Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
The KIPS Transactions:PartC
Journal Basic Information
Journal DOI :
Korea Information Processing Society
Editor in Chief :
Volume & Issues
Volume 11C, Issue 7 - Dec 2004
Volume 11C, Issue 6 - Dec 2004
Volume 11C, Issue 5 - Oct 2004
Volume 11, Issue 5 - Oct 2004
Volume 11C, Issue 4 - Aug 2004
Volume 11C, Issue 3 - Jun 2004
Volume 11C, Issue 2 - Apr 2004
Volume 11C, Issue 1 - Feb 2004
Volume 11, Issue 2 - 00 2004
Volume 11, Issue 1 - 00 2004
Selecting the target year
A Efficient Key Generation and Renewal for Broadcast Encryption
Lee, Deok-Gyu ; Lee, Im-Yeong ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 149~156
DOI : 10.3745/KIPSTC.2004.11C.2.149
Broadcast encryption schemes are applied to transmit digital informations of multimedia, software, Pay-TV etc. in public network. Important thing is that only user who is permitted before only must be able to get digital information in broadcast encryption schemes. If broadcast message transfers, users who authority is get digital information to use private key given in the advance by oneself. Thus, user acquires message or session key to use key that broadcaster transmits, broadcaster need process that generation and distribution key in these process. Also, user secession new when join efficient key renewal need. In this paper, introduce about efficient key generation and distribution, key renewal method. Take advantage of two technique of proposal system. One is method that server creates key forecasting user without user`s agreement, and another is method that server and user agree each other and create key Advantage of two proposal system because uses a secret key broadcast message decryption do can and renewal is available effectively using one information whatever key renewal later.
Implementation and Performance Evaluation of High-Performance Intrusion Detection and Response System
Kim, Hyeong-Ju ; Park, Dae-Chul ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 157~162
DOI : 10.3745/KIPSTC.2004.11C.2.157
Recently, the growth of information infrastructure is getting fatter and faster. At the same time, the security accidents are increasing together. We have problem that do not handle traffic because we have the Intrusion Detection Systems in low speed environment. In order to overcome this, we need effective security analysis techniques that ran Processed data of high-capacity because high speed network environment. In this paper we proposed the Gigabit Intrusion Detection System for coordinated security function such as intrusion detection, response on the high speed network. We suggested the detection mechanism in high speed network environment that have pattern matching function based packet header and based packet data that is proceeded in system kernel area, we are shown that this mechanism was excellent until maximum 20 times than existing system in traffic processing performance.
Design and Implementation of a Cryptograhic API considering a DRM Environment
Jung, In-Sung ; Shin, Yong-Tae ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 163~170
DOI : 10.3745/KIPSTC.2004.11C.2.163
The additional mechanism Is required to set up a secure connection among the communication subjects in the internet environment. Each entity should transfer and receive the encrypted and hashed data to guarantee the data integrity. Also, the mutual authentication procedure should be processed using a secure communication protocol. The SSL/TLS is a protocol which creates the secure communication channel among the communication subjects and sends/receives a data. Although the OpenSSL which implements the TLS is using by many developers and its stability and performance are proved, it has a difficulty in using because of its large size. So, this Paper designs and implements the secure communication which the users can use easily by modification works of OpenSSL library API. We proved the real application results using the DRM client/server case which supports a secure communication using the implemented API.
Security Policy Negotiation Model Design for Secure Network Management
Park, Jin-Ho ; Chung, Jin-Wook ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 171~176
DOI : 10.3745/KIPSTC.2004.11C.2.171
This paper presents the design of a certain highly efficient security policy negotiation of SPS(Security Policy System) for secure network management using mobile agent system. The conventional IP security systems for secure network management have some problems. A drawback to these systems is that the required policy between each security area is different. Another problem is not possible to guarantee whether a packet is transmitted through the same path by both directions and is protected by the same policy due to the topology of the network. Unlike conventional systems, the model developed herein can be resolved by using a mobile agent technology. If each domain needs a negotiation of security policy, a mobile agent manages the result of the negotiation in the form of a passport and guarantees the authentication and reliability each other by using the passport.
