• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.11_12
• /
• pp.541-556
• /
• 2005

The memory access latency of the system has been a primary factor of performance degradation in single-processor system and multi-processor system. The remote memory access latency takes a lot of overhead over the local memory access latency especially in the distributed shared-memory system. To resolve this problem, the multi-level cache architecture that contains a remote cache in the multi-processor system has been proposed. In this paper, we propose a new cache replacement policy that improves the performance of the multi-processor system with the remote cache. If the multi-level cache keeps the multi-level inclusion(MLI) property and uses the LRU(Least Recently Used) cache replacement policy, the LRU information of the higher-level cache(a processor cache) would be different with that of the lower-level cache(a remote cache). In this situation, the replacement of a remote cache line can induce the exchange of a processor cache line that is used by the processor. It is a main factor of performance degradation in a whole system. To alleviate this disadvantage of the LRU replacement polity, the new policy analyses tht processor's remote memory access pattern of each node and uses this information to reduce the number of invalidations of the useful cache line in the higher-level cache. The new replacement policy of the remote cache can improve the performance by $3.5\%$ in maximum and $2.5\%$ in average on SPLASH-2 benchmarks, compared to the general LRU cache replacement policy.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.466-468
• /
• 2002

웹서비스의 등장으로 XML이 기반기술로서 자리 매김하고 있는 현재, XML을 이용하여 여러 표준기술을 제정하려는 움직임이 많아지고 있다. XACML은 접근제어 리스트(access control list)를 통해 보안이 요구되는 자원에 대해 미세한 접근 제어 서비스를 제공할 수 있는 XML 기반의 언어이다. XACML은 SAML PDP(Policy Decision Point)의 일부로서 역할을 수행 할 수 있으며 각 정의에 따라 각각의 사용자 별 XML 문서 접근 정책을 수립하고 적용 할 수 있다. 본 논문에서는 XML기반의 Access Control 표준인 XACML에 대하여 분석하고 적용방법에 대하여 연구하였다.

• Journal of Korean Library and Information Science Society
• /
• v.41 no.2
• /
• pp.229-250
• /
• 2010

Open access policies are very important for the successful open access projects in any institutions. This study aims to propose elements to consider for establishing open access policies of universities. The 3 university institutional repositories' open access policies in Korea and foreign universities' policies registered in the ROARMAP are analyzed. The major categories proposed in the study are materials, time of deposition, depositors, copyright, level of requirement, exemption, usage, options for open access, and support.

• The Transactions of the Korea Information Processing Society
• /
• v.2 no.4
• /
• pp.581-591
• /
• 1995

An MIB is the heart of a network management system and it stores all information that is necessary for network management. To operate networks safely, it is essential to control accesses to managed objects. This paper provides three-level architecture of managers so as to perform network management more efficiently in large networks. Moreover, mandatory access control(MAC) policy and role-based access control policy are adopted to ensure the secure access to the MIB. These policies are modeled by using the active object-oriented data model, which makes easy to map these access control models into the active object-oriented database.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1832-1853
• /
• 2018

The personal health record (PHR) system is a promising application that provides precise information and customized services for health care. To flexibly protect sensitive data, attribute-based encryption has been widely applied for PHR access control. However, escrow, exposure and abuse of private keys still hinder its practical application in the PHR system. In this paper, we propose a coordinated ciphertext policy attribute-based access control with user accountability (CCP-ABAC-UA) for the PHR system. Its coordinated mechanism not only effectively prevents the escrow and exposure of private keys but also accurately detects whether key abuse is taking place and identifies the traitor. We claim that CCP-ABAC-UA is a user-side lightweight scheme. Especially for PHR receivers, no bilinear pairing computation is needed to access health records, so the practical mobile PHR system can be realized. By introducing a novel provably secure construction, we prove that it is secure against selectively chosen plaintext attacks. The analysis indicates that CCP-ABAC-UA achieves better performance in terms of security and user-side computational efficiency for a PHR system.

