• Journal of the Korea Society for Simulation
• /
• v.24 no.4
• /
• pp.11-21
• /
• 2015

If the cloud computing environment is not sufficiently provide the required resources due to the number of virtual server to process the request, may cause a problem that the load applied to the specific server. Migration administrator receive the resources of each physical server for improving the efficiency of the virtual server that exists in the physical servers, and determines the migration destination based on the simulation results. But, there is more overhead predicting the future resource consumption of all the physical server to decide the migration destination through the simulation process in large and complex cloud computing environments. To solve this problem, we propose an improved prediction method with the simulation-based approach. The proposed method is a fuzzy-logic based priority model for VM migration. We design a proposed model with the DEVS formalism. And we also measure and compare a performance and migration count with existing simulation-based migration method. FPLM shows high utilization.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.10
• /
• pp.429-436
• /
• 2017

There is a growing tendency to outsource sensitive or important data in cloud computing recently. However, it is very important to protect the privacy of outsourced data. So far, a variety of secure and efficient multi-keyword search schemes have been proposed in cloud computing environment composed of a single data owner and multiple data users. Zhang et. al recently proposed a search protocol based on multi-keyword in cloud computing composed of multiple data owners and data users but their protocol has two problems. One is that the cloud server can illegally infer the relevance between data files by going through the keyword index and user's trapdoor, and the other is that the response for the user's request is delayed because the cloud server has to execute complicated operations as many times as the size of the keyword index. In this paper, we propose an improved multi-keyword based search protocol which protects the privacy of outsourced data under the assumption that the cloud server is completely unreliable. And our experiments show that the proposed protocol is more secure in terms of relevance inference between the data files and has higher efficiency in terms of processing time than Zhang's one.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.12
• /
• pp.543-548
• /
• 2015

Recently top-k query processing has been extremely important along with the explosion of data produced by a variety of applications. Top-k queries return the best k results ordered by a user-provided monotone scoring function. As cloud computing service has been getting more popular than ever, a hot attention has been paid to cloud-based data outsourcing in which clients' data are stored and managed by the cloud. The cloud-based data outsourcing, though, exposes a critical secuity concern of sensitive data, resulting in the misuse of unauthorized users. Hence it is essential to encrypt sensitive data before outsourcing the data to the cloud. However, there has been little attention to efficient top-k processing on the encrypted cloud data. In this paper we propose a novel top-k processing algorithm that can efficiently process a large amount of encrypted data in the cloud. The main idea of the algorithm is to prune unpromising intermediate results at the early phase without decrypting the encrypted data by leveraging an order-preserving encrypted technique. Experiment results show that the proposed top-k processing algorithm significantly reduces the overhead of client systems from 10X to 10000X.

• Journal of KIISE
• /
• v.42 no.5
• /
• pp.591-600
• /
• 2015

SLA (Service Level Agreement) is an essential factor that must be guaranteed to provide a reliable and consistent service to user in cloud computing environment. Especially, a contract between user and service provider with SLA is important in an environment using a cloud service brokerage. The cloud computing is classified into IaaS, PaaS, and SaaS according to IT resources of the various cloud service. The existing SLA is difficult to reflect the quality factors of service, because it only considers factors about the physical Network environment and have no methodological approach. In this paper, we suggested a method to specify the quality characteristics of software and proposed a mechanism and structure that can exchange SLA specification between the service provider and consumer. We defined a meta-model for the SLA specification in the SaaS level, and quality requirements of the SaaS were described by the proposed specification language. Through case studies, we verified proposed specification language that can present a variety of software quality factors. By using the UDDI-based mediation process and architecture to interchange this specification, it is stored in the repository of quality specifications and exchanged during service binding time.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.9
• /
• pp.12-20
• /
• 2016

With the enhancements in existing major industries, cloud computing-based converging services have been created, as well as value-added industries. A variety of converging services are now provided, from personalized services up to industrial services. In Korea, they have become the driving force behind existing industries throughout the whole economy, but mainly in finance, mobile systems, social computing, and home services, based on cloud services. However, not only denial of service (DOS) and distributed DOS (DDOS) attacks have occurred, but also attack techniques targeting core data in storage servers. Even security threats that are hardly detected, such as multiple attacks on a certain target, APT, and backdoor penetration have also occurred. To supplement defenses against these, in this article, a protocol for authority management is designed to provide users with safe storage services. This protocol was studied in cases of integration between a cloud environment and big data-based technology, security threats, and their requirements. Also studied were amalgamation examples and their requirements in technology-based cloud environments and big data. With the protocol suggested, based on this, security was analyzed for attack techniques that occur in the existing cloud environment, as well as big data-based techniques, in order to find improvements in session key development of approximately 55%.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.9
• /
• pp.305-316
• /
• 2022

