한국인터넷방송통신학회논문지 (The Journal of the Institute of Internet, Broadcasting and Communication)

  • 제16권6호
  • /
  • Pages.83-94
  • /
  • 2016
  • /
  • 2289-0238(pISSN)
  • /
  • 2289-0246(eISSN)
한국인터넷방송통신학회 (The Institute of Internet, Broadcasting and Communication)
권호 표지
DOI QR코드

DOI QR Code

가상화 환경의 안전한 데이터 공유를 위한 다중 인스턴스간 상호인증 기법

Mutual Authentication Scheme between Multiple Instances for Secure Data Share of Virtualized Environment

  • 투고 : 2016.09.28
  • 심사 : 2016.12.09
  • 발행 : 2016.12.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

최근 클라우드, 빅데이터, 인공지능 등 다양한 분야의 서버 플랫폼이 가상화 기술을 사용하고 있지만 지속적으로 발생하는 구조적인 보안 취약성이 이슈화 되고 있다. 또한 대부분 가상화 보안 기술은 종류가 제한적이고 플랫폼 제공자에 의존적인 것으로 알려져 있다. 본 논문은 가상화 환경의 안전한 데이터 공유를 위한 다중 인스턴스간 상호인증 기법에 대해 제안한다. 제안하는 기법은 다중 인스턴스 간에 독립적인 상호인증을 고려하여 보안 구조를 설계하고 키 체인 기법을 적용하여 데이터 공유에 보안 프로토콜의 안전성을 강화 시켰다. 성능분석 결과 기존 보안 구조와는 다른 방식의 안전한 가상화 인스턴스 세션을 생성하고, 상호인증 과정의 각 인스턴스에 대한 효율성이 우수 하다는 것을 확인하였다.

Recent cloud, big data, there is a problem for the architectural security vulnerability to the server platforms of various fields such as artificial intelligence occurs consistently, but using the virtualization technology. In addition, most secure virtualization technology is known to be dependent on the type is limited and the platform provider. This paper presents a method for mutual authentication for secure data between multiple instances of a shared virtualized environment. The proposed method was designing a security architecture in consideration of the mutual authentication between multiple independent instances, and enhance the safety of a security protocol for sharing data by applying a key chain techniques. Performance analysis results and the existing security architecture demonstrated that protect each virtualized instances of the session and the other way, a compliance effectiveness for each instance of the mutual authentication process.

키워드

참고문헌

  1. Lee Jung, "Google I / O 2016 Showed the Future Strategy On-device with a Variety of Public Services based on Artificial Intelligence Platform", Eugene Investiment & Securities, Global IT Monthy No. 25, 2016.
  2. Kim Deulpeul, "2015 World ICT Industry Main Issues and Forecast", Telecommunications Union, iNSIGHT Global Trend, 2015.
  3. Choi Dohyeon, "A Multi Session User Authentication Methods for Secure Virtualization Layer in the Big Data Environments", Soongsil University, 2016.
  4. Jo Yujin, Lee Jaeduk, Lee Minwoo, "Domestic and Foreign Policy, and Cloud Industry Trends", Telecommunications Technology Association, Special Report Special Theme Cloud Computing, 2016.
  5. Kim Hwanguk, Cho Hwa, Sin Youngsang, "Secure Cloud Environment for Virtualization Security Issues and Technology Trends", Korea Information and Communications Magzine Vol. 32, No. 10, pp. 49-57, 2015.
  6. Kang Jangmook, Song Youjin, "A Study on Structural Holes of Privacy Protection for Life Logging Service as analyzing/processing of Big-Data", The Journal of Institute of Internet, Broadcasting and Communication(JIIBC), Vol. 14 No. 1, pp. 189-193, 2014. https://doi.org/10.7236/JIIBC.2014.14.1.189
  7. Im Seokjin, Hwang heejoung, "Design and Development of Framework for Health Data Relay based on OAuth2 in Cloud Environment", The Journal of Institute of Internet, Broadcasting and Communication, Vol. 15, No. 4, pp. 153-159, 2015. https://doi.org/10.7236/JIIBC.2015.15.4.153
  8. GARFINKEL, M Rosenblum, "A Virtual Machine Introspection Based Architecture for Intrusion Detection", In: NDSS, Vol. 3, pp. 191-206, 2003.
  9. TrendMicro, "Agentless Security for VMware Virtual Data Centers and Cloud", Trend Micro Security, 2012.
  10. Jung Hyunjun, "Trends and Major Issues of Virtualization Technology(II)", Korea Information Society Development Insitute - Insitute of Convergence Science Vol. 25, No. 5, Serial No. 55, 2013.
  11. Sin Youngsang, "Hypervisor-based Security for Cloud Computing Enviroments", Korea Internet & Security Agency - Korea Internet Conference 2012, 2012.
  12. Um Jungho, Kim Taehong, Lee Seungwoo, Jung Changwoo, Jung Hanmin, "Next-Generation Distributed System in Real Time Big Data Trends - Focusing on Spark and Storm", Insitute for Information & Communications Tecnology Promotion Weekly Tecnology Trends, 2014.
  13. Sin Junhee, "Introduction to Open Source Technology Infrastructure for the Cloud Environment", RockPLACE OpenSourcePlace, 2014.
  14. Chung Haejin, Nah Yunmook, "Effects of Hypervisor on Distributed Big Data Processing in Virtualizated Cluster Environment", KIISE Transactions on Computing Practices, Vol. 22, No. 2, pp. 89-94, 2016. https://doi.org/10.5626/KTCP.2016.22.2.89
  15. Thorsten von Eicken, "Docker vs. VMs? Combining Both for Cloud Portability Nirvana", RightScale, 2014.