VPN 관리를 위한 망관리 구조

송왕철,김장형 濟州大學校 工科大學 産業技術硏究所 1998 尖端技術硏究所論文集 Vol.9 No.1

These days the VPN services are provided on basis of the bandwith contracts rather than through leased lines. They require the network managment capabilities. In this paper, hence, an architecture for the VPN service management is proposed on the basis of the structural considerations using the TMN concept. In addtion, the distributed processing technologies are introduced for implementing the architecture. The management architecture for VPN services may be composed of domains for customers and VPN service providers and public network operator/provider, and the domains can be managed via the TMN X interface. Hence, the architecture is modelled hierarchically. It is based on the structuring rule of partitioning and layering on ITU-T G.803 recommendation. On the architecture, the management operations via the X interface can have been performed efficiently by introducing the X.500 directory service and the ODP Trader.

망관리 명명 방식의 접근 제어 모델로의 확장

송왕철 濟州大學校工科大學産業技術硏究所 1996 尖端技術硏究所論文集 Vol.7 No.2

In this paper, the access control management function of several system management functions(SMFs) from the X.741 ITU-T recommendation is considered for security network management systems based on the common management information service element(CMISE) of OSI network management and a naming method using the general relationship model(GRM) is intended to extended to an access control model. When a manager is to perform network management operations through a remote agent in a distributed network, all managed objects (MO) in the management information base (MIB) that is managed by the agent must have a globally unique name so that each MO in the MIB is identified by the manager and access control functions for the MOs are carried out. Therefore, an access control model is proposed which extends the relationship used in the global naming scheme and in which each MO inherits access control characteristics from a domain class as a superclass in the inheritance tree of the MIB.

VPN 관리를 위한 망관리 구조

송왕철,김장형 濟州大學校 産業技術硏究所 1998 산업기술연구소논문집 Vol.9 No.1

These days the VPN services are provided on basis of the bandwith contracts rather than through leased lines. They require the network managment capabilities. In this paper, hence. an architecture for the VPN service management is proposed on the basis of the structural considerations using the TMN concept. In addtion, the distributed processing technologies are introduced for implementing the architecture. The management architecture for VPN services may be composed of domains for customers and VPN service providers and public network operator/provider. and the domains can be managed via the TMN X interface. Hence. the architecture is modelled hierarchically. It is based on the structuring rule of partitioning and layering on ITU-T G.803 recommendation. On the architecture, the management operations via the X interface can have been performed efficiently by introducing the X.500 directory service and the ODP Trader.

Design and Implementation of a Security Management System for Secured OSI Directory Services

송왕철,김장형 濟州大學校 産業技術硏究所 1996 산업기술연구소논문집 Vol.7 No.1

In this paper, we have designed and implemented a security management system, which is based on the CMISE services. This system provides two security-related System Management Functions(SMFs) to security management users such as notification of a security event alarm and an audit trail of a security related event. These SMFs are implemented using osimis-4.0, OSI Network Management platform. The target of this security management system is secure X.500 directory services based on the Authentication Framework specified in the recommendation X.509. The security system is implemented using OSISEC and its services are data confidentiality, data integrity and non-repudiation of origin. Based on the OSI network management framework, we implemented a manager system which administers the keys and provides CMISE services, and also some remote agent systems which provide services for the events concerning the security system, while also interacting with MIB. Access Control SMF is being implemented.

IEEE 802.11b/g 무선랜 기반 SOHO환경에서의 트래픽 측정 및 분석

정우철,김성수,송왕철 제주대학교 공과대학 첨단기술연구소 2006 尖端技術硏究所論文集 Vol.17 No.1

802.11 b and 802.11g are both IEEE standards but they have different performances. Today, SOHO(Small Office Home Office) environment requires wireless channels. Therefore, in this paper, the general performance of wireless channels in SOHO environment is analyzed. Basically, we do the measurements for wireless environment between the host and the host AP. At first, we test the streaming service and then we confirm the service difference to use VOIP phone. We do several experiments to estimate the performance of the services in wireless environment of SOHO.

