• Informatization Policy
• /
• v.18 no.1
• /
• pp.24-44
• /
• 2011

The evolution of cloud computing over the past few years is potentially one of the major advances in information technology. However, if cloud computing is to achieve its potential, there needs to be a clear identification and understanding of the various issues involved, both from the perspectives of the providers and the consumers of the technology. While a lot of research is currently taking place in the technology itself, there is an equally urgent need for understanding the business-related issues surrounding cloud computing service. As more and more information on individuals and companies are placed in the cloud service, concerns are beginning to grow about just how safe and reliable an environment it is. For successful implementation of cloud services, it is necessary to establish the certification systems to ensure the safety and reliability of cloud services. This paper provides a safe and reliable framework for cloud service certification systems. In order to develop it, the critical issues related to service quality and certification of cloud services have been identified and the systematic framework for certification systems of cloud services and service provider domains have been developed. An evaluation method for the developed certification systems is also proposed.

• Journal of the Korea Society for Simulation
• /
• v.20 no.1
• /
• pp.1-8
• /
• 2011

Cloud computing emerges as a new paradigm for deploying, managing and offering IT resources as a service anytime, anywhere on any devices. Cloud computing data center stores many IT resources through resource integration. So cloud computing system has to be designed by technology and policy to make effective use of IT resources. In other words, cloud vendor has to provide high quality services to all user and mitigate the dissipation of IT resources. However, vendors need to predict the performance of cloud services and the use of IT resources before releasing cloud service. For solving the problem, this research presents cloud service modeling on network environment and evaluation index for availability optimization of cloud service. We also study how to optimize an amount of requested cloud service and performance of datacenter using CloudSim toolkit.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.155-160
• /
• 2013

The global recession circumstances, cloud computing has emerged as a new paradigm in the business IT sector. This paper explores the analysis of cloud service adoption Intension of Korean firms. Especially, we focus on Infrastructure as a Service (IaaS) among cloud services and apply TAM (Technology Acceptance Model) and VAM (Value-based Adoption Model) to analyze cloud service adoption intension The proposed exploratory model tests a number of hypotheses to understand the importance factors of IaaS adoption intension with TAM and VAM included additional cloud service characteristics such as scalability, agility, security, efficiency and reliability. Eventually, the findings of this study can not only help company users gain insights into IaaS adoption, but also help cloud service providers to develop their service effectively and improve marketing strategy in B2B cloud service market.

• Asia pacific journal of information systems
• /
• v.24 no.4
• /
• pp.473-491
• /
• 2014

There is a growing interest for 'Cloud computing' to cut costs, and help the users focus on their core business instead of being impeded by IT obstacles. As it became IT version 3.0 which represents the era of cloud services and the dominance of a new kind of IT service provider, cloud service providers (CSPs)' role is more critical as a trusted IT advisor to include cloud migration and integration expertise. However, previous literatures related to cloud computing service have mainly analyzed from customers, although it is hard for customers to totally understand the complex and diverse cloud ecosystem. Therefore, it is an urgent task to mitigate the inhibitory factors in providing the cloud services for activating cloud industry. This study, an exploratory research based on interviews, has derived factors of promoting and hindering the activation of cloud computing from the provider's perspective, and has analyzed a sequence of cause and effect for each factor. For this, the casual loop diagram was developed to deduce key issues, and propose an alternative. The results of this study are expected to help activate 'Cloud computing' in Korea by minimizing the potential negative effects of activating 'Cloud computing' industry.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1377-1383
• /
• 2015

As the cloud services users' increase, there are important files created by individual in cloud storage. Thus, investigation of cloud artifact should be conducted. There are two methods of analyzing cloud service, one is that investigates cloud server provider (CSP), and another is that investigates client. In this paper, we presents an automated framework to detect the altered artifact and developes a tool that detects the cloud artifact. We also developed Cloud Artifact Tool that can investigate client computer. Cloud Artifact Tool provides feature of collection and analysis for the services such as Google Drive, Dropbox, Evernote, NDrive, DaumCloud, Ucloud, LG Cloud, T Cloud and iCloud.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.405-414
• /
• 2014

