The Journal of Society for e-Business Studies (한국전자거래학회지)

Society for e-Business Studies (한국전자거래학회)
권호 표지
DOI QR코드

DOI QR Code

Cloud Computing Strategy Recommendations for Korean Public Organizations: Based on U.S. Federal Institutions' Cloud Computing Adoption Status and SDLC Initiative

한국의 공공기관 클라우드 컴퓨팅 도입 활성화 전략: 미국 연방 공공기관 클라우드 컴퓨팅 도입현황 시사점 및 시스템 개발 수명주기(SDLC) 프로세스 전략을 중심으로

  • Received : 2015.09.08
  • Accepted : 2015.11.19
  • Published : 2015.11.30
Download PDF
⟨ Previous Next ⟩

Abstract

Compared to other countries, cloud computing in Korea is not popular especially in the government sector. One of the reasons for the current not-fully-blossomed situation is partly by early investment in huge government datacenters under Korea's e-government initiative; let alone, there was no strong control tower as well as no enforcing law and ordinances for driving such cloud computing initiative. However, in 2015 March 'Cloud Computing and Privacy Security Act' (hereinafter, Cloud Act) had been passed in the Parliament and from September 2015 Cloud Act was deployed in Korea. In U.S., FedRAMP (Federal Risk Assessment and Management Program) along with Obama Adminstration's 'Cloud First' strategy for U.S. federal institutions is the key momentum for federal cloud computing adoption. In 2015 January, U.S. Congressional Research Service (CRS) has published an extensive monitoring report for cloud computing in U.S. federal institutions. The CRS report which monitored U.S. government cloud computing implementation is indeed a good guideline for Korean government cloud computing services. For this reason, the purpose of the study is to (1) identify important aspects of the enacted Korean Cloud Act, (2) describe recent U.S. federal government cloud computing status, (3) suggest strategy and key strategy factors for facilitating cloud adoption in public organizations reflecting SDLC strategy, wherein.

그 동안 한국 공공기관에서 클라우드 컴퓨팅 도입은 그다지 활발하지는 않았다. 그 이유중의 한 가지는 한국은 클라우드 컴퓨팅 도입 이전 이미 세계최고 수준의 전자정부를 구축하였고, 정부에서는 클라우드 컴퓨팅을 주관하는 전담 컨트롤 타워와 이를 추진할 수 있게 하는 법령 제도 등이 없었기 때문이라고 할 수 있다. 그러나 이러한 상황은 2015년 9월 클라우드 법이 시행되어 매우 변화될 것으로 전망된다. 미국의 공공기관 클라우드 도입은 FedRAMP(Federal Risk Assessment and Management Program)에서 주도적으로 추진하고 있는데, 이는 미국의 Cloud First 정책과 연계된다. 미국 연방기관의 클라우드 서비스 도입과 관련하여 미국의회조사국(Congressional Research Service; 이하 CRS)에서는 2015년 1월 연방정부의 클라우드 도입과 관련된 보고서를 출간하였고, 이는 한국의 공공기관 클라우드 도입 정책에 좋은 지침이 될 것으로 판단된다. 본고에서는 (1) 한국의 클라우드 법의 중요한 사안을 분석하고 (2) 최근 미국 연방정부의 클라우드 서비스 도입 현황을 분석하며, (3) 시스템 개발 수명주기(SDLC) 기반의 도입 활성화 전략 프레임워크에 대하여 제안하였다.

