• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.55-65
• /
• 2011

Recently, use of cloud computing service is dramatically increasing due to wired and wireless communications network diffusion in a field of high performance Internet technique. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. In a view of digital forensic investigation, it is difficult to obtain data from cloud computing service environments. therefore, this paper suggests analysis method of AWS(Amazon Web Service) and Rackspace which take most part in cloud computing service where IaaS formats presented for data acquisition in order to get an evidence.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.201-209
• /
• 2021

The term, eGovernmen or e-Government, uses technology communications devices such as computers and the Internet to provide public services to citizens and others. The eGovernment or e-government provides citizens with new opportunities to access the government directly and conveniently, while the government provides citizens with directservices. Also, in these days, cloud computing is a feature that enables users to use computer system resources, especially data storage (cloud storage) and on-demand computing power, without having to manage themselves. The term is commonly used to describe data centers that are available to many users over the Internet. Today, the dominant Big Cloud is distributed across multiple central servers. You can designate it as an Edge server if it is relatively close to the user. However, despite the prevalence of e-government and cloud computing, each of these concepts has evolved. Research attempts to combine these two concepts were not being made properly. For this reason, in this work, we aim to produce independent and objective analysis results by separating progress steps for the analysis of e-government cloud service platforms. This work will be done through an analysis of the development process and architectural composition of the e-government development standard framework and the cloud platform PaaS-TA. In addition, this study is expected to derive implications from an analysis perspective on the direction and service composition of the e-government cloud service platform currently being pursued.

• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.25-30
• /
• 2021

Due to the current COVID-19 pandemic, companies and institutions are introducing virtual desktop technology, one of the logical network separation technologies, to establish a safe working environment in a situation where remote work is provided. With the introduction of virtual desktop technology, companies and institutions can operate the network separation environment more safely and effectively, and can access the business network quickly and safely to increase work efficiency and productivity. However, when introducing virtual desktop technology, there is a cost problem of high-spec server, storage, and license, and it is necessary to supplement in terms of operation and management. As a countermeasure to this, companies and institutions are shifting to cloud computing-based technology, virtual desktop service (DaaS, Desktop as a Service). However, in the virtual desktop service, which is a cloud computing-based technology, the shared responsibility model is responsible for user access control and data security. In this paper, based on the shared responsibility model in the virtual desktop service environment, we propose a cloud-based hardware security module (Cloud HSM) and edge-DRM proxy as an improvement method for user access control and data security.

• Journal of Korean Library and Information Science Society
• /
• v.47 no.1
• /
• pp.149-173
• /
• 2016

As cloud computing becomes more and more popular and ubiquitous, many organizations are deciding to move their whole information infrastructure to the cloud. The healthcare industry is one of those that is beginning to utilize cloud-based solutions en masse. Cloud based computing and storage offers numerous benefits including scalability, cost efficiency, and accessibility, which in turn have the potential to streamline hospital operations. Despite the potential benefits of acquiring this system, considerations must still be given to the migration of the massive amounts of personal and highly protected data to a cloud-based solution. Health care organizations must consider all matters of security, reliability, and availability, to ensure that patients' data remains compliant to the Health Insurance Portability and Accountability Act (HIPAA) compliant. This paper will examine the benefits and challenges of such operation to determine the best practices for the utilization of Electronic Medical Record (EMR) cloud based networking and storage for small to mid-sized hospitals.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.9
• /
• pp.12-20
• /
• 2016

With the enhancements in existing major industries, cloud computing-based converging services have been created, as well as value-added industries. A variety of converging services are now provided, from personalized services up to industrial services. In Korea, they have become the driving force behind existing industries throughout the whole economy, but mainly in finance, mobile systems, social computing, and home services, based on cloud services. However, not only denial of service (DOS) and distributed DOS (DDOS) attacks have occurred, but also attack techniques targeting core data in storage servers. Even security threats that are hardly detected, such as multiple attacks on a certain target, APT, and backdoor penetration have also occurred. To supplement defenses against these, in this article, a protocol for authority management is designed to provide users with safe storage services. This protocol was studied in cases of integration between a cloud environment and big data-based technology, security threats, and their requirements. Also studied were amalgamation examples and their requirements in technology-based cloud environments and big data. With the protocol suggested, based on this, security was analyzed for attack techniques that occur in the existing cloud environment, as well as big data-based techniques, in order to find improvements in session key development of approximately 55%.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.565-586
• /
• 2022

