-
公开(公告)号:KR100882348B1
公开(公告)日:2009-02-13
申请号:KR1020060123871
申请日:2006-12-07
Applicant: 한국전자통신연구원 , 전남대학교산학협력단
CPC classification number: G06F21/6218
Abstract: 본 발명은 보안 정책의 복잡성을 개선시켜 전문지식이 없는 사용자가 보안 정책을 쉽게 설정할 수 있도록 하는 보안 운영 체제에서의 보안 정책 설정 방법 및 장치에 관한 것으로, 객체의 타입 수 및 규칙의 수를 현저하게 감소시켜 보안 정책의 복잡성을 제거하고, 그 결과 전문 지식이 없는 사용자라도 쉽게 원하는 보안 정책을 설정하거나 조정할 수 있도록 하기 위하여, 주체, 객체, 그리고 주체가 객체에 가질 수 있는 권한을 설정하는 형태로 구성되는 보안 정책 템플릿을 정의하고, 상기 정의된 보안 정책 템플릿을 SELinux에 적용 가능한 TE 보안 정책으로 변화하여 SELinux에서 보안 정책으로 적용될 수 있도록 한 것이다.
보안 정책, 보안 운영 체제, SELinux, TE(Type Enforcement)-
公开(公告)号:KR1020080051972A
公开(公告)日:2008-06-11
申请号:KR1020060123871
申请日:2006-12-07
Applicant: 한국전자통신연구원 , 전남대학교산학협력단
CPC classification number: G06F21/6218 , G06F9/4401 , G06F21/6281
Abstract: A method and a device for setting up a security policy for a secure OS(Operating System) are provided to remove complexity by reducing the number of types and rules remarkably based on comparison with a usual SELinux(Security Enhanced Linux) security policy setting mode, and enable a user having no specialize knowledge to set up or control the desired security policy easily. An SELinux security policy template(51) comprises a form for setting up a subject, an object, and a subject's right for the object. A converting module(52) converts the security policy template into a TE(Type Enforcement) security policy(53) applicable to SELinux. The security policy includes a subject element defining the subject accessing the object, an object element defining the object accessed by the defined subject, a right element defining an access authority between the defined object and subject, and a transition element defining domain transition. The converting module includes a parser(521) parsing the security policy template, and a generator(522) generating more than one of a subject domain, the domain transition, an object type, and a TE operation from the parsed data, and generating TE context by combining the same.
Abstract translation: 提供了一种用于设置安全操作系统(Operating System,安全操作系统)安全策略的方法和设备,以通过与通常的SELinux(安全增强型Linux)安全策略设置模式进行比较来显着减少类型和规则的数量来消除复杂性, 并且使得不具有专业知识的用户容易地设置或控制期望的安全策略。 SELinux安全策略模板(51)包括用于设置对象的对象,对象和主体的权利的表单。 转换模块(52)将安全策略模板转换为适用于SELinux的TE(Type Enforcement)安全策略(53)。 安全策略包括定义访问对象的主体的主题元素,定义由定义的对象访问的对象的对象元素,定义被定义的对象和对象之间的访问权限的正确元素以及定义域转换的过渡元素。 转换模块包括解析安全策略模板的解析器(521),以及生成器(522),从解析的数据生成多个主题域,域转换,对象类型和TE操作,以及生成TE 上下文相结合。
-
公开(公告)号:KR101844786B1
公开(公告)日:2018-04-06
申请号:KR1020110134838
申请日:2011-12-14
Applicant: 한국전자통신연구원
IPC: G06F15/16
Abstract: 본발명은클라우드인프라공유지원장치및 그방법에관한것으로, 클라우드에포함된각 서버에구비된정보수집에이전트로부터전송되는서버자원정보들을수집하여생성되는상기클라우드의클라우드자원정보및 복수의클라우드들각각의클라우드자원정보를포함하는클라우드인프라통합정보를수신하여저장하는클라우드인프라정보관리기와, 복수의클라우드들각각의클라우드자원정보를수집하여상기클라우드인프라통합정보를생성및 관리하는클라우드인프라통합정보관리기와데이터를송수신하는클라우드인프라공유인터페이스, 및상기클라우드에포함된임의의서버로부터서비스이동요청신호가수신되면, 상기클라우드인프라정보관리기를통하여상기서비스의이동에적합한서비스이동대상클라우드의정보를검색하여상기검색된이동대상클라우드에서자원을할당받아상기서비스의이동에필요한데이터를전송함으로써서비스이동을수행하는서비스이동중계모듈을포함하는인프라공유장치를통하여, 클라우드상의자원을효율적으로이용할수 있도록한다.