An Integrated Management Model of Administrative Role-Based Access Control and Delegation Policy
Oh, Se-Jong ; Kim, Woo-Sung ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 177~182
DOI : 10.3745/KIPSTC.2004.11C.2.177
Delegation is one of important security policies in the access control area. We propose a management model of delegation integrated with ARBAC model for environment of distributed access control. We Integrate PBDM delegation model with ARBAC97 model, and suggest integrity rules of delegation for preventing security threats in new model. Our model supports both free delegation for users without intervention of administrators, and controlling delegation for security administrators.
Attack Modeling for an Internet Security Simulation
Seo, Jung-Kuk ; Choi, Kyung-Hee ; Jung, Gi-Hyun ; Park, Seung-Kyu ; Sim, Jae-Hong ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 183~192
DOI : 10.3745/KIPSTC.2004.11C.2.183
As the use of the Internet has explosively increased, it is likely for the Internet to be exposed to various attacks. Modeling the Internet attacks is essential to simulate the attacks. However, the existing studies on attack modeling have mainly focused on classifying and categorizing the attacks and consequently they are not suitable to representing attack scenarios in the Internet security simulation. In this paper, we introduce the existing methods of attack modeling, and propose an adapted attack modeling to properly express the properties for the Internet security simulator. The adapted attack modeling suggests a solution to the problems of the existing attack tree modelings, such as difficulty of composing complex scenarios ambiguity of attack sequence, lack of system state information. And it can represent simultaneous, precise time-dependent attack, and attack period, which are nearly impossible to be represented in many other existing methods.
A Mobility Prediction Scheme using a User`s Mobility Pattern in Wireless Networks
Kwon, Se-Dong ; Park, Hyun-Min ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 193~202
DOI : 10.3745/KIPSTC.2004.11C.2.193
Handoff if the most Important feature for the user`s mobility in a cellular communication system, which is related to resource reservation at nearby cells. For efficient resource reservation, mobility prediction has been reported as an effective means to decrease call dropping probability and to shorten handoff latency in wireless cellular environments. Several early proposed handoff schemes making use of tile user`s movement history on a cell-by-cell basis work on the assumption that the user`s movements are restricted to the indoor locations such as an office or a building. However, those algorithms cannot be applied to a micro-cell structure or a metropolis with complicated structure of roads. In this paper, to overcome those drawbacks we propose a new mobility prediction algorithm, which stores and uses the history of the user`s positions within the current cell to predict the next cell.
A Method for Efficient Dynamic Channel Assignment in Mobile Communication Systems based FDMA
Kang, Ki-Joung ; Hong, Choong-Seon ; Lee, Dae-Young ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 203~212
DOI : 10.3745/KIPSTC.2004.11C.2.203
There is a rapidly growing demand for wireless telecommunication. The restricted number of channels is a significant bottleneck for the capacity of mobile communication systems. Consequently, when assigning the channels to the different base stations, it is desirable to reuse the same channel af much as possible. It is then important to avoid any possible interference between different mobile users, while satisfying the given demand. The objective of this thesis is to develop a hybrid heuristic algorithm to find the channel assignment method for allocating the channels in an efficient way, which does not violate the compatibility constraints. We also show several benchmarking channel assignment problems using proposed channel assignment method for validation in this thesis.
Cost Effective Location Management Scheme in MIPv6
Choi, Dae-Kyu ; Lee, Hyung-Min ; Choo, Hyun-Seung ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 213~218
DOI : 10.3745/KIPSTC.2004.11C.2.213
Recently MIP becomes more important for the macro mobility support in the emergence of the global system such as IMT-2000. However this Protocol suffers from many weaknesses on the location management. MIPv4 regional registration is presented for the local registration of MNs. MIPv6 can benefit from the reduced mobility signaling with external networks by employing a local MAP, that is called HMIPv6. The total signaling cost of HMIPv6 is rapidly increased by the number of CNs of an MN when the MN moves around between MAPs. In this paper, we propose a new location management scheme in MIPv6 that reduces the total signaling cost in the location update based on HMIPv6 Here the MN does not send the BU to CNs and HA when it moves around between MAPs. Instead it informs the current location by transferring the modified BU to the previous MAP. According to the results of the performance analysis, we determine the upper bound for the number of forwarding links allowed among adjacent MAPs without the BU information.
