• 융합보안논문지
• /
• 제15권5호
• /
• pp.9-15
• /
• 2015

클라우드 컴퓨팅은 서버의 추가 구축에 대한 비용절감, 데이터 스토리지 확대에 대한 비용 절감, 컴퓨터 자원에 대한 공유, 새로운 기술의 적용에 대한 편의성 등의 장점을 가지고 있다. 그러나 서비스 모델의 다양성으로 인하여 새로운 보안의 우려사항이 높아지고 있어, 이용자가 서비스의 안정성을 신뢰할 수 있도록 인증제도가 운영되고 있다. 이에 본 논문에서는 인증제도의 신뢰성을 확보하기 위해 기존 IT환경에서 적용되던 위험 분석 방법과 달리 공공 IaaS(Infrastructure as a Service) 클라우드 서비스 특징을 고려, 새로운 위험분석 방법을 제안한다.

• 한국산업정보학회논문지
• /
• 제22권1호
• /
• pp.105-116
• /
• 2017

본 연구에서는 콜라우드 서비스의 높은 실패율에 대하여, 어떠한 위험이 존재하는지 살펴보고, 이러한 위험을 제거하기 위한 실물 옵션, 특히 포기 옵션의 채택에 영향을 끼칠 수 있는 위험의 종류에 대하여 실증 분석을 실시하였다. 특히 개인 차원에서 인식하는 위험의 정도가 포기 옵션의 채택에 어떠한 영향을 끼치는 지에 더하여, 조직 차원의 변수 (CEO의 혁신성, 밴드웨건 효과)가 개인 차원의 효과들을 어떻게 조절하는지에 대하여 실증 분석을 실시한다. 수도권 소재 중소기업의 IT 담당자들을 대상으로 설문조사한 내용을 바탕으로, 기술적 위험과 경제적 위험이 포기 옵션의 채택에 유의한 영향을 끼치며, CEO의 혁신성이 기술적 위험의 효과를 억제하는 조절 효과가 검증되었다. 그러나, 밴드웨건 효과는 개인 차원의 영향을 억제하는 조절 효과는 실증적으로 유의하지 않았다.

• 한국정보시스템학회지:정보시스템연구
• /
• 제23권2호
• /
• pp.109-137
• /
• 2014

As the fast development of information technology (IT), abundant attractive alternatives have showed up and challenged to the traditional information technology (IT). Cloud services, the hottest representative among these alternatives, has attracted the attention from all walks of life. Considering the diversity of cloud services, this study attempts to find out the important factors affected on individual's switching intention from incumbent IT to cloud services mainly based on two-factor theory (switching enablers and switching inhibitors) and explore the direct influences of these factors on individual's switching intention. According to our findings, individual's switching intention to cloud services is not only positively influenced by switching enablers but also negatively influenced by switching inhibitors. All the switching enablers in this study (perceived omnipresence, perceived collaboration support and perceived compatibility of cloud services) have positively significant influences on individual's switching intention as well as the switching inhibitors (usage habit of incumbent IT and perceived risk of cloud services) have negatively significant influences on individual's switching intention. It's noteworthy that satisfaction of incumbent IT has insignificant influence on individual's switching intention in this study. Moreover, as we expected, both social influence and personal innovativeness have significant influences on the generation of individual's switching intention.

• 품질경영학회지
• /
• 제41권3호
• /
• pp.381-394
• /
• 2013

Purpose: Nowadays, Mobile Cloud Storage services are used widely. For sustainable use of this service, we need to determine what factors affect satisfaction. Therefore, the purpose of this study is to identify the factors that influence satisfaction. Methods: To analyze factors that influence satisfaction, this study sets the factors into three dimensions such as service quality, perceived risk, and individual characteristics and analyze the causal relationship between influence factors and satisfaction through Structural Equation Model. Results: The results of this study are as follows; among service quality, user interface and reliability influenced satisfaction, but adaptability did not have any influence. Perceived risk of illegal access had a negative influence on satisfaction, while perceived risk of privacy leakage did not have significant influence on satisfaction in perceived risk. At last, self-efficacy had a significant influence on satisfaction. Conclusion: We identified the influence factors that influence satisfaction. Our findings will be necessary for Mobile Cloud Storage service providers to strengthen their service.

• 정보보호학회논문지
• /
• 제23권6호
• /
• pp.1277-1286
• /
• 2013

탄력성(elasticity), 빠른 적용과 릴리즈, 광대역 네트워크 접속, 다중 접속(multi-tenancy), 활용에 제한이 없는(ubiquity) 유연성 등 클라우드 컴퓨팅의 고유한 속성들은 클라우드를 선택한 기업과 기관에게 획기적인 효율성을 제공하지만 원천적으로 내재된 보안 위협을 제거해야 하는 대책수립이 필요하다. 이를 위해 본 논문에서는 전략적 연계 모델을 참조하여 클라우드 컴퓨팅 정보보호 프레임워크를 제시하였다. 클라우드 컴퓨팅 정보보호 프레임워크는 클라우드 위협, 보안통제 활동, 클라우드 이해관계자를 중심 축으로 합목적성, 책임성, 투명한 책임소재의 벽면으로 구성된다. 중심 축은 클라우드 환경에서 정보보호 활동을 수행하는 주요 목적인 위협 최소화목표와 이해관계자를 지정하고 그들이 해야 할 정보보호 활동을 정의하고 있다. 또한, 3개 벽면은 클라우드 환경에서 정보보호 활동을 수행하기 위한 원칙이며 중심 축 간의 접점에서 7개 서비스 패키지 도출을 위한 방향을 제공한다.

