• Title/Summary/Keyword: Cloud security

Search Result 863, Processing Time 0.034 seconds

The study on a threat countermeasure of mobile cloud services (모바일 클라우드 서비스의 보안위협 대응 방안 연구)

  • Jang, Eun-Young;Kim, Hyung-Jong;Park, Choon-Sik;Kim, Joo-Young;Lee, Jae-Il
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.1
    • /
    • pp.177-186
    • /
    • 2011
  • Mobile services which are applied PC performance and mobile characteristics are increased with spread of the smartphone. Recently, mobile cloud service is getting the spotlight as a solution of mobile service problems that mobile device is lack of memory, computing power and storage and mobile services are subordinate to a particular mobile device platform. However, mobile cloud service has more potential security threats by the threat inheritance of mobile service, wireless network and cloud computing service. Therefore, security threats of mobile cloud service has to be removed in order to deploy secure mobile cloud services and user and manager should be able to respond appropriately in the event of threat. In this paper, We define mobile cloud service threats by threat analysis of mobile device, wireless network and cloud computing and we propose mobile cloud service countermeasures in order to respond mobile cloud service threats and threat scenarios in order to respond and predict to potential mobile cloud service threats.

Cloud System Security Technology Trend

  • Yoon, Jeong-Won;Jang, Beakcheol
    • Journal of the Korea Society of Computer and Information
    • /
    • v.20 no.7
    • /
    • pp.49-56
    • /
    • 2015
  • In this paper, we introduce recent cloud system security technologies categorizing them according to Reliability, Availability, Serviceability, Integrity, and Security (RASIS), terms that evaluate robustness of the computer system. Then we describe examples of security attacks and corresponding security technologies for each of them. We introduce security technologies based on Software Defined Network (SDN) for Reliability, security technologies based on hypervisor and virtualization for Availability, disaster restoration systems for Serviceability, authorization and access control technologies for Integrity, and encryption algorithms for Security. We believe that this paper provide wise view and necessary information for recent cloud system security technologies.

Protection of Personal Information on Cloud Service Models (클라우드 서비스 유형별 개인정보보호 방안)

  • Lee, Bosung;Kim, Beomsoo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.5
    • /
    • pp.1245-1255
    • /
    • 2015
  • As cloud computing services become popular, the concern on the data security of cloud services increases and the efforts for the data security become essential. In this paper, we describe the pros and cons of cloud computing including the definition of cloud. Then, we discuss the regulations about the protection of user data defined in cloud promotion act. Previous studies related to the privacy protection and the entrustment of personal information in cloud computing are reviewed. We examine how to store the personal information depending on the cloud service model. As a result, we argue that the entrustment of personal information should vary according to the cloud service model and we propose how to protect the personal information on IaaS and SaaS cloud service models.

Relative priority evaluation of security attributes in cloud computing using fuzzy AHP (Fuzzy AHP를 적용한 클라우드 컴퓨팅 환경에서 보안 속성의 상대적 중요도 평가)

  • Choi, Cheol-Rim;Song, Young-Jae
    • Journal of Advanced Navigation Technology
    • /
    • v.15 no.6
    • /
    • pp.1098-1103
    • /
    • 2011
  • In spite of many advantages of cloud computing, security concerns are a barrier in users' adopting the cloud service. In this paper, we evaluate relative priorities between security attributes of ISO 7498-2 standards affecting overall security quality in cloud computing. For an objective evaluation, the fuzzy AHP(Analytic hierarchical process) is applied. The evaluation results represented the relative priority with concrete number can be an effective management method to choose and develop the cloud computing service.

A study on the vulnerability of the Cloud computing security (클라우드 컴퓨팅 보안의 취약성에 관한 연구)

  • Jeon, Jeong-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.6
    • /
    • pp.1239-1246
    • /
    • 2013
  • Recently, The cloud computing technology is emerging as an important issue in the world, and In technology and services, has attracted much attention. However, the positive aspects of cloud computing unlike the includes several vulnerabilities. For this reason, the Hacking techniques according to the evolution of a variety of attacks and damages is expected. Therefore, this paper will be analyzed management models through case studies and experiments to the threats and vulnerabilities of the cloud computing. and In the future, this is expected to be utilized as a basis for the security design and performance improvement.