Cloud storage's elastic expansibility not only provides flexible services for data owners to store their data remotely, but also reduces storage operation and management costs of their data sharing. The data outsourced remotely in the storage space of cloud service provider also brings data security concerns about data integrity. Data integrity verification has become an important technology for detecting the integrity of remote shared data. However, users without data access rights to verify the data integrity will cause unnecessary overhead to data owner and cloud service provider. Especially malicious users who constantly launch data integrity verification will greatly waste service resources. Since data owner is a consumer purchasing cloud services, he needs to bear both the cost of data storage and that of data verification. This paper proposes a verification control algorithm in data integrity verification for remotely outsourced data. It designs an attribute-based encryption verification control algorithm for multiple verifiers. Moreover, data owner and cloud service provider construct a common access structure together and generate a verification sentinel to verify the authority of verifiers according to the access structure. Finally, since cloud service provider cannot know the access structure and the sentry generation operation, it can only authenticate verifiers with satisfying access policy to verify the data integrity for the corresponding outsourced data. Theoretical analysis and experimental results show that the proposed algorithm achieves fine-grained access control to multiple verifiers for the data integrity verification.

• Journal of the Korea Society for Simulation
• /
• v.24 no.3
• /
• pp.77-87
• /
• 2015

Defense M&S (Modeling & Simulation) is utilized as a realistic method to analyze MOE (Measure of Effectiveness) of weapon systems by modeling weapons and their operational environment on the computer, and simulating them under various war scenarios. As weapon systems become complex in their structure and dynamics, model engineering are experiencing difficulties to construct simulation models on a computer. A model repository helps model developers to save model development time and cost by systematically storing predefined and already validated models. However, most repositories for Defense M&Shave not been successful partly due to limited accessability, vulnerability to security threats, and low level of dependability. In this paper, we propose W-Cloud (Weapon Cloud), a cloud model repository for reusing predefined weapon models. Clients can access W-Cloud on any platforms and various devices, yet security and confidentiality concerns are guaranteed by employing multi-tier information protection mechanism.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2429-2449
• /
• 2018

Dynamic data possession verification is a common requirement in cloud storage systems. After the client outsources its data to the cloud, it needs to not only check the integrity of its data but also verify whether the update is executed correctly. Previous researches have proposed various schemes based on Merkle Hash Tree (MHT) and implemented some initial improvements to prevent the tree imbalance. This paper tries to take one step further: Is there still any problems remained for optimization? In this paper, we study how to raise the efficiency of data dynamics by improving the parts of query and rebalancing, using a new data structure called Rank-Based Merkle AVL Tree (RB-MAT). Furthermore, we fill the gap of verifying multiple update operations at the same time, which is the novel batch updating scheme. The experimental results show that our efficient scheme has better efficiency than those of existing methods.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.89-100
• /
• 2022

With the advancement in the Internet of things Technology (IoT) cloud computing, billions of physical devices have been interconnected for sharing and collecting data in different applications. Despite many advancements, some latency - specific application in the real world is not feasible due to existing constraints of IoT devices and distance between cloud and IoT devices. In order to address issues of latency sensitive applications, fog computing has been developed that involves the availability of computing and storage resources at the edge of the network near the IoT devices. However, fog computing suffers from many limitations such as heterogeneity, storage capabilities, processing capability, memory limitations etc. Therefore, it requires an adequate task scheduling method for utilizing computing resources optimally at the fog layer. This work presents a comprehensive review of different task scheduling methods in fog computing. It analyses different task scheduling methods developed for a fog computing environment in multiple dimensions and compares them to highlight the advantages and disadvantages of methods. Finally, it presents promising research directions for fellow researchers in the fog computing environment.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.01a
• /
• pp.195-196
• /
• 2020

본 논문에서는 클라우드 저장소의 민감한 데이터를 보호하기 위해 제시된 암호화 알고리즘을 이용하여 텍스트 데이터를 암호화하고 처리 속도에 대한 성능을 측정하여 기존의 방식과 비교·분석하였다. 클라우드 데이터는 사용자 로그인 정보 탈취나 SSL Strip 공격에 취약하기 때문에 이러한 보안 사고의 피해를 최소화하기 위해 데이터 암호화를 통한 데이터의 보안이 요구된다. 본 논문에서는 클라우드 전송을 위해 구글 드라이브 API를 연동했으며, 암호화 알고리즘을 텍스트에 적용하기 위해 Python 언어를 이용하여 데이터를 암호화하고 구글 드라이브에 전송하는 테스트 프로그램을 제작하여 프로젝트를 진행하였다.