• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권3호
• /
• pp.762-777
• /
• 2014

With the increasing usage of cloud applications such as MapReduce and social networking, the amount of data traffic in data center networks continues to grow. Moreover, these appli-cations follow the incast traffic pattern, where a large burst of traffic sent by a number of senders, accumulates simultaneously at the shallow-buffered data center switches. This causes severe packet losses. The currently deployed TCP is custom-tailored for the wide-area Internet. This causes cloud applications to suffer long completion times towing to the packet losses, and hence, results in a poor quality of service. An Explicit Congestion Notification (ECN)-based approach is an attractive solution that conservatively adjusts to the network congestion in advance. This legacy approach, however, lacks scalability in terms of the number of flows. In this paper, we reveal the primary cause of the scalability issue through analysis, and propose a new congestion-control algorithm called FaST. FaST employs a novel, virtual congestion window to conduct fine-grained congestion control that results in improved scalability. Fur-thermore, FaST is easy to deploy since it requires only a few software modifications at the server-side. Through ns-3 simulations, we show that FaST improves the scalability of data center networks compared with the existing approaches.

• Journal of Information Processing Systems
• /
• 제17권2호
• /
• pp.284-296
• /
• 2021

The cloud has already become the core infrastructure of information systems, and government institutions are rapidly migrating information systems to the cloud. Government institutions in several countries use private clouds in their closed networks. However, because of the advantages of public clouds over private clouds, the demand for public clouds is increasing, and government institutions are expected to gradually switch to public clouds. When all data from government institutions are managed in the public cloud, the biggest concern for government institutions is the leakage of confidential data. The public-private-partnership (PPP) cloud provides a solution to this problem. PPP cloud is a form participation in a public cloud infrastructure and the building of a closed network data center. The PPP cloud prevents confidential data leakage and leverages the benefits of the public cloud to build a cloud quickly and easily maintain the cloud. In this paper, based on the case of the PPP cloud applied to the Korean government, the concept, architecture, operation model, and contract method of the PPP cloud are presented.

• ETRI Journal
• /
• 제43권1호
• /
• pp.53-63
• /
• 2021

Cloud computing has drastically reduced the price of computing resources through the use of virtualized resources that are shared among users. However, the established large cloud data centers have a large carbon footprint owing to their excessive power consumption. Inefficiency in resource utilization and power consumption results in the low fiscal gain of service providers. Therefore, data centers should adopt an effective resource-management approach. In this paper, we present a novel load-balancing framework with the objective of minimizing the operational cost of data centers through improved resource utilization. The framework utilizes a modified genetic algorithm for realizing the optimal allocation of virtual machines (VMs) over physical machines. The experimental results demonstrate that the proposed framework improves the resource utilization by up to 45.21%, 84.49%, 119.93%, and 113.96% over a recent and three other standard heuristics-based VM placement approaches.

• 융합보안논문지
• /
• 제15권2호
• /
• pp.63-68
• /
• 2015

현재의 ICT 인프라(인터넷과 서버/Client 연동)는 다양한 장치, 서비스, 비즈니스 및 기술 진화에 따른 신속한 대응에 어려움을 겪고 있다. 클라우드 컴퓨팅(Cloud Computing)은 구름 같은 네트워크 환경에서 원하는 작업을 요청하여 실행한다는 데서 기원하였으며, 인터넷 기술을 활용하여 IT 자원을 서비스로 제공하는 컴퓨팅을 뜻하고 오늘날 IT 트렌드의 하나로 가장 주목 받고 있다. 이러한 분산클라우드 환경에서는 네트워크 및 컴퓨팅 자원에 대한 통합 관리 체계를 통하여 관리 비용 증가 문제를 원천적으로 해결하고 분산된 마이크로 데이터센터(Micro DC(Data Center))를 통하여 코어 네트워크 트래픽 폭증 문제를 해결하여 비용 절감 효과를 높일 수 있다. 그러나 기존의 Flooding 방식은 인접한 모든 DC들에게 전송하기 때문에 많은 트래픽을 유발 할 수 있다. 이를 위해 Restricted Path Flooding 알고리즘이 제안되었으나 대규모 네트워크에서는 여전히 트래픽을 발생할 수 있는 단점이 있어서 본 논문에서는 홉수 제한을 통하여 이를 개선한 Lightweight Path Flooding 알고리즘을 제안하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권3호
• /
• pp.1164-1183
• /
• 2019

The rapid development of cloud computing and high requirements of operators requires strong support from the underlying Data Center Networks. Therefore, the effectiveness of using resources in the data center networks becomes a point of concern for operators and material for research. In this paper, we discuss the online virtual-cluster provision problem for multiple tenants with an aim to decide when and where the virtual cluster should be placed in a data center network. Our objective is maximizing the total revenue for the data center networks under the constraints. In order to solve this problem, this paper divides it into two parts: online multi-tenancy scheduling and virtual cluster placement. The first part aims to determine the scheduling orders for the multiple tenants, and the second part aims to determine the locations of virtual machines. We first approach the problem by using the variational inequality model and discuss the existence of the optimal solution. After that, we prove that provisioning virtual clusters for a multi-tenant data center network that maximizes revenue is NP-hard. Due to the complexity of this problem, an efficient heuristic algorithm OMS (Online Multi-tenancy Scheduling) is proposed to solve the online multi-tenancy scheduling problem. We further explore the virtual cluster placement problem based on the OMS and propose a novel algorithm during the virtual machine placement. We evaluate our algorithms through a series of simulations, and the simulations results demonstrate that OMS can significantly increase the efficiency and total revenue for the data centers.