A study on Cloud Security based on Network Virtualization (네트워크 가상화 기반 클라우드 보안 구성에 관한 연구)

  • Sang-Beom Hong;Sung-Cheol Kim;Mi-Hwa Lee
    • Convergence Security Journal
    • /
    • v.23 no.5
    • /
    • pp.21-27
    • /
    • 2023
  • In the cloud computing environment, servers and applications can be set up within minutes, and recovery in case of fail ures has also become easier. Particularly, using virtual servers in the cloud is not only convenient but also cost-effective compared to the traditional approach of setting up physical servers just for temporary services. However, most of the und erlying networks and security systems that serve as the foundation for such servers and applications are primarily hardwa re-based, posing challenges when it comes to implementing cloud virtualization. Even within the cloud, there is a growing need for virtualization-based security and protection measures for elements like networks and security infrastructure. This paper discusses research on enhancing the security of cloud networks using network virtualization technology. I configured a secure network by leveraging virtualization technology, creating virtual servers and networks to provide various security benefits. Link virtualization and router virtualization were implemented to enhance security, utilizing the capabilities of virt ualization technology. The application of virtual firewall functionality to the configured network allowed for the isolation of the network. It is expected that based on these results, there will be a contribution towards overcoming security vulnerabil ities in the virtualized environment and proposing a management strategy for establishing a secure network.

A Study on establishing countermeasures to security threats due to the introduction of information protection system. (정보보호시스템도입에 따른 보안위협요소 대응방안수립에 관한 연구)

  • Kyung, ji-hun;Jung, Sung-Jae;Bae, Yu-Mi;Sung, Kyung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2013.05a
    • /
    • pp.693-696
    • /
    • 2013
  • Information protection system (Information protection system)-based IT environment built popularity in public agencies and businesses take advantage of the resources for the integration of the information system one essential environment began to recognize, cloud systems (Cloud System), cloud security (Cloud Security), big data (Big Data), big data security (Big Data Security), industrial security (Security Industry), as well as the issue. Due to the influence of these information protection system (Information protection system) in response to my external security threats based on the analysis plan. In this paper, data protection systems (Information protection system), resulting in the introduction, there are a number of security threats and particularly industrial security aspects and internal and external security threats in response by lighting about aspects of the plan is based on knowledge.

  • PDF

A Comparison Study between Cloud Service Assessment Programs and ISO/IEC 27001:2013 (클라우드 서비스 평가 프로그램과 ISO/IEC 27001:2013의 비교 연구)

  • Choi, Ju-Young;Choi, Eun-Jung;Kim, Myuhng-Joo
    • Journal of Digital Convergence
    • /
    • v.12 no.1
    • /
    • pp.405-414
    • /
    • 2014
  • It is very important to IT users that the Cloud service provides dynamic extension of IT resources and cost-saving. However, the reliability for Cloud service hinders utilizing Cloud service actively. Existing studies on assessment program for Cloud Service are executed by extracting information security assessment articles and adding features of cloud services by referencing ISO/IEC 27001:2005. This paper will review the recently released ISO/IEC 27001:2013 for the addition, reduction, and changing of articles for Controls and Control objectives. Comparative analysis for the Controls of ISO/IEC 27001:2013 with those of CSA CCMv.3, FedRAMP which is an assessment program for Cloud service will suggest Control Objects of Information Security Management System for related Cloud service. The suggestion of Controls will be an important reference index for the security policy of companies which manage the information security management system based on Cloud service.

Security Threats in the Mobile Cloud Service Environment (모바일 클라우드 서비스 환경에서의 보안위협에 관한 연구)

  • Han, Jung-Soo
    • Journal of Digital Convergence
    • /
    • v.12 no.5
    • /
    • pp.263-269
    • /
    • 2014
  • Mobile Cloud Service will provide cloud services through mobile devices. Because storage space constraints and computing process performance limitations of mobile devices, this service will process in the cloud environment after moving works and data that have to process in mobile terminal. The obstacles of mobile cloud service activity will have concerned high about the reliability service, data security, and the confidentiality security. In particular, in convergence of mobile services and cloud services, each threats are expected to be generated complicatedly. In this paper, we define the type of mobile cloud services as well as security threats that can occur in mobile cloud. Also we suggest security countermeasures in mobile app. and enterprises countermeasures. We suggest verification of mobile applications for user information protection about security countermeasures in mobile app. Also we describe the cloud providers responsibility and user responsibility about enterprises countermeasures.

Deep Learning Based Security Model for Cloud based Task Scheduling

  • Devi, Karuppiah;Paulraj, D.;Muthusenthil, Balasubramanian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.9
    • /
    • pp.3663-3679
    • /
    • 2020
  • Scheduling plays a dynamic role in cloud computing in generating as well as in efficient distribution of the resources of each task. The principle goal of scheduling is to limit resource starvation and to guarantee fairness among the parties using the resources. The demand for resources fluctuates dynamically hence the prearranging of resources is a challenging task. Many task-scheduling approaches have been used in the cloud-computing environment. Security in cloud computing environment is one of the core issue in distributed computing. We have designed a deep learning-based security model for scheduling tasks in cloud computing and it has been implemented using CloudSim 3.0 simulator written in Java and verification of the results from different perspectives, such as response time with and without security factors, makespan, cost, CPU utilization, I/O utilization, Memory utilization, and execution time is compared with Round Robin (RR) and Waited Round Robin (WRR) algorithms.