller. This paper proposes a dynamic defense method based on Client-Puzzle model, in which the controller achieves dynamic management over requests from forwarding devices through generating questions with multi-level difficulty. This method can rapidly reduce network load, and at the same time separate attack flow from legal flow, enabling the controller to provide continuous service for legal visit. We conduct experiments on open-source SDN controllers like Fluid and Ryu, the result of which verifies feasibility of this defense method. The experimental result also shows that when cost of controller and forwarding device increases by about 2%-5%, the cost of attacker's CPU increases by near 90%, which greatly raises the attack difficulty for attackers.

• Journal of Sensor Science and Technology
• /
• v.15 no.6
• /
• pp.417-424
• /
• 2006

An ubiquitous healthcare monitoring system for elderly person at home was designed for continuous healthy monitoring of elderly person or patients. Human vital signals, such as ECG and body temperature, were monitored by terminal PC or PDA via ECG and temperature sensor nodes on the patient's body. From the ECG data, the heart rate, tachycardia, bradycardia and arrhythmia were diagnosed on the terminal PC or PDA to assist doctor's or nurse's aid or patient itself to monitor the patient's condition and give medical examination. Artificial judgement support system was designed in server computer and the system support a doctor or nurser for management or treatment of the patient. This system can be applied to vital signal monitoring system for solitude elderly person at self house or home health care service part. And this ubiquitous healthcare system can reduce the medical expenses in coming aging or aged society.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2018.07a
• /
• pp.43-44
• /
• 2018

본 논문에서는 SDN환경에서 트래픽 분류를 위한 특징 선택 기법을 제안한다. 최근 들어 다양한 스마트폰 어플리케이션이나 다양한 IoT 기기들이 등장하고 있다. 다양한 IoT 기기나 어플리케이션은 엄청난 양의 트래픽을 발생시킨다. 엄청난 양의 트래픽은 전송속도를 저하시킬 뿐만 아니라, 높은 Quality of Service(QoS)를 보장하기가 힘들다. 또한 이러한 문제점들을 보안하기 위해 Software Defined Networking(SDN)이라는 기술이 빠른속도로 발전하고 있으며, 본 논문에서는 다양한 어플리케이션과 IoT 기기의 트래픽을 SDN환경에서 분류 하며, 트래픽의 분류 정확도와 더 빠른 분류를 위해 트래픽의 특징 선택 기법을 제안한다. 특징 선택을 수행한 뒤, 트래픽 분류를 진행하면 트래픽 분류 정확도를 높이고, 트래픽 분류시간은 줄어드는 효과를 보이며, 높은 QoS를 보장함으로써, 기존 네트워크 트래픽의 부하가 줄어드는 우수한 성능을 보인다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.01a
• /
• pp.131-133
• /
• 2014

본 논문에서는 서비스업의 매장에 설치된 POS(Point of sale) 또는 Smart device를 이용하여 빈 방 또는 빈 테이블 등의 서비스 가능 공간 수에 따라 실시간으로 가격이 변동되는 시스템을 제안한다. 고객 입장에서는 보다 싼 가격으로 서비스를 이용할 수 있으며, 매장주 입장에서는 한산한 시간에 경쟁력 있는 가격으로 고객을 유치할 수 있도록 도움을 준다. 고객은 애플리케이션에 접속하여 위치기반서비스를 통해 이용하고자하는 서비스 매장을 선택하여 실시간으로 변동되는 서비스 가격을 확인할 수 있으며, 예약 및 결제를 한 후, 일정 시간 내에 해당 매장에 가서 서비스를 이용할 수 있다. 매장주는 POS 또는 Smart device를 통해 자동 또는 수동으로 서비스 가격을 변동시킬 수 있다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.754-756
• /
• 2005