Improvement of WEP Key transmission between APs, during STA Movement in Wireless Environment
Song, Il-Gyu ; Hong, Choong-Seon ; Lee, Dae-Young ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 219~228
DOI : 10.3745/KIPSTC.2004.11C.2.219
Wireless LAN(wireless Local Area Network) is constructed network environment by radio in indoors or outdoors environment and that to use electric wave or light instead of wire to client such as PC(Personal Computer), notebook, PDA in hub(Hub) in technological side. Now, among IEEE 802.11 WG(Working Group), there is TGf(Task Group F) that develop standard protocol between AP`s(Access Point). In this group, proposed IAPP(Inter Access Point Protocol) to secure interoperability between AP producing in different manufacturer, this offers seamless connectivity between STA by sharing Security Context information or Layer 2 forwarding information between AP without passing through re-authentication process when STAs(Station) move by protocol to secure mobility between AP that differ in equal serve network. In this paper, I wish to suggest method that change avenue of communication of message to block information leakage that can occur at security message or WEP Key transmission between above AP, and uses public key to offer wireless area security little more.
Performance of TCP without congestion control
Oh, Hong-Kyun ; Kim, Eun-Gi ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 229~234
DOI : 10.3745/KIPSTC.2004.11C.2.229
In this study, the performance is compared between RFC compatible normal TCP and several speed constraints Ignored TCP. To do these, the main algorithms that constraints the transmit rate of TCP are modified. We have modified TCP protocol stack in a Linux kernel to compare the speeds between the standard TCP and our modified TCP. We find that if the destination is short distance away from the source and packet error is scarce then the speed differences between normal and modified TCP nay be negligible. However, if the destination is far away from the source and slow start algorithm is not adopted then the transfer time for small file is different greatly In addition, if packet error occurred frequently, our modified TCP is faster than the standard TCP regardless of distance.
A New Queueing Algorithm for Improving Fairness between TCP Flows
Chae, Hyun-Seok ; Choi, Myung-Ryul ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 235~244
DOI : 10.3745/KIPSTC.2004.11C.2.235
TCP Vegas version provides better performance and more stable services than TCP Tahoe and Reno versions, which are widely used in the current Internet. However, in the situation where TCP Vegas and Reno share the bottleneck link, the performance of TCP Vegas is much smaller than that of TCP Reno. This unfairness is due to the difference of congestion control mechanisms of each TCP use. Several studies have been executed in order to solve this unfairness problem. In this paper, we analyze the minimum window size to maintain the maximum TCP performance of link bandwidth. In addition, we propose an algorithm which maintains the TCP performance and improves fairness by selective packet drops in order to allocate proper window size of each TCP connections. To evaluate the performance of the proposed algorithm, we have measured the number of data bytes transmitted between end-to-end systems by each TCP connections. The simulation results show that the proposed algorithm maintains the maximum TCP performance and improves the fairness.
