• Journal of Information Technology Applications and Management
• /
• 제27권6호
• /
• pp.89-99
• /
• 2020

Cloud computing is rapidly increasing for achieving comfortable computing. Cloud computing has essentially security vulnerability of software and hardware. For achieving secure cloud computing, the vulnerabilities of cloud computing could be analyzed in a various and systematic approach from perspective of the service designer, service operator, the designer of cloud security and certifiers of cloud systems. The paper investigates the vulnerabilities and security controls from the perspective of administration, and systems. For achieving the secure operation of cloud computing, this paper analyzes technological security vulnerability, operational weakness and the security issues in an enterprise. Based on analysis, the paper suggests secure establishments for cloud computing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권1호
• /
• pp.18-37
• /
• 2016

Cloud computing is an upcoming technology and emerging concept in the field of information technologies. Companies have begun to invest in cloud computing with the expectation that it will improve their business performances, operations, and processes. However, many companies are not so much aware of the cloud computing, so they can hesitate to adopt this new technology. The aims of the study are analyzing factors affecting the adoption of cloud computing and applying structural equation modeling technique to analyze the important dimensions of the adoption. Concordantly, previous studies are examined and expert interviews are arranged. Based on both our literature review and expert interviews, a model is proposed to measure the adoption of cloud computing. It is obvious that there are scarce researches about cloud computing adoption in the literature. Thus, the originality of the paper lies on that it proposes a research model for cloud computing adoption and it investigates various dimensions of cloud computing adoption in detail.

• Journal of Information Processing Systems
• /
• 제15권5호
• /
• pp.1192-1200
• /
• 2019

Recently, artificial intelligence techniques have been widely used in the computer science field, such as the Internet of Things, big data, cloud computing, and mobile computing. In particular, resource management is of utmost importance for maintaining the quality of services, service-level agreements, and the availability of the system. In this paper, we review and analyze various ways to meet the requirements of cloud resource management based on artificial intelligence. We divide cloud resource management techniques based on artificial intelligence into three categories: fog computing systems, edge-cloud systems, and intelligent cloud computing systems. The aim of the paper is to propose an intelligent resource management scheme that manages mobile resources by monitoring devices' statuses and predicting their future stability based on one of the artificial intelligence techniques. We explore how our proposed resource management scheme can be extended to various cloud-based systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권3호
• /
• pp.685-703
• /
• 2024

Cloud computing provides each consumer with a large-scale computing tool. Different Cyber Attacks can potentially target cloud computing systems, as most cloud computing systems offer services to many people who are not known to be trustworthy. Therefore, to protect that Virtual Machine from threats, a cloud computing system must incorporate some security monitoring framework. There is a tradeoff between the security level of the security system and the performance of the system in this scenario. If strong security is needed, then the service of stronger security using more rules or patterns is provided, since it needs much more computing resources. A new way of security system is introduced in this work in cloud environments to the VM on account of resources allocated to customers are ease. The main spike of Fog computing is part of the cloud server's work in the ongoing study tells the step-by-step cloud server to change the tremendous measurement of information because the endeavor apps are relocated to the cloud to keep the framework cost. The cloud server is devouring and changing a huge measure of information step by step to reduce complications. The Medical Data Health-Care (MDHC) records are stored in Cloud datacenters and Fog layer based on the guard intensity and the key is provoked for ingress the file. The monitoring center sustains the Activity Log, Risk Table, and Health Records. Cloud computing and Fog computing were combined in this paper to review data movement and safe information about MDHC.

• 한국정보시스템학회지:정보시스템연구
• /
• 제25권4호
• /
• pp.37-61
• /
• 2016

Purpose This study examines firms at various industries to identify key organizational characteristics that positively drive the evaluation of cloud computing. In addition, this study tests the impact of one's evaluation has on the adoption and integration of cloud computing within their respective firm. Design/methodology/approach A total of 172 responses from various firms currently using cloud computing service were analyzed using the structural equation modeling(SEM). Findings Results show that organizational Needs(Mobility and Job Relevance), Perceived Factors(Relative Advantages and Cost Savings), and Organizational Readiness(Technical Knowledge, Financial Supports, and Managerial Supports) have a significant impact on cloud computing evaluation; and evaluation influences its adoption, and integration. However, two variables(IT Performance Gaps and Compatibility) have no significant impact on cloud computing evaluation. Finally, Evolutional Leadership has a significant moderating effect within the relationship among variables in the process of cloud computing implementation.

• Journal of Information Processing Systems
• /
• 제12권2호
• /
• pp.226-233
• /
• 2016

Cloud computing is a distributed computing model that has lot of drawbacks and faces difficulties. Many new innovative and emerging techniques take advantage of its features. In this paper, we explore the security threats to and Risk Assessments for cloud computing, attack mitigation frameworks, and the risk-based dynamic access control for cloud computing. Common security threats to cloud computing have been explored and these threats are addressed through acceptable measures via governance and effective risk management using a tailored Security Risk Approach. Most existing Threat and Risk Assessment (TRA) schemes for cloud services use a converse thinking approach to develop theoretical solutions for minimizing the risk of security breaches at a minimal cost. In our study, we propose an improved Attack-Defense Tree mechanism designated as iADTree, for solving the TRA problem in cloud computing environments.