-
公开(公告)号:KR101786871B1
公开(公告)日:2017-11-15
申请号:KR1020100130086
申请日:2010-12-17
Applicant: 한국전자통신연구원
CPC classification number: G06F12/08 , G06F12/0284 , G06F12/1009 , G06F12/1072
Abstract: 본발명에따른복수의노드의개별메모리를통합하여대용량통합메모리(CVM)를형성하는클러스터시스템내의임의의지역노드에포함된원격페이지폴트를처리하는장치는, CVM-맵, 노드메모리정보테이블, 가상메모리영역및, CVM 페이지테이블을포함하는메모리와, 사용자프로세스가메모리할당을요청할때, 상기대용량통합메모리를프로세스의주소공간에사상하는메인제어부를포함한다.
-
公开(公告)号:KR1020140099109A
公开(公告)日:2014-08-11
申请号:KR1020130011943
申请日:2013-02-01
Applicant: 한국전자통신연구원
CPC classification number: G06F11/3664
Abstract: A system for supporting an application service test using a multi-cloud comprises a user interface module for providing an integrated interface for integrated management of services arranged on the multi-cloud and user management; a cloud service brokerage module for supporting interoperability of computing resources for a cloud infrastructure and providing a brokerage function between a test service user and a cloud service provider; a test management module for providing an integrated environment for testing the application services and managing test result data based on a multi-cloud environment provided by the cloud service brokerage module; and a test agent module for controlling a test target application service in order to manage a collection and test procedure of the test data required for the test management module providing the test service.
Abstract translation: 用于支持使用多云的应用服务测试的系统包括:用户界面模块,用于提供集成接口,用于集成管理,安排在多云和用户管理上; 云服务经纪模块,用于支持云基础架构的计算资源的互操作性,并在测试服务用户和云服务提供商之间提供经纪功能; 测试管理模块,用于提供用于测试应用服务的集成环境,并且基于由云服务代理模块提供的多云环境来管理测试结果数据; 以及用于控制测试目标应用服务的测试代理模块,以便管理提供测试服务的测试管理模块所需的测试数据的收集和测试过程。
-
Patent Agency Ranking
公开(公告)号:KR1020120063946A
公开(公告)日:2012-06-18
申请号:KR1020100125132
申请日:2010-12-08
Applicant: 한국전자통신연구원
CPC classification number: G06F12/0284 , G06F2212/2542
Abstract: PURPOSE: A memory device for the bulk unified memory, and a meta-data managing method are provided to minimize the saving space overhead of meta-data in a local node and a master node for the bulk unified memory. CONSTITUTION: A memory device for the bulk unified memory comprises the following: a CVM(collective volume memory) command tool(210) for managing a CVM, and controlling the operation of the CVM by analyzing inputted commands from users; and a CVM engine(220) configuring the CVM, initializing, or allocating or accessing the CVM by data transferred from the CVM command tool.
Abstract translation: 目的:提供用于批量统一存储器的存储器件和元数据管理方法,以最小化用于批量统一存储器的本地节点和主节点中的元数据的节省空间开销。 构成:用于批量统一存储器的存储器件包括:用于管理CVM的CVM(集体容量存储器)命令工具(210),并且通过分析来自用户的输入命令来控制CVM的操作; 以及通过从CVM命令工具传送的数据来配置CVM,初始化或分配或访问CVM的CVM引擎(220)。
-
公开(公告)号:KR1020110018618A
公开(公告)日:2011-02-24
申请号:KR1020090076168
申请日:2009-08-18
Applicant: 한국전자통신연구원
CPC classification number: G06F9/4843 , G06F2209/504 , Y02D10/22
Abstract: PURPOSE: An asynchronous input/output process apparatus of multiple thread and a method thereof for increasing the performance of a system by efficiently controlling the thread are provided to optimize program performance without controlling and managing the thread. CONSTITUTION: An input/output processing unit(30) performs input/output progress requested by a thread. A ring buffer(40) stores an input/output event according to the input/output process result of the input/output processing unit. A control unit(10) sets up the limit of the execution thread. The input/output event stored in the ring buffer is processed.
Abstract translation: 目的:提供一种多线程的异步输入/输出处理装置及其方法,用于通过有效地控制线程来提高系统的性能,以优化程序性能,而无需控制和管理线程。 构成:输入/输出处理单元(30)执行线程请求的输入/输出进程。 环形缓冲器(40)根据输入/输出处理单元的输入/输出处理结果存储输入/输出事件。 控制单元(10)设置执行线程的限制。 存储在环形缓冲区中的输入/输出事件被处理。
-
公开(公告)号:KR1020090030149A
公开(公告)日:2009-03-24
申请号:KR1020070095509
申请日:2007-09-19
Applicant: 한국전자통신연구원
Abstract: A system for providing a personalized dynamic crowdsourcing service and a method thereof are provided to offer an integrated development environment to individual developers or developers in a small and medium sized enterprise by introducing opensourcing software development. A development environment generation server(130) generates a software development environment dynamically according to a user demand. A result management server(120) searches and registers a software outcome which the development has been completed. A user terminal(110) searches and registers a software outcome which the development has been completed by access to a development environment generating server or an outcome management server. The development environment generating server generates the most suitable software development environment according to a user's request, and manages a software component store(131), a development environment knowledge store(132) and a resource pool(140).