Keywords

References

  1. Baek, S., Shin., J., and Kim, J., "Exploring the Korean Government Policies for Cloud Computing Service," Journal of the Society for e-Business Studies, Vol. 18, No. 3, pp. 1-14, 2013. https://doi.org/10.7838/jsebs.2013.18.3.001
  2. Chang, C., "Case and Lessons Learned from Cloud Computing Implementation in Public Organizations," Local Informatization Magazine, Vol. 74, pp. 22-31, 2012.
  3. Chang, H., "OpenStack Introduction and Demo for Beginners," OpenStack Summit, 2014.
  4. Chang, S., "Strategy and Action Plans for Cloud Service," Broadcasting and Communication Policy, Vol. 24, No. 9, pp. 1-22, 2012.
  5. Chang, S., Sohn, K., and Shin, H., "An Analysis on the U.S. FedRAMP," Weekly Technology Trend, NIPA, pp. 11-24, 2013.
  6. CIO Magazine, "What are the implications of Cisco and IBM's merging of open-stack companies?" [URL] http://www.ciokorea.com/news/25469.
  7. Dahlberg, T. and Nokkala T., "A Framework For The Corporate Governance of Data-Theoretical Background and Empirical Evidence," Business, Management and Education, Vol. 13, No. 1, pp. 25-45, 2015. https://doi.org/10.3846/bme.2015.254
  8. Figliola, P. M. and Fischer, E. A., "Overview and Issues for Implementation of the Federal Cloud Computing Initiative: Implications for Federal Information Technology Reform Management," US Congressional Research Service (CRS), 2015, 1.
  9. Goetz, M., "Data Governance Will Shine In The Data Economy," KM World Magazine, pp. 10-11, 2013, July/August.
  10. Gregory, A., "Data Governance- Protecting and Unleashing the Value of Your Customer Data Assets-Stage 1: Understanding Data Governance and Your Current Data Management Capability," Journal of Direct, Data and Digital Marketing Practice, Vol. 12 No 3, pp. 230-248, 2011. https://doi.org/10.1057/dddmp.2010.41
  11. Han, S., Feasibility Study on Strategic Planning to Build a Cloud Computing Environment for Smart Education, KERIS Issue Report, 2011.
  12. IT Daily, "Cover Story 2015, Cloud Computing will be launching strongly," [URL] http://www.itdaily.kr/news/article-View.html?idxno=58706.
  13. Kim, J., "Public Cloud Computing Model for Smart Office Environment Implementation," TTA Journal, Vol. 148, pp. 50-54, 2013.
  14. Kim, J. and Kim, E., "Policy and Status of Government Cloud Computing," Information Science, pp. 32-39, 2014.
  15. Kim, S., Choi, Y., and Jang S., "Building Future e-Government Service Based on Cloud Computing Architecture," Journal of Information Technology and Architecture Vol. 7. No. 3, pp. 269-280, 2010.
  16. Kim, T., Hwang, S., Suh S., and Kim D., "Designing Cloud Computing System for Local Governments: In Pursuit of an Optimal Model Utilizing Case Study and Feasibility Study, Journal of Korean Association for Regional Information Society, Vol. 18, No. 1, pp. 85-107, 2015.
  17. Koh, G., "A Study on Security-Enhanced Cloud Service E&C(Evaluation and Certification) Scheme," Journal of Security Engineering, Vol. 9, No. 6, pp. 481-494, 2012.
  18. Korea Cloud Service Association, Cloud Infra(Open Cloud), KCSA, 2014.
  19. Kundra, V., "25 Point Implementation Plan to Reform Federal Information Technology Management," The White House, 2010, 9.
  20. Kundra, V., "Fedral Cloud Computing Strategy," The White House, 2011.
  21. Lee, M., "How to Ensure the Financial Resource Diversity of Local Information Project: A Exploratory Study from the Institutional Perspective," The Korean Journal of Local Government Studies, Vol. 17, No. 4, pp. 387-407, 2014.
  22. Ministry of Security and Public Administration( MoSPA), Government 3.0 Cloud Implementation Plan, MoSPA, 2013.
  23. Ministry of Security and Public Administration( MoSPA), Guideline for Cloud Office Environment in Public Administration Organizations, MoSPA, 2012.
  24. National Information Agency Report, A Study on the Introduction of the Certificate System to Activate the Cloud Service, NIA, 2010.
  25. National Information Agency Report, Analysis of Service Cases and New Public Services Based On The Cloud Computing, NIA, 2012.
  26. National Information Agency Report, Cloud Policy Support for the Activation of Public Service Broadcasting Communication Convergence, NIA, 2012.
  27. National Information Agency Report, The Study on Applying Cloud Computing for Public Sector, NIA, 2010.
  28. NIST, US Government Cloud Computing Technology Roadmap Vol. 1 and 2, Department of Commerce, 2014.
  29. Oh, K., "Critical Review on Cloud Act in Korea," Democratic Legal Studies, Vol. 56, pp. 247-276, 2014.
  30. Ra, J., "A Study on Cloud Computing Service Features," Journal of Digital Contents, Vol. 12, No. 3, 2011.
  31. Ra, J., Lee, J., Shin S., Kim J., and Choi, Y., "Classification Model for Cloud-based Public Service," Journal of Information Technology and Architecture, Vol. 10. No. 4, pp. 509-516, 2013.
  32. Radack, S., "The System Development Life Cycle(SDLC)," National Institute of Standard and Technology(NIST) Special Publication(SP) 800-64, 2009.
  33. Seo, K., "A Comparison Study between Korean Cloud Service Certification Systems and U.S. FedRAMP," The Journal of Digital Policy & Management, Vol. 10, No. 11, pp. 59-65, 2012.
  34. Shin, S. and Song, S., "A Priority Study for Applying Public Cloud Services in Korea by Mapping the SRM with Overseas Cloud Services in the Public Sector," Internet and Information Security, Vol. 3, No. 3, pp. 67-89, 2012.
  35. Shin, Y., "A Study on Personal Information Security Policy in Cloud Service Expansion," Korea Society of Public Administration, Winter Conference, pp. 1674-1692, 2012.
  36. Song, I., "Sensitivity Analysis of Quasi-Governmental Agencies' Decisions for Cloud Computing Service," Journal of Internet Computing and Services, Vol. 16, No. 1, pp. 91-100, 2015. https://doi.org/10.7472/jksii.2015.16.1.91
  37. Song, S., "Consideration of Cloud Computing SLA," TTA Journal, Vol. 139, pp. 59-64, 2012.
  38. Song, S., Kim. J., Ra, J., and Lee, J., "A Study on Adopting Model for Cloud-based public service," The Journal of Digital Policy and Management, Vol. 11, No. 5, pp. 63-72, 2013.
  39. Zdnet news, "A Perspective of Openstack betting of SKT, long-term investment will be the success factor," [URL] http://www.zdnet.co.kr/news/news_view.asp?artice_id=20150206180553.

Cited by

  1. 클라우드 보안성 강화를 위한 연산 효율적인 인스턴스 메모리 모니터링 기술 vol.27, pp.4, 2015, https://doi.org/10.13089/jkiisc.2017.27.4.775
  2. 금융회사 클라우드 활성화를 위한 비중요정보처리시스템 지정방안 연구 vol.28, pp.4, 2015, https://doi.org/10.13089/jkiisc.2018.28.4.889
  3. 국내 클라우드 정책의 성과 분석을 통한 수요자 관점의 산업 활성화 연구 vol.21, pp.1, 2015, https://doi.org/10.7472/jksii.2020.21.1.159