• Journal of Platform Technology
• /
• 제9권2호
• /
• pp.10-25
• /
• 2021

정보보안에 있어서 온-프레미스의 환경에서 위험분석평가에 대한 많은 연구가 진행되었지만, 클라우드컴퓨팅 시스템에 대한 위험분석평가의 효과적인 방법론에 대한 연구는 많이 부족한 실정이다. 2015년 클라우드컴퓨팅 발전법이 제정되어 클라우드컴퓨팅 도입 촉진 계기가 되었다, 그러나 클라우드컴퓨팅 시스템의 보안사고 증가 등의 이유로 활성화가 미진한 상황이다. 또한, 클라우드컴퓨팅 시스템을 도입하려는 관련 담당자의 클라우드컴퓨팅 시스템 기술 이해의 어려움 때문에 적극적으로 도입이 이루어지고 있지 않은 상황이다. 이에 관하여 이 연구는 클라우드컴퓨팅 시스템이 가진 특성과 개념, 그리고 모델을 살펴보고 이러한 특성이 위험분석평가에 어떻게 영향을 미치는지를 분석하여 효과적인 위험분석평가 방법을 제시하였다.

• Asia pacific journal of information systems
• /
• 제24권4호
• /
• pp.473-491
• /
• 2014

There is a growing interest for 'Cloud computing' to cut costs, and help the users focus on their core business instead of being impeded by IT obstacles. As it became IT version 3.0 which represents the era of cloud services and the dominance of a new kind of IT service provider, cloud service providers (CSPs)' role is more critical as a trusted IT advisor to include cloud migration and integration expertise. However, previous literatures related to cloud computing service have mainly analyzed from customers, although it is hard for customers to totally understand the complex and diverse cloud ecosystem. Therefore, it is an urgent task to mitigate the inhibitory factors in providing the cloud services for activating cloud industry. This study, an exploratory research based on interviews, has derived factors of promoting and hindering the activation of cloud computing from the provider's perspective, and has analyzed a sequence of cause and effect for each factor. For this, the casual loop diagram was developed to deduce key issues, and propose an alternative. The results of this study are expected to help activate 'Cloud computing' in Korea by minimizing the potential negative effects of activating 'Cloud computing' industry.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권4호
• /
• pp.860-877
• /
• 2013

Cloud computing has become one of the most important technologies for reducing cost and increasing productivity by efficiently using IT resources in various companies. The cloud computing system has mainly been built for private enterprise, but public institutions, such as governments and national institutes, also plans to introduce the system in Korea. Various researches have pointed to security problems as a critical factor to impede the vitalization of cloud computing services, but they only focus on the security threats and their correspondents for addressing the problems. There are no studies that analyze major security issues with regard to introducing the cloud computing system. Accordingly, it is necessary to research the security factors in the cloud computing given to public institutions when adopting cloud computing. This research focuses on the priority of security solutions for the stepwise adoption of cloud computing services in enterprise environments. The cloud computing security area is classified into managerial, physical and technical area in the research, and then derives the detailed factors in each security area. The research derives the influence of security priorities in each area on the importance of security issues according to the identification of workers in private enterprise and public institutions. Ordered probit models are used to analyze the influences and marginal effects of awareness for security importance in each area on the scale of security priority. The results show workers in public institutions regard the technical security as the highest importance, while physical and managerial security are considered as the critical security factors in private enterprise. In addition, the results show workers in public institutions and private enterprise have remarkable differences of awareness for cloud computing security. This research compared the difference in recognition for the security priority in three areas between workers in private enterprise, which use cloud computing services, and workers in public institutions that have never used the services. It contributes to the establishment of strategies, with respect to security, by providing guidelines to enterprise or institutions that want to introduce cloud computing systems.

• 한국컴퓨터정보학회논문지
• /
• 제24권8호
• /
• pp.67-76
• /
• 2019

Along with the diversification of digital content services using wired/wireless networks, the market for the construction of base systems is growing rapidly. Cloud computing services are recognized for a reasonable cost of service and superior system operations. Cloud computing is convenient as far as system construction and maintenance are concerned; however, owing to the security risks associated with the system construction of actual cloud computing service, the ICT(Information and Communications Technologies) market is lacking regardless of its many advantages. In this paper, we conducted an experiment on a cloud computing security enhancement model to strengthen the security aspect of cloud computing and provide convenient services to the users. The objective of this study is to provide secure services for system operation and management while providing convenient services to the users. For secure and convenient cloud computing, a single sign-on (SSO) technique and a system access control technique are proposed. For user authentication using SSO, a security level is established for each user to facilitate the access to the system, thereby designing the system in such a manner that the rights to access resources of the accessed system are not abused. Furthermore, using a user authentication ticket, various systems can be accessed without a reauthorization process. Applying the security technique to protect the entire process of requesting, issuing, and using a ticket against external security threats, the proposed technique facilitates secure cloud computing service.