Abstract translation: 提供一种用于提供个性化动态众包服务及其方法的系统,通过引入开放式软件开发,为中小企业的个体开发人员或开发人员提供集成开发环境。 开发环境生成服务器(130)根据用户需求动态生成软件开发环境。 结果管理服务器(120)搜索并注册完成开发的软件结果。 用户终端(110)通过访问开发环境生成服务器或结果管理服务器来搜索并注册已完成开发的软件结果。 开发环境生成服务器根据用户的请求生成最合适的软件开发环境,并且管理软件组件存储(131),开发环境知识库(132)和资源池(140)。
-
公开(公告)号:KR1020050064578A
公开(公告)日:2005-06-29
申请号:KR1020030096054
申请日:2003-12-24
Applicant: 한국전자통신연구원
IPC: G06F15/16
Abstract: 본 발명은 서버 관리시스템 및 이를 이용한 데이터 교환방법에 관한 것으로, 상기 관리시스템의 서버 측 데몬을 두 개의 데몬으로 구분하고, 에이전트 측 데몬은 최소한의 작업만 할 수 있도록 설계함으로서 통신 부하를 줄일 수 있도록 한다.
이에, 본 발명은 사용자 인터페이스로부터 요청된 데이터를 수신하고, 상기 데이터에 따른 결과를 디스플레이 하는 콘솔 데몬과, 상기 콘솔 데몬으로부터 전달된 사용자의 요청 데이터를 관할하고, 관리되는 다수의 서버와 통신을 통해 서버의 상태를 파악하며, 상기 사용자로부터 요청된 데이터의 결과를 송수신하여 분석, 가공하는 매니져 데몬 및 상기 매니져 데몬으로부터 전송된 요청 데이터에 따른 정보를 제공하는 워커 데몬으로 구성된다.-
公开(公告)号:KR100250465B1
公开(公告)日:2000-04-01
申请号:KR1019970057675
申请日:1997-11-03
Applicant: 한국전자통신연구원
IPC: G06F13/00
Abstract: PURPOSE: The method for transmitting the message of SPAX(Scalable Parallel Architecture computer based on X-bar network) is provided to transmit the large data to the destination node by using the Xcent Net. CONSTITUTION: The memory area for building the message header is allocated(501). The space to wait for the transmission completion is allocated(502). If sending messages are synchronous transmission(503), the space waiting for the responding message is allocated(504). And the size to send is calculated(505), and the memory for building the message body to send in the size is allocated(506). If sending messages are synchronous transmission(507), the size of the responding message is also calculated(508). Otherwise, the header is built in the allocated header area with the content, the destination node, the transmission method, the body place, the message size, etc(509). The body is built with the message content and the receiving port information received from the system server(510). If there is an empty MSB(Message Send Buffer) among eight(511), the content of the header is written in the allocated MSB(512), waiting until the written message is moved to the empty space of the MSB(513), and waiting for the transmission completion of messages(514). The allocated memory for building the header and body is returned(515). If the sending messages is synchronous transmission(516), waiting for the responding messages(517), which is delivered to the system server(518). The space allocated for the responding messages is returned(519) and the space allocated for the transmission completion waiting is also returned(520).
Abstract translation: 目的:提供用于传输SPAX消息(基于X-bar网络的可扩展并行架构计算机)的方法,以通过使用Xcent Net将大数据传输到目的节点。 构成:构建消息头的存储区被分配(501)。 分配等待传输完成的空间(502)。 如果发送消息是同步传输(503),则分配等待响应消息的空间(504)。 并计算发送的大小(505),并分配用于构建以大小发送的消息体的存储器(506)。 如果发送消息是同步传输(507),则还计算响应消息的大小(508)。 否则,头部内置有分配的头部区域,内容,目的地节点,传输方法,正文位置,消息大小等(509)。 身体构建有从系统服务器(510)接收的消息内容和接收端口信息。 如果在八(511)中有一个空的MSB(消息发送缓冲区),则头部的内容被写入分配的MSB(512)中,等待直到写入的消息移动到MSB(513)的空的空间, 并等待消息的传输完成(514)。 返回用于构建标题和正文的分配内存(515)。 如果发送消息是同步传输(516),则等待传送到系统服务器(518)的响应消息(517)。 返回分配给响应消息的空间(519),并返回分配给传输完成等待的空间(520)。
-
-
-
-
-
-
-
-
-
Search Results
73
records
(took 0.029 seconds)
