Eui-Nam Huh

Performance Improvement in Mobile IPv6 Using AAA and Fast Handoff

As becoming a critical issue in the mobile environment, the mobileip working group is proceeding the research about it. If it provides weak security features to the mobile service then the Mobile IPv6 will not be trusted. Although the IPsec(Internet Protocol Security) and RR(Return Routability) was selected as the methods for providing security supports and related works have been dutied, these approaches have drawbacks that the hand-held devices such as cell phone and PDA are battery-powered so the security processing is a big burden and security feature is not relatively abundant. To cope with these drawbacks, the integrated models with AAA infrastructure are being proposed as an alternative way to authenticate a mobile node by using the AAA authentication processing. In this paper, our research has a focus on minimizing the authentication latency in AAA processing and proposes the model with Fast Handoff scheme to make the better performance to AAA authentication delay.

An Efficient Key Agreement Protocol for Secure Authentication

The Diffie-Hellman Key Exchange scheme can produce a common session key between the communication parties but its problem is that it makes a man-in-the middle attack possible. To solve the problem, several protocols have been proposed such as the Simple Authenticated Key Agreement (SAKA) Protocol by mainly Seo-Sweeney[6], Tseng[7], and Ku-Wang[8]. In this paper, we present a new protocol that integrates the establishment phase and the verification phase into single phase and enhances overall processing performance. Our approach does not degrade the basic requirements, safeness and efficiency by analytical analysis of the algorithm. The protocol proposed in this paper takes care of both of those phases simultaneously, which improves the processing performance rather than other approaches.

Secure XML aware network design and performance analysis

Currently, XML as a traffic type on the Internet is widely appeared one-commerce applications rather than HTML. XML based Denial of Service (XDOS) attacks are growing up tremendously. This paper presents a novel approach to manage XML attacks at the network layer efficiently and improves service performance on server side, while XML data is visible at the application layer. Thus it is clear that the server overhead becomes significant if a number of encrypted, signed, and malformed XML data are requested to the server. The proposed approach handles these issues efficiently and securely. The experiments show that the proposed XML Aware Network (XAN) platform is a necessarycomponent for efficient Web Services.

Performance analysis for real-time grid systems on COTS operating systems

Computer technology for communication has become an integral aspect of daily operation. The exponential growth of internet services with dynamic inquiries in such areas as manufacturing, business, air traffic control and mission critical systems demands that there be quick, reliable and safe use of services. Each service must contain QoS metrics to assure security, performance and accuracy. A new paradigm of resource management middleware techniques is in this paper presented which can provide QoS for dynamic, distributed real-time systems on Common Off The Shelf (COTS) operating systems. Accommodation of dynamic environments enables the middleware to carefully consider an efficient design of resource profiling, resource needs estimation, resource unification, and performance analysis (or compliant with schedulability analysis) infrastructure providing significant benefits for QoS management on COTS operating systems. First, the use of low-cost COTS systems is extended to real-time computing without changing the operating system. Further, experiments for response time analysis confirm that the worst-case analysis poorly utilizes computational resources. Finally, it is shown that the new method of middleware design employing scalability of software and hardware system can be easily applied to legacy systems to manage resources efficiently for quick, reliable services and accurate QoS.

An optimal and dynamic monitoring interval for grid resource information system

Grid technology uses geographically distributed resources from multiple domains. For that reason, resource monitoring services or tools will run on various kinds of systems to find static resource information and dynamic resource information, such as architecture vendor, OS name and version, MIPS rate, memory size, CPU capacity, disk size, NIC information, CPU usage, network usage (bandwidth, latency), and memory usage, etcs. Thus monitoring itself may cause the system overhead. This paper proposes the optimal monitoring interval to reduce the cost of monitoring services and the dynamic monitoring interval to measure the monitoring events accurately. By simulating and implementing those two factors, we find out that unnecessary system overhead is significantly reduced and accuracy of events is satisfied.

