Jeom Goo Kim

Optimizing image processing on multi-core CPUs with Intel parallel programming technologies

The rapid advance of computer hardware and popularity of multimedia applications enable multi-core processors with sub-word parallelism instructions to become a dominant market trend in desk-top PCs as well as high end mobile devices. This paper presents an efficient parallel implementation of 2D convolution algorithm demanding high performance computing power in multi-core desktop PCs. It is a representative computation intensive algorithm, in image and signal processing applications, accompanied by heavy memory access; on the other hand, their computational complexities are relatively low. The purpose of this study is to explore the effectiveness of exploiting the streaming SIMD (Single Instruction Multiple Data) extension (SSE) technology and TBB (Threading Building Block) run-time library in Intel multi-core processors. By doing so, we can take advantage of all the hardware features of multi-core processor concurrently for data- and task-level parallelism. For the performance evaluation, we implemented a 3 × 3 kernel based convolution algorithm using SSE2 and TBB with different combinations and compared their processing speeds. The experimental results show that both technologies have a significant effect on the performance and the processing speed can be greatly improved when using two technologies at the same time; for example, 6.2, 6.1, and 1.4 times speedup compared with the implementation of either of them are suggested for 256 × 256, 512 × 512, and 1024 × 1024 data sets, respectively.

Adaptive Migration Strategy for Mobile Agents on Internet

Due on failures of clients (or Internet nodes), mobile agents may be blocked or crashed even if there are available service on the Internet. To solve this situation, we propose adaptive migration strategy with reordering and backward recovery of the paths to guarantee the migration of mobile agents. This paper will provide the extension with the autonomous migration of mobile agents, and it is implemented with the Java Mobile Agent System (JAMAS), which is independent on system platforms, developed by the Java language.

IKEv2 authentication exchange model and performance analysis in mobile IPv6 networks

Internet Key Exchange version 2 (IKEv2) is taking the responsibility for distribution and management of reliable authentication key. IKEv2 can secure fast hand off, confidentiality of data, safe transmission, and multihoming to transmission node. In this paper, we designed and constructed the network based on real mobile node and experimented the modeling of IKEv2 protocol through the simulation. We analyzed the resetting of authentication key and re-exchange problem. And we experimented the effect that key exchange is affected by a limited bandwidth based on data analysis. To overcome delay time, we proposed multi-interface of node and analyzed performance and latency for authentication setting and exchange process. The simulation results show that re-authentication of key is impossible to reset because of limited bandwidth of network. Also, the use of proposed multi-interface can minimize key exchange latency that happened by hand off for IPSec transmission.

Workflow system modeling in the mobile healthcare b2b using semantic information

The UML activity diagram is useful to model business process and workflow for its suitability to present dynamic aspect of system. However, it is difficult to present precise semantics which is important in mobile workflow system with the guide provided by OMG to the UML activity diagram. This paper suggests mobile workflow system modeling methodology by applying ASM semantics to the healthcare B2B after extending semantics to corresponding workflow system characteristics. To extend the action node timing, the timing element and the state element of the action node are added. Through the exact definition of formal semantics based on ASM the efficient workflow modeling can surely be expected.

A revised cache allocation algorithm for VoD multicast service

The Internet is replacing the traditional telephone network as the ubiquitous network infrastructure. Internet customers are increasing at an exponential rate and will continue to increase in the near future. Among the various Internet services, IPTV VoD (Video on Demand) service is expected to be one of the most popular services. In general, for deploying streamed video service, it is likely to use proxy by locating it nearby end-users. The use of proxy in on-demand media streaming service can help reduce the server streaming load and reduce the startup delay of media playback due to swift retrieval of beginning portion of media. We had proposed a cache allocation scheme for server-proxy media streaming environment by utilizing the advantage of threshold-based multicast mechanism. However it suffer from a little radical change of threshold value. In this paper, enhanced multicast-based server-proxy on-demand media streaming algorithm to IPTV VoD services is presented from the storage, caching size and bandwidth requirement viewpoints.