It is very important to IT users that the Cloud service provides dynamic extension of IT resources and cost-saving. However, the reliability for Cloud service hinders utilizing Cloud service actively. Existing studies on assessment program for Cloud Service are executed by extracting information security assessment articles and adding features of cloud services by referencing ISO/IEC 27001:2005. This paper will review the recently released ISO/IEC 27001:2013 for the addition, reduction, and changing of articles for Controls and Control objectives. Comparative analysis for the Controls of ISO/IEC 27001:2013 with those of CSA CCMv.3, FedRAMP which is an assessment program for Cloud service will suggest Control Objects of Information Security Management System for related Cloud service. The suggestion of Controls will be an important reference index for the security policy of companies which manage the information security management system based on Cloud service.

• Journal of Digital Convergence
• /
• v.13 no.2
• /
• pp.1-11
• /
• 2015

The growing company that provides high quality service to every customer by introducing a cloud-system organization. However, the information needs of diverse and different, so every cloud system, and acts as a barrier to entry for cloud services provide appropriate. Cloud services are becoming complicated and diversified depending on concerns about cloud security continues, the growing need of professionalism held by the cloud service(Cloud Service Brokerage) CSB companies. Thus, to analyze the various services, find my support legislation, security and compatibility issues, the services of the best new business through service offerings tailored to the environment, and will implement the necessary management services which brokerage (CSB) is. This study presents a brokerage(CSB) development model, and suggested policy measures that apply to the co-op that I am having difficulties in cloud services business models.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.3
• /
• pp.843-871
• /
• 2015

Cloud computing evolve as a cost effective business model for IT companies to focus on their core business without perturbing on infrastructure related issues. Hence, major IT firms and Small & Medium Enterprises (SME) are adopting cloud services on rental basis from cloud providers. Cloud Service level agreements (SLA) act as a key liaison between consumers and providers on renting Anything as a Service (AaaS). Design of such an agreement must aim for greater profit to providers as well as assured availability of services to consumers. However in reality, cloud SLA is not satisfying the parties involved because of its inherent complex nature and issues. Also currently most of the agreements are unilateral to favour the provider. This study focuses on comprehensive, 360-degree survey on different aspects of the cloud service agreements. We detailed the life cycle of SLA based on negotiation, different types of SLA, current standards, languages & characteristics, metrics and issues involved in it. This study will help the cloud actors to understand and evaluate the agreements and to make firm decision on negotiation. The need for standardized, bilateral, semantic SLA has also been proposed.

• Journal of Information Technology Applications and Management
• /
• v.27 no.6
• /
• pp.89-99
• /
• 2020

Cloud computing is rapidly increasing for achieving comfortable computing. Cloud computing has essentially security vulnerability of software and hardware. For achieving secure cloud computing, the vulnerabilities of cloud computing could be analyzed in a various and systematic approach from perspective of the service designer, service operator, the designer of cloud security and certifiers of cloud systems. The paper investigates the vulnerabilities and security controls from the perspective of administration, and systems. For achieving the secure operation of cloud computing, this paper analyzes technological security vulnerability, operational weakness and the security issues in an enterprise. Based on analysis, the paper suggests secure establishments for cloud computing.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.59-65
• /
• 2012

The evolution of cloud computing service over the recent years is potentially one of the major advances in information and communication technology. However, if cloud computing service is to achieve its potential, there needs to be a clear understanding of the various issues such as service security, performance and availability and so on, both from the perspectives of the providers and the consumers of the cloud service. As more and more information on individuals, companies and public sectors are placed in the cloud service, concerns are beginning to grow about just how safe and reliable an environment it is. In order to overcome these situations, the Korea cloud service certification system and U.S. FedRAMP were performed in each country. This paper aims at comparing and analyzing between Korean cloud service certification systems and U.S. FedRAMP and describing the difference between them. Eventually, we propose the improvement strategy of Korea cloud service certification systems based on the comparison results between them.