• Geomechanics and Engineering
• /
• 제30권5호
• /
• pp.413-422
• /
• 2022

TBM is widely used in the construction of various underground projects in the current world, and has the unique advantages that cannot be compared with traditional excavation methods. However, due to the high cost of TBM, the damage is even greater when geological disasters such as collapse occur during excavation. At present, there is still a shortage of research on various types of risk prediction of TBM tunnel, and accurate and reliable risk prediction model is an important theoretical basis for timely risk avoidance during construction. In this paper, a prediction model is proposed to evaluate the risk level of tunnel collapse by establishing a reasonable risk index system, using analytic hierarchy process to determine the index weight, and using the normal cloud model theory. At the same time, the traditional analytic hierarchy process is improved and optimized to ensure the objectivity of the weight values of the indicators in the prediction process, and the qualitative indicators are quantified so that they can directly participate in the process of risk prediction calculation. Through the practical engineering application, the feasibility and accuracy of the method are verified, and further optimization can be analyzed and discussed.

• 한국IT서비스학회지
• /
• 제11권1호
• /
• pp.155-171
• /
• 2012

With the continuous and outstanding development of information technology(IT), human being is coming to the new computing era which is called cloud computing. This era brings lots of huge benefits also at the same time release the resources of IT infrastructure and data boom for man. In the future no longer, most of IT service providers, enterprises, organizations and systems will adopt this new computing model. There are three main deployment models in cloud computing including public cloud, private cloud and hybrid cloud; each one also has its own cons and pros. While implementing any kind of cloud services, customers have to choose one of three above deployment models. Thus, our paper aims to represent a practical framework to help the adopter select which one will be the best suitable deployment model for their requirements by evaluating each model comprehensively. The framework is built by applying the analytic hierarchy process(AHP), namely benefit-cost-opportunity-risk(BCOR) model as a powerful and effective tool to serve the problem. The gained results hope not only to provide useful information for the readers but also to contribute valuable knowledge to this new area. In addition, it might support the practitioners' effective decision making process in case they meet the same issue and have a positive influence on the increase of right decision for the organization.

• 디지털산업정보학회논문지
• /
• 제8권4호
• /
• pp.107-113
• /
• 2012

Cloud computing has brought changes to the IT environment. Due to the spread of LTE, users of cloud services are growing more. This which provides IT resources to meet the needs of users of cloud services are noted as a core industry. But it is not activated because of the security of personal data and the safety of the service. In order to solve this, intrusion detection system is constructed as follows. This protects individual data safely which exists in the cloud and also protects information exhaustively from malicious attack. The cause of most attack risk which exists to cloud computing can find in distributed environment. In this study, we analyzed about necessary property of network-based intrusion detection system that process and analyze large amount of data which occur in cloud computing environment. Also, we studied functions which detect and correspond attack occurred in interior of virtualization.

• 한국전자거래학회지
• /
• 제20권4호
• /
• pp.103-126
• /
• 2015

그 동안 한국 공공기관에서 클라우드 컴퓨팅 도입은 그다지 활발하지는 않았다. 그 이유중의 한 가지는 한국은 클라우드 컴퓨팅 도입 이전 이미 세계최고 수준의 전자정부를 구축하였고, 정부에서는 클라우드 컴퓨팅을 주관하는 전담 컨트롤 타워와 이를 추진할 수 있게 하는 법령 제도 등이 없었기 때문이라고 할 수 있다. 그러나 이러한 상황은 2015년 9월 클라우드 법이 시행되어 매우 변화될 것으로 전망된다. 미국의 공공기관 클라우드 도입은 FedRAMP(Federal Risk Assessment and Management Program)에서 주도적으로 추진하고 있는데, 이는 미국의 Cloud First 정책과 연계된다. 미국 연방기관의 클라우드 서비스 도입과 관련하여 미국의회조사국(Congressional Research Service; 이하 CRS)에서는 2015년 1월 연방정부의 클라우드 도입과 관련된 보고서를 출간하였고, 이는 한국의 공공기관 클라우드 도입 정책에 좋은 지침이 될 것으로 판단된다. 본고에서는 (1) 한국의 클라우드 법의 중요한 사안을 분석하고 (2) 최근 미국 연방정부의 클라우드 서비스 도입 현황을 분석하며, (3) 시스템 개발 수명주기(SDLC) 기반의 도입 활성화 전략 프레임워크에 대하여 제안하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권3호
• /
• pp.685-703
• /
• 2024

Cloud computing provides each consumer with a large-scale computing tool. Different Cyber Attacks can potentially target cloud computing systems, as most cloud computing systems offer services to many people who are not known to be trustworthy. Therefore, to protect that Virtual Machine from threats, a cloud computing system must incorporate some security monitoring framework. There is a tradeoff between the security level of the security system and the performance of the system in this scenario. If strong security is needed, then the service of stronger security using more rules or patterns is provided, since it needs much more computing resources. A new way of security system is introduced in this work in cloud environments to the VM on account of resources allocated to customers are ease. The main spike of Fog computing is part of the cloud server's work in the ongoing study tells the step-by-step cloud server to change the tremendous measurement of information because the endeavor apps are relocated to the cloud to keep the framework cost. The cloud server is devouring and changing a huge measure of information step by step to reduce complications. The Medical Data Health-Care (MDHC) records are stored in Cloud datacenters and Fog layer based on the guard intensity and the key is provoked for ingress the file. The monitoring center sustains the Activity Log, Risk Table, and Health Records. Cloud computing and Fog computing were combined in this paper to review data movement and safe information about MDHC.