Performance Evaluation on SCTP multi-homing Feature
Song, Jeong-Hwa ; Lee, Mee-Jeong ; Koh, Seok-Joo ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 245~252
DOI : 10.3745/KIPSTC.2004.11C.2.245
Stream Control Transmission Protocol(SCTP) is a new connection-oriented, reliable delivery transport protocol operating on top of an unreliable connectionless packet service such as IP. It inherits many of the functions developed for TCP, including flow control and packet loss recovery functions. In addition, it also supports transport layer multihoming and multistreaming In this paper, we study the impact of multi-homing on the performance of SCTP. We first compare performance of single-homed SCTP. multi-homed SCTP, TCP Reno and TCP SACK. We, then describe potential flaw in the current SCTP retransmission policy, when SCTP host is multihomed. Our Results show that SCTP performs better than TCP Reno and TCP SACK due to several changes from TCP in its congestion control mechanism. In particular. multi-homed SCTP shows the best result among the compared schemes. Through experimentation for multi-homed SCTP, we found that the current SCTP retransmission policy nay deteriorate the perfomance when the retransmission path it worse than the original path. Therefore, the condition of retransmission path is a very important factor In SCTP performance and a proper mechanism would be required to measure the condition of the retransmission path.
A Session Allocation Algorithm for Fair Bandwidth Distribution of Multiple Shared Links
Shim, Jae-Hong ; Choi, Kyung-Hee ; Jung, Gi-Hyun ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 253~262
DOI : 10.3745/KIPSTC.2004.11C.2.253
In this paper, a session allocation algorithm for a switch with multiple shared links is proposed. The algorithm guarantees the reserved bandwidth to each service class and keeps the delay of sessions belonging to a service class as close as possible even if the sessionsare allocated to different shared links. To support these qualities of services, a new scheduling model for multiple shared links is defined and a session allocation algorithm to decide a shared link to be allocated to a new session on the connection establishmentis developed based on the model. The proposed heuristic algorithm allocates a session to a link including the subclass with the shortest (expected) delay that subclasses of the service class the session belongs to will experience. Simulation results verify that a switch with multiple shared links hiring the proposed algorithm provides service classes with fairer bandwidth allocation and higher throughput, and guarantees reserved bandwidth better than the switch hiring other session algorithms. It also guarantees very similarservice delay to the sessions in the same service class.
Low Cost and Acceptable Delay Unicast Routing Algorithm Based on Interval Estimation
Kim, Moon-Seong ; Bang, Young-Cheol ; Choo, Hyun-Seung ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 263~268
DOI : 10.3745/KIPSTC.2004.11C.2.263
The end-to-end characteristic Is an important factor for QoS support. Since network users and required bandwidths for applications increase, the efficient usage of networks has been intensively investigated for the better utilization of network resources. The distributed adaptive routing is the typical routing algorithm that is used in the current Internet. The DCLC(Delay Constrained 1.east Cost) path problem has been shown to be NP-hard problem. The path cost of LD path is relatively more expensive than that of LC path, and the path delay of LC path is relatively higher than that of LD path in DCLC problem. In this paper, we investigate the performance of heuristic algorithm for the DCLC problem with new factor which is probabilistic combination of cost and delay. Recently Dr. Salama proposed a polynomial time algorithm called DCUR. The algorithm always computes a path, where the cost of the path is always within 10% from the optimal CBF. Our evaluation showed that heuristic we propose is more than 38% better than DCUR with cost when number of nodes is more than 200. The new factor takes in account both cost and delay at the same time.
Design and Implementation of Cable Data Subscriber Network Management System using Object-oriented Modeling
Yun, Byeong-Soo ; Ha, Eun-Ju ; Kim, Che-Young ;
The KIPS Transactions:PartC, volume 11C, issue 2, 2004, Pages 269~276
DOI : 10.3745/KIPSTC.2004.11C.2.269
There exist several types of distributed subscriber networks using Asymmetric Digital Subscriber Line(ADSL), Very high -bit rate Digital subscriber Line(VDSL), and Data Oner Cable Service Interface Specifications(DOCSIS). The efficient and concentrated network management of those several distributed subscribers networks and resources requires the general management information model of network, which has abstract and conceptual managed objects of the heterogeneous networks and its equipment to manage the integrated subscriber network. This paper presents the general Internet subscribers network modeling framework using RM-ODP to manage that network in the form of integrated hierarchy. This paper adopts the object-oriented development methodology with UML and designs and implements the HFC network of DOCSIS as an example of the subscriber network.