Object Web 基盤의 OSI 망 管理

김강석,송왕철 濟州大學校工科大學産業技術硏究所 1998 尖端技術硏究所論文集 Vol.9 No.2

The Object web translates the existing CORBA IDL into the Java language and uses IIOP for interaction between a client and a server under the exiting Web environment. The client and the server through the Object Web. do not use HTTP, a web protocol, but IIOP that is an inter-object communication protocol provided by the CORBA. This paper proposes an architecture which consists of a gateway, a CORBA manager and an OSI agent. The CORBA manager is based on Object Web and can manage MOs in the OSI domain. The gateway has a role to translate CORBA IDLS into CMIS service and vice versa. Hence, an OSI agent can be abstracted into a CORBA agent. In this architecture, any client with the Web browser can manage OSI MOs in distributed environment. The client can invoke the management operations through CORBA server after it download the Java applet from HTTP server.

Java Applet을 이용한 SNMP 망 管理 使用者 인터페이스

오양훈,송왕철,강건호 濟州大學校工科大學産業技術硏究所 1998 尖端技術硏究所論文集 Vol.9 No.2

The internet enables multivendor computer systems to join together so that many different models of network devices can co-exist with one another. These days a management program for a web-based SNMP network device is being developed by using web techniques such as HTML. Java Applet, etc. This paper proposes a user interlace technique for managing a web-based network to provide static, dynamic, and interactive management information. Hence. the implementation of the user interface using the web-based technique of Java Applet, makes it possible for a manager to easily search and manage agent MIBs through a browser.

이동에이전트를 이용한 네트워크 패킷기반 침입탐지 시스템

방성민,송왕철 濟州大學校 情報通信硏究所 2000 情報通信硏究所論文集 Vol.3 No.-

The networked environment has the possibility of the illegal access to the private informations and the attacks via networks. Therefore. security management technologies to protect networks from intrusions and network attacks have been given much attention. Intrusion detection system is an important component of the security management system for large network. It is hard to adapt to the heterogeneous internet environment because of the conventional intrusion detection system depends on the specific system environments. The new intrusion detection architecture with mobile agent technology is proposed in the paper. The mobile agent is an itinerary software program that autonomously runs on behalf of its operator in a network environment. It helps the adaptability in the intrusion detection system and decrease the network traffic. For the purpose. we analyze the attack patterns and design the new intrusion detection architecture.

Netflow 기반 종단 간 Flow 모니터링

김성수,송왕철 제주대학교 공과대학 첨단기술연구소 2006 尖端技術硏究所論文集 Vol.17 No.1

As the next generation internet (NGI) is supporting High-speed in Gbps rate with the appearance of advanced network technologies, various applications that require high data rates such as video conferencing, telemedicine etc. have been experimented and operated. By using high speed application services, many kinds of problems can be generated but we cannot easily grasp their reasons. However, if the user monitors the end-to-end flow data, he can find them more accurately. Until now, we have found out the fact that systems which can network-widely monitor end-to-end flow have not be developed yet, only simple systems which can monitor user's indivisual flow data at just one node are developed. In this study, we suggest and materialize a system which can analyze bandwidth in real time by searching routing paths and measuring packet transfer rate between end-to-end flow data. By using the system, user can find out routing path for the end-to-end flow and also present data easily rate by some measured value. It is expected that the network manager can analyze and fix the problem, hence, improving the quality of service.

Object Web 기반의 OSI 망 관리

김강석,송왕철 濟州大學校 産業技術硏究所 1998 산업기술연구소논문집 Vol.9 No.2

The Object Web translates the existing CORBA IDL into the Java language and uses IIOP for interaction between a client and a server under the exiting Web environment. The client and the server through the Object Web, do not use HTTP, a web protocol, but IIOP that is an inter-object communication protocol provided by the CORBA. This paper proposes an architecture which consists of a gateway. a CORBA manager and an OSI agent. The CORBA manager is based on Object Web and can manage MOs in the OSI domain. The gateway has a role to translate CORBA IDLs into CMIS service and vice versa. Hence, an OSI agent can be abstracted into a CORBA agent. In this architecture, any client with the Web browser can manage OSI MOs in distributed environment. The client can invoke the management operations through CORBA server after it download the Java applet from HTTP server.