이동통신 기술과, 반도체 기술의 발전으로 인해 기존의 컴퓨팅 패러다임이 데스크 탑에서 PDA, 스마트 폰 등의 모바일 환경으로, 그리고 입는 컴퓨터로의 이동이 급격하게 진행되고 있다. 또한 유비쿼터스 컴퓨팅 개념이 도입되고 발전하면서 입는 컴퓨터는 사용자와 편재된 컴퓨팅 환경의 인터페이스로써 중요성이 부각되고 있다. 그러나 웨어러블 컴퓨팅 환경에서의 사용자 간, 또는 주변 컴퓨팅 환경과의 데이터 공유와 관련된 연구는 활발히 진행되고 있지 못하다. 따라서, 본 논문에서는 웨어러블 컴퓨팅 환경의 Distributed, Dynamic, Heterogeneous한 특성에 대한 기존의 분산 파일 시스템/서비스가 가진 한계점을 제시하고, 웨어러블 컴퓨팅 환경에서 자유로운 데이터 공유를 실현하기 위한 분산 파일 서비스를 제시하였다. 마지막으로, 본 논문에서는 웨어러블 컴퓨팅에서의 제한적인 입출력 환경을 극복하기 위한 상황 인지 분산 파일 시스템/서비스와 관련된 연구들을 소개하고, 기존의 연구들이 가지는 한계점을 극복하기 위한 분산 파일 서비스 구성 기법을 제시하였다.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.171-177
• /
• 2008

CBD(Component-based Development), which refers to the method of treating software as parts of a larger whole and developing new information systems through the assembly and synthesis of existing software, has been popular among many methods for developing software. However, CBD has limitations in the mobile environment which requires frequent requirements change and flexible process. To overcome those limitations, we propose an improved mobile development process based on the UML(Unified Modeling Language) components. Our Proposal is the simple development process implemented as three phase of component diagrams for the mobile system having quickly evolving technology and small-size project. Through the implementation of a mobile banking service with the proposed development process, we show that our proposal works efficiently for the requirements change and flexible development.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.5654-5668
• /
• 2018

Driven by security and real-time demands of Internet of Things (IoT), the timing of fog computing and edge computing have gradually come into place. Gateways bear more nearby computing, storage, analysis and as an intelligent broker of the whole computing lifecycle in between local devices and the remote cloud. In fog computing, the edge broker requires X-aware capabilities that combines software programmability, stream processing, hardware optimization and various connectivity to deal with such as security, data abstraction, network latency, service classification and workload allocation strategy. The prosperous of Field Programmable Gate Array (FPGA) pushes the possibility of gateway capabilities further landed. In this paper, we propose a software-defined gateway (SDG) scheme for fog computing paradigm termed as Fog Computing Zero-Knowledge Gateway that strengthens data protection and resilience merits designed for industrial internet of things or highly privacy concerned hybrid cloud scenarios. It is a proxy for fog nodes and able to integrate with existing commodity gateways. The contribution is that it converts Privacy-Enhancing Technologies rules into provable statements without knowing original sensitive data and guarantees privacy rules applied to the sensitive data before being propagated while preventing potential leakage threats. Some logical functions can be offloaded to any programmable micro-controller embedded to achieve higher computing efficiency.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.11
• /
• pp.3523-3543
• /
• 2022

Autonomous vehicles are gradually being regarded as the mainstream trend of future development of the automobile industry. Autonomous driving networks generate many intensive and delay-sensitive computing tasks. The storage space, computing power, and battery capacity of autonomous vehicle terminals cannot meet the resource requirements of the tasks. In this paper, we focus on the task scheduling problem of autonomous driving in software-defined edge networks. By analyzing the intensive and delay-sensitive computing tasks of autonomous vehicles, we propose an emotion model that is related to task urgency and changes with execution time and propose an optimal base station (BS) task scheduling (OBSTS) algorithm. Task sentiment is an important factor that changes with the length of time that computing tasks with different urgency levels remain in the queue. The algorithm uses task sentiment as a performance indicator to measure task scheduling. Experimental results show that the OBSTS algorithm can more effectively meet the intensive and delay-sensitive requirements of vehicle terminals for network resources and improve user service experience.

• Journal of Korea Multimedia Society
• /
• v.11 no.5
• /
• pp.710-727
• /
• 2008

Service-oriented computing systems have been issued by their properties of reducing software development time and effort by reusing functional service units. The reusability of services can effectively promote through loose coupling between services. But strong associations of object-oriented systems such as inheritance and aggregation create a rather tight coupling between objects. The component-based systems without inheritance and aggregation create a loose coupling between components. Thus components provide service realization at runtime using the functionality provided by their interfaces. Therefore legacy component-based systems need to have service-oriented computing concept in order to support functional service units efficiently. Also, conventional methods for service-oriented computing system have not suggested the clear classification of service layers, the clear service identification guideline introducing service layers and a service mapping method between serviceces of each layer. Therefore we suggest the service classification and the identification guideline of business view and implementation view introducing layers and propose a mapping between two views. That is, we research service layers, service identification, diversified service sizes and a service mapping method between services of each layer. This can be applied to legacy component-based system to extend to the service-oriented computing system.