Journal of Korea Society of Digital Industry and Information Management (디지털산업정보학회논문지)

Korea Society of Digital Industry and Information Management (디지털산업정보학회)
권호 표지
DOI QR코드

DOI QR Code

A Design of Interdependent Multi Session Authentication Scheme for Secure Cloud Service

안전한 클라우드 서비스를 위한 상호의존적 다중세션 인증 기법 설계

  • Received : 2014.08.19
  • Accepted : 2014.09.04
  • Published : 2014.09.30
⟨ Previous Next ⟩

Abstract

Cloud computer technology currently provides diverse services based on a comprehensive environment ranging from hardware to solution, network and service. While the target of services has been extended from institutions and corporations to personal infrastructure and issues were made about security problems involved with protection of private information, measures on additional security demands for such service characteristics are insufficient. This paper proposes a multi-session authentication technique based on the characteristics of SaaS (Software as a Service) among cloud services. With no reliable authentication authority, the proposed technique reinforced communication sessions by performing key agreement protocol safe against key exposure and multi-channel session authentication, providing high efficiency of performance through key renewal using optimzied key table. Each formed sessions have resistance against deprivation of individual confirmation and service authority. Suggested confirmation technique that uses these features is expected to provide safe computing service in clouding environment.

Keywords

References

  1. Young-Won Kang, "Recent Trends of Cloud Computing Services," NET Term, 2012.
  2. Daryl C. Plummer, Thomas J. Bittman, Tom Austin, David W. Cearley, David Mitchell Smith. "Cloud Computing: Defining and Describing an Emerging Phenomenon," Gartner Research, 2008.
  3. IDC, "Worldwide and Regional Public IT Cloud Services 2013-2017 Forecast," 2013.
  4. Gartner, "Forecast Overview: Public Cloud Services, Worldwide, 2011-2016," 2013.
  5. Eui-Nam Heo, "Personal Cloud Security Technology and Privacy," Telecommunications Technology Association, TTA Journal Vol. 139, 2012.
  6. Hwan-Seok Yang, "A Study on Improvement Stabilty of Cloud Service using Atack Information Colection," Korea Society of Digital Industry & Information Management, Vol. 9, No. 2, 2013.
  7. Jeong-Mo Yang, "A Study on Improving the Reliabilty of Cloud Computing," Korea Society of Digital Industry & Information Management, Vol8 No. 4, 2012.
  8. Chul-Soo Im, "Cloud Computing Security Technology," Korea Institude of Information Security & Cryptology, Vol. 19, No. 3, pp. 12-15, 2009.
  9. Ae-ra Kwon, "Changes in the IT ecosystem and countermeasures according to the diffusion Cloud Services," Korea Information Technology Service Industry Association.
  10. Hyun-Young Yoon, "Cloud Services Trends and Issues," Korea Communication Agency, 2011.
  11. Kwang-Seok Kim, "Domestic and foreign market and policy trends in cloud computing," National IT Industry Promotion Agency, 2013.
  12. IBM, "Defining a framework for cloud adoption," IBM Global Technology Services, Thought Leadership White Paper, 2010.
  13. Ki-Chul Kim, "A Security Evaluation Criteria for Korean Cloud Computing Service," Korea Institute Of Information Security And Cryptology, Vol. 23, No. 2, 2013, pp. 3-17. https://doi.org/10.13089/JKIISC.2013.23.1.003
  14. CSA, "The Notorious Nine: Cloud Computing Top Threats in 2013," Cloud Security Alliance, 2013.
  15. Kab-Seung Ko, "A Study on Security-Enhanced Cloud Service E&C(Evaluation and Certification Scheme," Journal of Security Engineering, Vol. 9, No. 6, 2012.
  16. Daryl C. Plummer, Thomas J. Bittman, Tom Austin, David W. Cearley, David Mitchell Smith, "Cloud Computing: Defining and Describing an Emerging Phenomenon," Gartner Research, 2008