An Efficient Design and Implementation for Grid Advanced Information Service

Grid information service is an indispensable component for Grid computing, by which all types of Grid resources are virtually integrated and their information can be efficiently managed and accessed. Furthermore, the efficiency of Grid computing is dependent on the functionalities supported by Grid information service. At present, the Grid information service of Globus toolkitTM 3, an Index service, supports a few basic functions such as service data population, subscription, and lookup.In this paper, we propose an information service component of MoredreamTM which we refer to as GAIS (Grid Advanced Information Service), for providing more plentiful resource information and advanced functionalities in order to satisfy the requirements for various applications in the K*Grid computing environment characterized by both high performance and high throughput computing. In particular, GAIS includes interfaces and functionalities for dynamic VO management, peer-to-peer communication, and service categorization. In addition, our resource-monitoring tool reduces the monitoring overhead and maintains accuracy of events by detecting effective resource changes and collecting events at the kernel level, respectively. Consequently, we anticipate that our Grid information service will be broadly utilized through improved service qualities.

Dynamic Threshold for Monitor Systems on Grid Service Environments

Grid technology requires use of geographically distributed multiple domain’s resources. Resource monitoring services or tools consisting sensors or agents will run on many systems to find static resource information (such as architecture vendor, OS name and version, MIPS rate, memory size, CPU capacity, disk size, and NIC information) and dynamic resource information (CPU usage, network usage (bandwidth, latency), memory usage, etc.). Thus monitoring itself may cause system overhead. This paper proposes push based resource notification architecture on OGSI (Open Grid Service Infrastructure) and the dynamic threshold to measure monitoring events in accurate and with less overhead. By employing the new feature (dynamic threshold), we find out unnecessary system overhead is significantly reduced and accuracy of events is still acquired.

TCP performance enhancement based on virtual receive buffer with PID control mechanism

TCP is the only protocol widely available for reliable end-to-end congestion-controlled network communication, and thus it is the one used for almost all communications. Unfortunately, TCP is not designed with high-performance networking and computing. Thus the research for TCP to obtain good throughput in high-performance networking and computing is in progress all over the world actively. In this paper, we propose a new scheme which makes a TCP system achieve high throughput even with small buffer. The receive buffer almost empties due to the characteristic of original TCP but the amount of physical memory assigned for the buffer cannot be reduced because TCP flow control will downgrade TCP performance with the reduced buffer. However a TCP system applying our proposed scheme can reduce the size of physically assigned receive buffer without downgrading TCP performance. And then we use PID control mechanism as a tool to adjust the size of VRB properly. Lastly, we compare the throughput with two schemes, proposed scheme and original TCP scheme. As a result, the TCP using VRB obtains 46% higher throughput than the original one. And we also compare the amount of memory necessary for achieving the maximum throughput between two schemes. The result of second comparison shows that the proposed TCP spends 43% less memory than the tuned original TCP for same throughput.

A New Architecture Design for Differentiated Resource Sharing on Grid Service

Current Grid Security Infrastructure (GSI) using Single Sign On (SSO) mechanism based on Public Key Infrastructure (PKI) allows resource consumer to access resources securely and widely. There is no mechanism to access resource differentially in Grid environment currently. Furthermore, Open Grid Service Infrastructure (OGSI) in Global Grid Forum (GGF) extends use of Grid system or services up to business area using Web service technology. Therefore differential resource (or service) access from remote users is necessary operation to resource holders to share their resources securely. This paper presents a novel security approach on GSI to share resources differentially on the private policy using Security Assertion Markup Language (SAML) and eXtensible Access Control Markup Language (XACML) by adding scripts for resource broker (or controller). This scheme offers much flexible and effective mechanism on the recent Grid service environments.

PRED: Prediction-Enabled RED

This paper proposes a router congestion control mechanism called PRED (Prediction-enabled RED), a more adaptive and proactive version of RED (Random Early Detection). In essence, PRED predicts its queue length for an early detection of possible congestion alerts in the near future and operates adaptively to the predicted changes in traffic patterns. Typically, PRED does this by first making prediction about average queue length and then using the predicted average queue length to adjust three classic RED parameters max th, min th, and max p. The incoming packets after the adjustment are now being dropped with the new probability defined by updated parameters. Due to its adaptability and proactive reaction to network traffic changes, PRED can be considered as a novel solution to dynamically configure RED. Extensive simulation results from NS-2 simulator are presented to verify the performance and characteristics of PRED.