Kwang-Sun Ko

Design and implementation of a security framework based on the object-based storage device standard

Recently, demands on security frameworks adopted for network-based storage mechanisms have considerably increased, as these mechanisms are appointed in important roles within industrial areas. However, there has been minimal research and development of these frameworks. In this paper, the design and implementation of a security framework, based on the Object-based Storage Device (OSD) standard [1], is presented. In the proposed security framework compared with the OSD standard, several different functionalities exist.

Characteristic classification and correlation analysis of source-level vulnerabilities in the linux kernel

Although studies regarding the classification and analysis of source-level vulnerabilities in operating systems are not direct and practical solutions to the exploits with which computer systems are attacked, it is important that these studies supply the elementary technology for the development of effective security mechanisms. Linux systems are widely used on the Internet and in intra-net environments. However, researches regarding the fundamental vulnerabilities in the Linux kernel have not been satisfactorily conducted. In this paper, characteristic classification and correlation analysis of source-level vulnerabilities in the Linux kernel, open to the public and listed on the SecurityFocus site for the 6 years from 1999 to 2004, are presented. This study will enable Linux kernel maintenance groups to understand the wide array of vulnerabilities, to analyze the characteristics of the attack abusing vulnerabilities, and to prioritize their development effort according to the impact of these vulnerabilities on the Linux systems.

A Secure Group Communication Scheme for Mobile Agents using the Hierarchical Overlay Ring

In multi agent systems, various inter agent communication models have been proposed, and, especially, there are several group communication schemes proposed so far, where some schemes guarantees transparent communication among the agents. However, in mobile agent environments, we require new group communication schemes that consider topology changes caused by mobile agent migrations. Also, these group communication schemes should be secure in order for them to be practical. In this paper, we propose a secure group communication scheme using the hierarchical overlay ring structure of mobile agents. The proposed scheme uses the ring channel in order to cope adaptively with the change of ring topology. The ring channel has basic information for construction of the ring and is managed only by the mobile agent platforms. Therefore, each mobile agent need not directly handle the ring channel and it can perform group communication without any consideration on the change of the ring topology.

The Abnormal Traffic Control Framework Based on QoS Mechanisms

Recently various hacking tools that dig out the vulnerabilities of hosts on a network are easily accessible through the Internet, and large-scale network attacks have been increased during last decades. To detect these network attacks, a variety of schemes are developed by several companies and organizations. But, many previous schemes are known to have some weakness in protecting important hosts from network attacks because of their inherent unconditional filtering mechanisms. This means that they unconditionally filter out doubtful network traffic in spite of its being normal network traffic. Therefore, to filter out only abnormal network traffic, step-by-step filtering capabilities are required. In this paper, we propose a framework for controlling abnormal network traffic. This framework is implemented through the CBQ and iptables mechanisms in Linux kernel.

Design and Implementation of an Adaptive User Interface for Home Network Environments

ABSTRACT With the growing proliferation of mobile computing devices, several industrial and academic research groups have a vigorous studying to remote control for various appliances with mobile devices such as Notebooks, PDAs, and Smartphones in home network environments. We can utilize the good points of mobile devices such as portability and usability so that we can remote control and manage the mobile devices connected on home networks anytime, anywhere. However, mobile devices use different languages. Therefore, they cause some problems because their interfaces and the methods of operation are different each other. To solve these problems, there are two consideration. First, we may be solved development of the user interface and difficulty of maintenance in order to control various heterogeneous devices. Second, we may provide the user interface which is dynamically adapting users preferences and device characteristics. To satisfy these considerations, we describe the design of an adaptive user interface for home network environments using the UIML (User Interface Markup Language) based on XML (eXtensible Markup Language) and the profile information of the user and device. Therefore, we present several implementation examples that show how the framework can form the basis of prototypical applications.Key Words:User Interface, UIML, Profile, Transcoder, Mapping Rule

Recursive Priority Inheritance Protocol for Solving Priority Inversion Problems in Real-Time Operating Systems

In this paper, a protocol, called recursive priority inheritance (RPI) protocol, is proposed to solve complicated priority inversion problems as well as basic one. Our proposed protocol is implemented and tested in the Linux kernel. Additionally, the performance of our proposed protocol is evaluated and compared with previous protocols in the aspect of time and space complexity analyses.

Design and Implementation of a Protocol for Solving Priority Inversion Problems in Real-time OS

Real-time operating systems have been used in various computing environments, where a job must be completed in its deadline, with various conditions, such as effective scheduling policies, the minimum of an interrupt delay, and the solutions of priority inversion problems, that should be perfectly satisfied to design and develop optimal real-time operating systems. Up to now, in order to solve priority inversion problems among several those conditions. There have been two representative protocols: basic priority inheritance protocol and priority ceiling emulation protocol. However, these protocols cannot solve complicated priority inversion problems. In this paper, we design a protocol, called recursive priority inheritance (RPI), protocol that effectively solves the complicated priority inversion problems. Our proposed protocol is also implemented in the Linux kernel and is compared with other existing protocols in the aspect of qualitative analysis.