With the flood of digital data owing to the Internet of Things and big data, cloud service providers that process and store vast amount of data from multiple users can apply duplicate data elimination technique for efficient data management. The user experience can be improved as the notion of edge computing paradigm is introduced as an extension of the cloud computing to improve problems such as network congestion to a central cloud server and reduced computational efficiency. However, the addition of a new edge device that is not entirely reliable in the edge computing may cause increase in the computational complexity for additional cryptographic operations to preserve data privacy in duplicate identification and elimination process. In this paper, we propose an efficiency-improved duplicate data elimination protocol while preserving data privacy with an optimized user-edge-cloud communication framework by utilizing a trusted execution environment. Direct sharing of secret information between the user and the central cloud server can minimize the computational complexity in edge devices and enables the use of efficient encryption algorithms at the side of cloud service providers. Users also improve the user experience by offloading data to edge devices, enabling duplicate elimination and independent activity. Through experiments, efficiency of the proposed scheme has been analyzed such as up to 78x improvements in computation during data outsourcing process compared to the previous study which does not exploit trusted execution environment in edge computing architecture.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.2
• /
• pp.868-877
• /
• 2013

This paper will provide the cloud service based on PaaS that can enhance reusability of development in the cloud computing environment. The cloud service based on PaaS is the cloud service of platform in the side of development, which provide the reusable framework service that is beyond the existing development tool or management tool service. This reusable framework service will be enhanced reusability using a variety of distributed services.

• Annual Conference of KIPS
• /
• 2012.11a
• /
• pp.1418-1420
• /
• 2012

클라우드 서비스는 네트워크 환경을 통해 사용자가 원하는 서비스를 장소에 구애받지 않고 수행될 수 있도록 지원하는 소프트웨어 응용의 일종이다. 이와 같은 클라우드 서비스의 개발과정에 서비스가 정확하게 실행된다는 것을 확인하는 것은 매우 중요하다. 그러나 신규 서비스 또는 새로운 패러다임의 클라우드 서비스를 개발하는 과정에서는 사용자 단말에서 서버까지 사용자가 원하는 서비스가 정확히 실행되는 가를 확인하는 것은 어려운 일이다. 왜냐하면 서비스 실행을 위해 다양한 경로에 존재할 수 있는 소프트웨어 컴포넌트가 올바르게 동작할 수 있는 가를 확인할 수 있어야 하기 때문이다. 본 연구에서는 이와 같이 클라우드 서비스의 개발과정에서 서비스 실행을 위한 경로 상에 존재하는 컴포넌트를 고려하는 시나리오 기반의 테스트 케이스 생성 기법을 제안한다.

• Annual Conference of KIPS
• /
• 2012.11a
• /
• pp.1080-1083
• /
• 2012

최근 많은 스마트 디바이스의 보급으로 언제 어디서든지 모바일 네트워크를 통해 인터넷을 사용할 수 있게 되었으며, 단말이 가지는 자원 및 컴퓨팅 파워의 한계에 따라 모바일 클라우드 서비스에 대한 관심이 폭발적으로 증가하고 있다. 하지만 모바일 클라우드 서비스는 그 환경에 따라 사용자 단말에서 나타나는 보안위협과 클라우드 환경에서의 보안위협이 복합적으로 나타나게 된다. 모바일 클라우드 환경에서의 보안위협 중 사용자 단말 영역에서의 키로깅 공격으로부터 사용자 입력정보를 보호하기 위한 기존의 가상키보드를 비교 분석하였다. 본 논문에서는 기존에 사용되고 있는 가상키보드의 확률적 분석을 통한 키 유추 가능성을 보완하기 위해 보안성이 강화된 새로운 형태의 가상키보드를 제안한다.

• Annual Conference of KIPS
• /
• 2011.11a
• /
• pp.501-503
• /
• 2011

인터넷이 보편화되고 확산됨에 따라 클라우드 서비스가 급속히 확산되고 있다. SLA 란 서비스 제공자와 고객 간의 협약으로 서비스 제공자가 서비스 품질을 보증하기 위한 방법이다. 클라우드 컴퓨팅 환경에서의 SLA는 IT 서비스 제공자 입장에서 서비스 품질에 대한 고객만족도를 높이고 경쟁 사업자와의 차별화가 필요하므로 SLA를 통한 QoS 보장은 매우 중요한 요소이다. 그러나 클라우드 환경에서의 SLA에 대한 연구는 아직 초기 단계에 머물고 있다. 본 논문에서는 클라우드 서비스를 위한 SLA 관리 지표를 정의하고 이를 이용하여 QoS를 보장하는 SLA 관리 시스템을 설계하였다.