Fingerprint-based access control using smart cards in IPTV

In internet protocol television (IPTV) environments, authentication should be implemented to provide the IPTV contents to those legitimate subscribers. After successful authentication, a legitimate subscriber is unconditionally granted access to the contents. However, each content might have its own policy that restricts access according to subscriber’s attribute such as age. Authentication only is not sufficient to realize access control embracing diverse policies depending on contents. In this paper, we propose a novel fingerprint-based scheme that enables fine-grained access control according to the policies of contents providers and subscriber’s attribute. The proposed scheme is robust against man-in-the-middle attacks, replay attacks, and impersonation attacks which are considered as common threats in IPTV environments. The scheme also prevents cloning and McCormac Hack problems, that are critical attacks specific to authentication using smart cards.

A study on abnormal event correlation analysis for convergence security monitor

Recently, the leak of domestic core technology of major business in Korea and the subsequent damage, has been increasing every year. Financial losses due to this leak are estimated to be about 220 trillion, which is equivalent to the gross budget of Korea Besides. Currently, the paradigm of industrial security has been changed from simple installation of security equipment to efficient management and control market. Leakage of internal material is able to be prevented, blocked and tracking afterward innovatively through enterprise risk management and security control by fusion of physical security system (entrance control system, vision security system etc.) and IT integrated security control system. It can be possible to setup systematical converging security control process in short term by achieving an effect to running expert organization without additional investment for current physical security and IT security personnel, and it is needed to firmly setup the acquisition and integrated control of IT security and physical security, connected tracking control when security issue is happened, definition for terms of information leakage and security violation and real-time observation, rapid determination and reaction/corrective action for trial of security violation and information leakage, phased and systematic security policy by individual technology. The majority of the leaks are caused by former and current staff members, cooperated businesses, scientists and investment companies. This shows that the sources of the leaks are internal personnel. In this manner, we can infer that the management and plan of personnel security has not implemented sound practices to prevent technology leak by people. Therefore, this thesis suggests classifying methods of technology leak through clustering, one of the data mining methods about the information of internal personnel to prevent core technology leak from businesses.

A vertical Path Computation Element (PCE) based path provisioning scheme in multilayer optical networks

The explosive growth of Internet traffic has led to a dramatic increase in demand for data transmission capacity, which requires high transmission rates beyond the conventional transmission capability. This demand has spurred tremendous research activities in new high-speed transmission and switching technologies. As optical transmission technology keeps maturing, next generation optical networks are expected to be controlled by Generalized Multiprotocol Label Switching (GMPLS) protocol suite and operating at multiple switching layers. In order to ensure the most efficient utilization of multilayer network resources, and to maximize revenue from existing capacity, effective global provisioning solution that providing the network with the possibility of reacting in advance to traffic changes should be provided. This paper proposes a new path provisioning scheme in multilayer optical networks based on the vertical Path Computation Element (PCE) architecture to efficiently exploit multiple PCE cooperation. This paper also investigated the problem of how network nodes overcome limited visibility of network resources. Unlike most of the previous studies, the topology of the upper switching layer is not always equal to the physical topology of lower switching layer.

Analysis of Dynamic Congestion Control of SCTP

SCTP (stream control transmission protocol) is a general-purpose transport protocol for IP network data communications. This paper examines methods of guaranteeing multi-streaming management and fairness among streams within SCTP associations. We investigated an important aspect of fairness adjustment between streams of SCTP, the underlying congestion control mechanism. In this paper, we propose that separated congestion control with a fairness compensation module is more efficient than the standard SCTP. Proposed SCTP-SCF overcomes existing problems in the traditional SCTP when a multi-streaming feature is used.

An access control using SPKI certificate in peer-to-peer environment

Web service is giving an equal privilege to all user for sharing their resources. Under this situation, lots of vulnerabilities against the various attacks through the Internet are possible, more sophisticated security services are necessary. In this paper, we propose an access control scheme using SPKI (Simple Public Key Infrastructure). The scheme designates an access control by providing the certificate to users who request a connection for resource sharing and limits the resource usage of information provider according to the access right that is given to their own right.