• The Journal of the Korea Contents Association
• /
• v.6 no.1
• /
• pp.137-142
• /
• 2006

As a large quantity of information is represented in XML format on the web, there are increasing demands for XML security. Until now research on XML security has been focused on the security of data network using digital signature and encryption technology. As XML data become extensive and complex, however, XML security comes to involve not only network security but also managerial security. But XML encryption support only simple network security. So it cannot support multiple users and multiple access control policy. In this paper, we propose an integration method of encryption and access control policy for securing XML documents. This methodology can support multiple authorization of multiple users with integrating access control.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.9
• /
• pp.3075-3093
• /
• 2014

In this paper, we consider an advanced wireless user, called primary-secondary user (PSU) who is capable of harvesting renewable energy and connecting to both the primary network and cognitive radio networks simultaneously. Recently, energy harvesting has received a great deal of attention from the research community and is a promising approach for maintaining long lifetime of users. On the other hand, the cognitive radio function allows the wireless user to access other primary networks in an opportunistic manner as secondary users in order to receive more throughput in the current time slot. Subsequently, in the paper we propose the channel access policy for a PSU with consideration of the energy harvesting, based on a Partially Observable Markov decision process (POMDP) in which the optimal action from the action set will be selected to maximize expected long-term throughput. The simulation results show that the proposed POMDP-based channel access scheme improves the throughput of PSU, but it requires more computations to make an action decision regarding channel access.

• Informatization Policy
• /
• v.17 no.3
• /
• pp.74-97
• /
• 2010

This paper investigates factors that have facilitated the rapid diffusion of broadband in South Korea. It finds that the quick spread of broadband access in South Korea is the result of combining the government's strategic ICT policy considering cultural traits, businesses'competitive efforts, and the timely explosion of domestic demand for IT service. This paper also discusses the impact of broadband diffusion on the digital divide. It finds that although there are still regional and age gaps in broadband access, the Korean government and businesses are working to alleviate these problems through various ways from systemic to physical ones. While the deployment of broadband cannot eliminate every issue of the digital divide, broadband access minimizes the digital divide by lowering the barrier to inequitable access to information. This paper concludes with a number of recommendations that address selected policy issues related to the spread of broadband Internet for its successful implementation.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.8
• /
• pp.473-486
• /
• 2004

NUMA systems have remote access caches(RAC) in each local node to reduce the overhead for repeated remote memory accesses. By this RAC, memory latency and network traffic can be reduced and the performance of the multiprocessor system can be improved. Until now, several cache replacement policies have been proposed in recent years, and there also is cache replacement policy for multiprocessor systems. In this paper, we propose a cache replacement policy which is based on cache line coherence information. In this policy, the cache line that does not have an ownership is replaced first with respect to cache line that has an ownership. Like this way, the overhead to transfer ownership is avoided and the memory latency can be decreased. We also propose “Keeping-Ownership replacement policy with MRU (KOM)” and “Keeping-Ownership replacement policy with Reference Bit(KORB)” to reduce the frequent replacement penalty of the ownership-lacking cache line. We compare and analyze these with LRU and Pseudo LRU(PLRU). The simulation shows that KOM outperforms the PLRU by 25%, and KORB outperforms the PLRU by 13%. Although the hardware cost of KOM is very small, the performance of KOM is nearly equal to that of the LRU.

• Proceedings of the CALSEC Conference
• /
• 2005.03a
• /
• pp.62-67
• /
• 2005

In traditional approach, enterprise-wide consistent security policy enforcement for applications is very difficult task. Therefore, industry is now moving towards new unified enterprise application security concept that consist of centralized authentication and authorization mechanism. The eXtensible Access Control Markup Language (XACML); an XML-based standard defined by OASIS, is most suitable choice which can support centralized, role based, context aware access control mechanism. It is designed to provide universal standard for writing authorization policies and access control request/response language for managing access to the resources. This paper includes a brief overview on XACML and discusses its benefits, limitations and a data flow process. We propose a new generic access control architecture that supports enterprise wide centralized application level access control mechanism using XACML. The other benefits which can be achieved through this architecture are, reduce adnministration cost and complexity, support of heterogeneous computing platforms, centralized monitoring system, automatic fail over, scalability and availability, open standard based solution and secure communication.