• The Journal of Information Technology
• /
• v.7 no.4
• /
• pp.21-30
• /
• 2004

A VPN(Virtual Private Network) is constructed using public wires to connect nodes. It can be used like the dedicated line and maintain the security of the data on the VPN. And It uses encryption and other security mechanisms to ensure that only authorized users can access the network. In this paper we summarize IPsec and VPN technology and construct pilot VPN system for analyzing the performance of remote access VPN. Then we analyze the performance of remote VPN system using VPN concentrator in case of single user and in case of multi users.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.11-21
• /
• 2004

To authorize IPSec-VPN Client in Client-to-Gateway type of the IPSec-VPN system, it can be normally used with ID/Password verification method or the implicit authorization method that regards implicitly IPSec-VPN gateway as authorized one in case that the IPSec-VPN client is authenticated. However, it is necessary for the Client-to-Gateway type of the IPSec-VPN system to have a more effective user authorization mechanism because the ID/Password verification method is not easy to transfer the ID/Password information and the implicit authorization method has the vulnerability of security. This paper proposes an effective user authorization mechanism using an attribute certificate and designs a user authorization engine. In addition, it is implemented in this study. The user authorization mechanism for the IPSec-VPN system proposed in this study is easy to implement the existing IPSec-VPN system. Moreover, it has merit to guarantee the interoperability with other IPSec-VPN systems. Furthermore, the user authorization engine designed and implemented in this paper will provide not only DAC(Discretional Access Control) and RBAC(Role-Based Access Control) using an attribute certificate, but also the function of SSO(Single-Sign-On).

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.5
• /
• pp.926-932
• /
• 2007

Various research groups proposed various architecture of hardware VPN for the high performance VPN system. However, the VPN based on hardware researcher are focused only on the encryption acceleration. Soft based VPN is only useful when the network connection is slow. We have to consider the hardware performance (encryption/decryption processing capability, packet processing, architecture method) to implement hardware based VPN. In this paper, we have analysed architecture of hardware, consideration and problems for high-speed VPN system, From the result, we can choose the proper design guideline.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.6
• /
• pp.727-735
• /
• 2002

In this paper, we design and implement a MPLS based IP-VPN service module as an application for ACE2000 MPLS system. ACE2000 MPLS VPN service module has been developed using the BGP4 extension protocol. The IP-VPN service module supports differentiated QoS using the MPLS traffic engineering. In addition, it offers a path protection mechanism and the restart mechanism of MPLS system and forwarding engine for supporting a highly reliable service.

• Convergence Security Journal
• /
• v.5 no.3
• /
• pp.87-92
• /
• 2005

The performance of a cryptographic module is the most important thing to achieve a high performance VPN system which realizes information security by encrypting and decrypting all the communicating data packets. However the cryptographic operations require much computation power and software cryptographic systems reveal bad performance. Thus, it is strongly recommended to develop a VPN system employing hardware component. This paper introduces a case study of developing a PCI add-on card which supports several block cipher algorithms such as DES, 3DES, AES, and SEED. The performance of them was measured by embedding the card in a commercial VPN system.

• 한국정보통신설비학회:학술대회논문집
• /
• 2003.08a
• /
• pp.112-114
• /
• 2003

MPLS/VPN서비스는 MPLS망의 인프라를 이용하여 사설망을 제공하는 서비스로 각 VPN사이트사이를 고속의 LSP를 이용하여 연결한다. MPLS/VPN서비스는 차별적인 다양한 서비스 품질을 지원하는 것이 용이하며, 또한 서비스 도입과 운용 및 관리가 용이하여 저비용으로 VPN서비스를 제공할 수 있는 장점을 가지고 있다. 본 논문에서는 초고속 국가망에 도입될 예정인 ATM/MPLS MSR40시스템을 이용하여 MPLS/VPN망을 구축하기 위해 요구되는 라우팅 프로토콜상에서의 설정 및 고려사항을 설명한다. 현재 시험서비스중인 MPLS네트워크 구축 사례를 바탕으로 하여 MPLS 도메인 내부 라우팅 설정 절차 및 가입자측 라우팅 설정 절차에 대해 설명하고 또한 MPLS망의 특성상 요구되는 몇가지 라우팅 이슈에 대해 설명한다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.24 no.2
• /
• pp.1-6
• /
• 2024

In this paper, we designed and implemented the security network NVR system that can flexibly use the internal network and VPN network. In general, the NVR systems that only use internal networks cannot be access from the outside, which has the disadvantage of unnecessary inspections and inability to access from the outside. External access has made possible using the VPN security network, and a NVR system software was designed and implemented so that the existing internal network could be used. We compared with the NVR system usage environment in the internal network through the client and the NVR system. It also has implemented usage environment with the VPN network through the mobile APP, and confirmed that the same NVR was operating normally with the same functions. We also studied on IP based NVR for flexible access with closed loop network based on VPN system.

• Journal of information and communication convergence engineering
• /
• v.1 no.4
• /
• pp.213-216
• /
• 2003

A VPN is widely used in a communications environment which access is controlled to permit peer connections only within a defined community of interest. It is constructed through some form of partitioning of a common underlying communication medium, where this underlying communications medium provides services to the network on a non-exclusive basis. In this paper, we have analyzed a variety of architecture to implement Giga bps VPN system. The proposed architecture will satisfy the needs of clients who adopt Giga bps VPN system in the various environments.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.575-576
• /
• 2017

Recently, research have smart gateways can provide additional services through the IoT and Big Data. However, the existing System is number of devices connected increases to the Server, the stability of the network is degraded and data security is poor. In this paper, we design a smart gateway VPN tunneling control system based on IoT to solve these problems. we propose an effective VPN tunneling technology for low-end targets such as routers, and a method for efficiently controlling traffic in real-time in an environment where the quality of the Internet line changes dramatically. It is possible to control the sensor in the home safely through the VPN at the remote place.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.1
• /
• pp.57-64
• /
• 2004

Passive optical network that use passive component is economical network, and can provide service of high speed to subscribers. The function of VPN which is operated like private network is needed to many companies. There are two methods to implement VPN over ATM-PON. One is located at ONU and OLT system and another is located at core network. In this paper, we implemented to SCB and P2P adding VPN function to ONU and OLT of ATM-PON system. We knew that the proposed method has more fast transmission and more small traffic than other method in the field of the performance.