• 디지털융복합연구
• /
• 제14권2호
• /
• pp.235-243
• /
• 2016

모바일 및 사물인터넷 기술의 발전, 대용량 빅데이터 처리, 그리고 클라우드 컴퓨팅 기술의 발전에 힘입어 기존 데이터센터는 클라우드 데이터센터로 변모하고 있다. 클라우드 데이터센터는 ICT 자원들을 가상화하여 운영함으로써 에너지 및 시설 자원을 효율적으로 관리하고 사용자들의 서비스 요구에 빠르게 대응하는 것을 목표로 하고 있다. 이에 따라 클라우드 데이터센터 네트워크는 가상화된 ICT 자원을 효율적으로 제공할 수 있도록 구성되어야 한다. 본 논문은 클라우드 데이터센터에 적합한 네트워크 구조 및 네트워킹 기술을 분석하고 이를 효과적으로 운용하기 위한 방안을 제시한다.

• 정보보호학회논문지
• /
• 제21권6호
• /
• pp.55-65
• /
• 2011

최근 유무선 통신 네트워크의 확산 및 고속화에 따라 인터넷 기술을 활용한 높은 수준의 확장성을 제공하는 클라우드 컴퓨팅 서비스(Cloud Computing Service) 이용이 증가하고 있다. 클라우드 컴퓨팅 서비스란 네트워크, 서버, 스토리지, 응용프로그램 등 다양한 컴퓨팅 자원들의 공유된 풀에 네트워크로 접근하여 언제든지 편리하게 사용 가능한 컴퓨팅 방식으로써 컴퓨팅 환경의 가상화라는 클라우드 컴퓨팅 서비스의 본질적인 특성으로 인해 디지털 포렌식 관점에서 사건 수사 시 데이터를 확보하는 일 자체가 어려운 현실에 직면했다. 본 논문에서는 클라우드 컴퓨팅 서비스에 대한 디지털 포렌식 관점의 연구와 IaaS 형태의 클라우드 컴퓨팅서비스 중 시장 점유율의 대부분을 차지하고 있는 AWS(Amazon Web Service)와 Rackspace에 대한 증거데이터 수집 및 분석방안을 제시한다.

• 한국멀티미디어학회논문지
• /
• 제19권2호
• /
• pp.308-315
• /
• 2016

With the advancement in the area of cloud storage services as well as a tremendous growth of social networking sites, permission for one web service to act on the behalf of another has become increasingly vital as social Internet services such as blogs, photo sharing, and social networks. With this increased cross-site media sharing, there is a upscale of security implications and hence the need to formulate security protocols and considerations. Recently, OAuth, a new protocol for establishing identity management standards across services, is provided as an alternative way to share the user names and passwords, and expose personal information to attacks against on-line data and identities. Moreover, OwnCloud provides an enterprise file synchronizing and sharing that is hosted on user's data center, on user's servers, using user's storage. We propose a secure Social Networking Site (SSN) access based on OAuth implementation by combining two novel concepts of OAuth and OwnCloud. Security analysis and performance evaluation are given to validate the proposed scheme.

• Journal of Communications and Networks
• /
• 제13권6호
• /
• pp.567-582
• /
• 2011

The growing popularity of the Internet has caused the size and complexity of communications and computing systems to greatly increase in recent years. To alleviate this increased management complexity, novel autonomic management architectures have emerged, in which many automated components manage the network's resources in a distributed fashion. However, in order to achieve effective collaboration between these management components, they need to be able to efficiently exchange information in a timely fashion. In this article, we propose a context dissemination framework that addresses this problem. To achieve scalability, the management components are structured in a hierarchy. The framework facilitates the aggregation and translation of information as it is propagated through the hierarchy. Additionally, by way of semantics, context is filtered based on meaning and is disseminated intelligently according to dynamically changing context requirements. This significantly reduces the exchange of superfluous context and thus further increases scalability. The large size of modern federated cloud computing infrastructures, makes the presented context dissemination framework ideally suited to improve their management efficiency and scalability. The specific context requirements for the management of a cloud data center are identified, and our context dissemination approach is applied to it. Additionally, an extensive evaluation of the framework in a large-scale cloud data center scenario was performed in order to characterize the benefits of our approach, in terms of scalability and reasoning time.

• 정보보호학회논문지
• /
• 제27권2호
• /
• pp.353-360
• /
• 2017

IoT 보안은 공유 목적을 위한 결함 없는 시스템과 일련의 규정을 필요로 하기 때문에 기술적 문제보다 더 필요하다. 따라서 본 연구는 IoT 데이터 보안을 위한 클라우드 컴퓨팅에서 IoT 데이터가 신뢰받을 수 있는 효율적인 키 관리를 제안한다. 기존 센서 네트워크의 키 분배센터와는 달리, 제안한 클라우드 프락시 키 서버의 연합키 관리는 중앙집중적 관리가 아니며, 능동적인 키 복구와 업데이트가 가능하다. 제안한 키 관리는 사전 설정된 비밀키 방식이 아닌 자율적인 클라우드의 클라우드 프락시 키 서버의 키 정보 공유로써, 키 생성과 공간 복잡도를 줄일 수 있다. 또한, 이전의 IoT 키 연구와는 달리, 클라우드 프락시 키 서버의 연합키는 데이터가 이동하는 동안에 유의미한 정보를 추출해 낼 수 있는 능력을 제공한다.