Digital Library[ Search Result ]
An NVM-based Efficient Write-Reduction Scheme for Block Device Driver Performance Improvement
http://doi.org/10.5626/JOK.2019.46.10.981
Recently, non-volatile memory (NVRAM) has attracted substantial attention as a next-generation storage device due to the fact that it shows higher read/write performance than flash-based storage as well as higher cost-effectiveness than DRAM. One way to use NVRAM as a storage device is to modify the existing file system layer or block device layer. Leveraging the NVRAM block device driver is advantageous in terms of overall system compatibility, as it does not require any modification of the existing storage stack. However, when considering the byte-level addressing of the NVRAM device, the block write is not effective in terms of durability or performance. In this paper, we propose a block device driver that attempts to optimize the existing block write operations while considering the existing functionalities of the file system. The proposed block write reduction scheme provides a partial block write by classifying the type of blocks according to the structure of the file system as well as the amount of data modified in the block using XOR operation. Several experiments are performed to validate the performance of the proposed block device driver under various workloads, and the results show that, compared to the conventional block write operations, the amount of writes is reduced by up to 90%.
Design and Implementation of Security System for Providing Secure Boot and Firmware Update in Low-end IoT Device
Kiyeong Lee, Byoungseon Kim, Jinsung Cho
http://doi.org/10.5626/JOK.2018.45.4.321
Low-end IoT devices are problematic due to the many limitations involved in applying IoT devices to various existing security solutions. This is because most security solutions are targeted at high-performance PC environments. These limitations are causing steadily increasing technical security vulnerabilities and various security threats to IoT devices. In this paper, we propose a secure boot and firmware update system that can be applied in a constrained environment. At the secure boot, the proposed system verifies the integrity of the firmware of the device. The secure firmware update performs reliability verification of the subject attempting to update. Finally, we analyze the security performance of the proposed system by simulating various threats that may occur in low-end IoT devices.
An Effective Technique for Detecting Vulnerabilities in Android Device Drivers
Android- and Linux-based embedded systems require device drivers, which are structured and built in kernel functions. However, device driver software (firmware) provided by various 3rd parties is not usually checked in terms of their security requirements but is simply included in the final products, that is, Android-based smart phones. In addition, static analysis, which is generally used to detect vulnerabilities, may result in extra cost to detect critical security issues such as privilege escalation due to its large proportion of false positive results. In this paper, we propose and evaluate an effective technique to detect vulnerabilities in Android device drivers using both static and dynamic analyses.
A Secure BLE Integration Authentication System for a BLE Device Control Server based on Physical Web and Eddystone
ChoonSung Nam, Hyunhee Jung, Dongryeol Shin
Physical Web and Eddystone can be serviced by a single integrated application on the device by using their servers’ URL. However, they have a limitation that their servers must be customized for service characteristics on a case by case basis. In other words, regardless of the service selected for BLE, it should have a modified linkage application for each device. Hence, we think that a new integrated service platform, which is able to link and support its Beacon from the central server and is also able to support its application, is needed for achieving better service quality. This platform consists of push (Broadcasting for Beacon service) parts and pull (Connection) parts to establish communication. Especially, Pull should be operated and controlled under the authorization (secure) management for safe and trustable communication. It means that BLE must have its new authorization communications protocol to protect its data as much as possible. In this paper, we propose a BLE integrated authorization protocol for a BLE device control server based on Physical Web and Eddystone.
Systematic Development of Mobile IoT Device Power Management : Feature-based Variability Modeling and Asset Development
Hyesun Lee, Kang Bok Lee, Hyo-Chan Bang
Internet of Things (IoT) is an environment where various devices are connected to each other via a wired/wireless network and where the devices gather, process, exchange, and share information. Some of the most important types of IoT devices are mobile IoT devices such as smartphones. These devices provide various high-performance services to users but cannot be supplied with power all the time; therefore, power management appropriate to a given IoT environment is necessary. Power management of mobile IoT devices involves complex relationships between various entities such as application processors (APs), HW modules inside/outside AP, Operating System (OS), platforms, and applications; a method is therefore needed to systematically analyze and manage these relationships. In addition, variabilities related to power management such as various policies, operational environments, and algorithms need to be analyzed and applied to power management development. In this paper, engineering principles and a method based on them are presented in order to address these challenges and support systematic development of IoT device power management. Power management of connected helmet systems was used to validate the feasibility of the proposed method.
Design and Implementation of DNS Name Autoconfiguration for Internet of Things Devices
As one of the most spotlighted research areas, these days, the Internet of Things (IoT) aims to provide users with various services through many devices. Since there exist so many devices in IoT environments, it is inefficient to manually configure the domain name system (DNS) names of such devices. Thus, for IPv6-based IoT environments, this paper proposes a scheme called the DNS Name Autoconfiguration (DNSNA) that autoconfigures an IoT device’s DNS name and manages it. In the procedure for generating and registering an IoT device’s DNS name, the standard protocols of the Internet Engineering Task Force (IETF) are used. Since the proposed scheme resolves an IoT device’s DNS name into an IPv6 address in unicast through a DNS server, it generates less traffic than multicast-based mDNS (Multicast DNS) which is a legacy DNS application for the DNS name service in the smart home. Thus, the proposed scheme is more appropriate in multi-hop IoT networks than mDNS. This paper explains the design of the proposed scheme and its service scenarios, such as smart home and smart road. It also explains the implementation and testing of the proposed scheme in the smart grid.
BLE-OTP Authorization Mechanism for iBeacon Network Security
Hyunhee Jung, Dongryeol Shin, Kwangsu Cho, Choonsung Nam
Machine to Machine (M2M) technology has gained attention due to the fast diffusion of Internet of Things (IoT) technologies and smart devices. Most wireless network experts believe that Bluetooth Low Energy (BLE) Communications technology in an iBeacon network has amazing advantages in terms of providing communication services at a low cost in smartphone applications. Specifically, BLE does not require any pairing process during its communication phases, so it is possible to send a message to any node without incurring additional transmissions costs if they are within the BLE communication range. However, BLE does not require any security verification during communication, so it has weak security. Therefore, a security authorization process would be necessary to obtain customer confidence. To provide security functions for iBeacon, we think that the iBeacon Message Encryption process and a Decryption (Authorization) process should be designed and implemented. We therefore propose the BLE message Authorization Mechanism based on a One Time Password Algorithm (BLE-OTP). The effectiveness of our mechanism is evaluated by conducting a performance test on an attendance system based on BLE-OTP.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr