• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.155-167
• /
• 2012

Cloud computing service is a next generation IT service which has pay-per-use billing model and supports elastically provisioning IT infra according to user demand. However it has many potential threats originating from outsourcing/supporting service structure that customers 'outsource' their own data and provider 'supports' infra, platform, application services, the complexity of applied technology, resource sharing and compliance with a law, etc. In activation of Cloud service, we need objective assessment standard to ensure safety and reliability which is one of the biggest obstacles to adopt cloud service. So far information security management system has been used as a security standard for a security management and IT operation within an organization. As for Cloud computing service it needs new security management and assessment different from those of the existing in-house IT environment. In this paper, to make a Information Security Management System considering cloud characteristics key components from threat management system are drawn and all control domain of existing information security management system as a control components are included. Especially we designed service security management to support service usage in an on-line self service environment and service contract and business status.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.1
• /
• pp.15-23
• /
• 2016

As various IoT devices appear recently, Cloud Services such as DropBox, Amazon S3, Microsoft Azure Storage, etc are widely use for data sharing across the devices. Although, cryptographic algorithms like AES is prevalently used for data security, there is no mechanisms to allow selectively and flexibly use wider spectrum of lightweight cryptographic algorithms such as LEA, SEED, ARIA. With this, IoT devices with lower computation power and limited battery life will suffer from overly expensive workload and cryptographic operations are slower than what is enough. In this paper, we designed and implemented a CloudGate that allows client programs of those cloud services to flexibly select a cryptographic algorithms depending on the required security level. By selectively using LEA lightweight algorithms, we could achieve the cryptographic operations could be maximum 1.8 faster and more efficient than using AES.

• International journal of advanced smart convergence
• /
• v.10 no.2
• /
• pp.53-58
• /
• 2021

In this paper, based on the real estate registration model in the Chinese internet environment, we propose a model for the joint business of banking collateral registration. This is to increase the efficiency and service level of the real estate mortgage registration process. And it can solve the problems that in the process of registering a mortgage loan, difficulty of data sharing between the real estate registration agency and the bank, and ordinary users and bank clerks duplicate unnecessary work. In addition, it realizes joint processing and data sharing of real estate registration work with real estate registration agencies and banks, increases the efficiency and level of government affairs services, and offers an optimized solution to realize a one-stop service for real estate security registration. The results of this study are expected to provide theoretical support for the application and innovation of the Internet environment real estate registration model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.573-586
• /
• 2016

With the adoption of cloud computing, the number of companies that take advantage of cloud computing has increased. Additionally, various of existing service providers have moved their service onto the cloud and provided user with various cloud-based service. The management of user authentication and authorization in cloud-based service technology has become an important issue. This paper introduce a new technique for providing authentication and authorization with other inter-cloud IAM (Identity and Access Management). It is an essential and easy method for data sharing and communication between other cloud users. The proposed system uses the credentials of a user that has already joined an organization who would like to use other cloud services. When users of a cloud provider try to obtain access to the data of another cloud provider, part of credentials from IAM server will be forwarded to the cloud provider. Before the transaction, Access Agreement must be set for granting access to the resource of other Organization. a user can access the resource of other organization based on the control access configuration of the system. Using the above method, we could provide an effective and secure authentication system on the cloud.

• International Journal of Contents
• /
• v.8 no.4
• /
• pp.12-20
• /
• 2012

For a library to be able provide information services and fulfill its function as a knowledge convergence center capable of responding to various information demands, the development of next-generation information systems based on the latest information and communication technology is needed. The development of mobile information services using portable devices such smart phones and tablet PCs and information systems which incorporate the concepts of cloud computing, SaaS (Software as a Service), annotation and Library2.0 is also required. This paper describes a library information system that utilizes collective intelligence and cloud computing. The information system developed for this study adopts the SaaS-based cloud computing service concept to cope with the shift in the mobile service paradigm in libraries and the explosion of electronic data. The strengths of such a conceptual model include the sharing of resources, support of multi-tenants, and the configuration and support of metadata. The user services are provided in the form of software on-demand. To test the performance of the developed system, the efficiency analysis and TTA certification test were conducted. The results of performance tests, It is encouraging that, at least up to 100MB, the job time is approximately linear and with only a moderate overhead of less than one second. The system also passed the level-3 or higher criteria in the certification test, which includes the SaaS maturity, performance and application program functions.

• Journal of Service Research and Studies
• /
• v.2 no.1
• /
• pp.61-68
• /
• 2012

Much technologies building cloud computing environment and supporting sevices on the cloud computing have been developing. Through the environment, accessing new services and sharing knowledge become easy. So far, they have just focused on companies which can support services and people who can use those services. In other words, the environment and models for cloud computing are the most important issue. However, the environment changes rapidly, mobile devices that are connected with each other not only will replace the computing environment based on desktop, but also can create Big data. Therefore, technologies and models are need to follow the trend including mobile based cloud computing environment. In this paper, we explain the cloud computing technologies and trend. Also we address Machine to Machine(M2M) technology and Web of things(WoT) in order to apply those into the cloud computing environment because these two concepts will enhance effectiveness and service reusability in the coming days.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.9
• /
• pp.305-316
• /
• 2022

With the flood of digital data owing to the Internet of Things and big data, cloud service providers that process and store vast amount of data from multiple users can apply duplicate data elimination technique for efficient data management. The user experience can be improved as the notion of edge computing paradigm is introduced as an extension of the cloud computing to improve problems such as network congestion to a central cloud server and reduced computational efficiency. However, the addition of a new edge device that is not entirely reliable in the edge computing may cause increase in the computational complexity for additional cryptographic operations to preserve data privacy in duplicate identification and elimination process. In this paper, we propose an efficiency-improved duplicate data elimination protocol while preserving data privacy with an optimized user-edge-cloud communication framework by utilizing a trusted execution environment. Direct sharing of secret information between the user and the central cloud server can minimize the computational complexity in edge devices and enables the use of efficient encryption algorithms at the side of cloud service providers. Users also improve the user experience by offloading data to edge devices, enabling duplicate elimination and independent activity. Through experiments, efficiency of the proposed scheme has been analyzed such as up to 78x improvements in computation during data outsourcing process compared to the previous study which does not exploit trusted execution environment in edge computing architecture.

• Annual Conference of KIPS
• /
• 2016.04a
• /
• pp.762-765
• /
• 2016

사용자는 스마트폰의 대중화로 인해 다양하고 편리한 서비스를 쉽게 제공 받을 수 있다. 위치 정보 서비스를 사용하기 위해 GPS 모듈을 이용하는데 이는 전력 소모가 매우 크다. 다수의 GPS 모듈이 있는 그룹 상황에서 그룹의 헤더를 정하고 헤더의 위치 정보 데이터를 공유하는 방법을 이용하여 전력 소모 문제를 해결한다. 이를 위해 클라우드 기반 GPS 데이터 Sharing 시스템을 제안한다. 사전에 사회 관계 그룹을 등록하고 그룹원들의 위치 정보 데이터를 수신하고 거리/방위각/속도를 기준으로 그룹 상황을 감지한다. 그룹 상황 감지를 위해 Depth First Search(DFS) 알고리즘을 사용한다. 생성된 그룹에서 배터리 잔여량이 제일 많은 그룹원을 헤더로 정한다. 헤더의 배터리 잔여량에 따라 위치 정보 데이터 수집 횟수를 적응적으로 적용한다. 시스템을 적용한다면 그룹 상황에서의 그룹원의 전력 감소 효과와 더불어 대중 교통의 위치 데이터 공공화가 된다면 사용자의 위치 정보 데이터 대신 대중 교통의 데이터를 대신할 수 있고 사회 관계 그룹원들 간의 관계를 수치화 할 수 있을 것이다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1404-1423
• /
• 2015

In smart grid, electricity consumption data may be handed over to a third party for various purposes. While government regulations and industry compliance prevent utility companies from improper or illegal sharing of their customers' electricity consumption data, there are some scenarios where it can be very useful. For example, it allows the consumers' data to be shared among various energy resources so the energy resources are able to analyze the data and adjust their operation to the actual power demand. However, it is crucial to protect sensitive electricity consumption data during the sharing process. In this paper, we propose a fine-grained access control scheme (FAC) with efficient attribute revocation and policy updating in smart grid. Specifically, by introducing the concept of Third-party Auditor (TPA), the proposed FAC achieves efficient attribute revocation. Also, we design an efficient policy updating algorithm by outsourcing the computational task to a cloud server. Moreover, we give security analysis and conduct experiments to demonstrate that the FAC is both secure and efficient compared with existing ABE-based approaches.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.241-243
• /
• 2018

In this paper, in Simultaneous localization and mapping (SLAM), the robot acquire its map of environment while simultaneously localizing itself relative to the map. Cloud based SLAM, allows us to optimizing resource and data sharing like map of the environment, which allows us, as one of shared available online map. Doing so, unless we add or remove significant change in our environment, the essence of rebuilding new environmental map are omitted to new mobile robot added to the environment. As result, the requirement of additional sensor are curtailed.