• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1247-1257
• /
• 2013

The security vulnerabilities of cloud storage virtualization environments are different from those of the existing computer system and are difficult to be protected in the existing computer system environment. Therefore we need some technical measures to address this issue. First of all, the technology used in cloud storage virtualization environment needs to be thoroughly analyzed, and also, we should understand those security requirements of various stakeholders in the view of cloud storage service and perform the research on security guidelines of the research security requirements. In this paper, we propose security requirements based on layers and roles of cloud storage virtualization. The proposed security requirements can be a basement for development of solution of cloud storage virtualization security.

• Journal of Korean Society of Archives and Records Management
• /
• v.19 no.3
• /
• pp.271-292
• /
• 2019

Recently, the central administrative agency changed its business management system to cloud-based On-nara 2.0. To transfer and manage the records of the cloud business management system, the National Archives Service has developed and distributed a cloud-based records management system. It serves as an opportunity to maximize the benefits of cloud computing and redesign the records management to be more effective and efficient. The process and method of electronic record management can be transformed through digital technologies. First, we can change the transfer method for electronic records. When the business and the records management systems share the same cloud storage, it is possible to transfer the content files between the two systems without moving the contents files physically, thus copying only the metadata and reducing the cost and the risk of integrity damage. Second, the strategy for allocating storage space for contents can be conceived. Assuming that the cloud storage is shared by the business and the record management systems, it is advantageous to distinguish the storage location based on the retention period of the content files. Third, systems that access content files, such as records creation, records management, and information disclosure systems, can share the cloud storage and minimize the duplication of content files.

• Journal of Korean Society of Archives and Records Management
• /
• v.19 no.2
• /
• pp.1-24
• /
• 2019

In this study, we propose a logical transfer method of records using cloud storage to solve the integrity problem of digital component, which is generated when electronic records are transferred from the electronic record production system to the record management system. This method, which produces electronic records using cloud storage from the production stage and transfers them to the archives, has the following advantages. First, as a record management method, it can be effectively applied in public institutions by utilizing cloud computing technology, which has been the trend recently. Second, unlike the existing method of copying and physically transferring electronic records, the proposed method can reduce various risk factors that may occur in the transfer of electronic records by logically transferring the storage. Third, the method can prevent errors of the digital component according to the physical transfer of the electronic record; hence, the integrity of the electronic record can be guaranteed. Fourth, administrative power and cost that are wasted because of the electronic transfer of electronic records can be reduced.

• KIISE Transactions on Computing Practices
• /
• v.21 no.1
• /
• pp.58-63
• /
• 2015

In this work, we present a novel fountain code-based hybrid P2P storage system that combines cloud storage with P2P storage. The proposed hybrid storage system minimizes data transmission time while guaranteeing high data retrieval and data privacy. In order to guarantee data privacy and storage efficiency, the user transmits encoded data after performing fountain code-based encoding. Also, the proposed algorithm guarantees the user's data retrieval by storing the data while considering each peer's survival probability. The simulation results show that the proposed algorithm enables fast completion of the upload transmission while satisfying the required data retrieval and supporting the privacy of user data under the system parameters.

• Journal of Internet Computing and Services
• /
• v.22 no.5
• /
• pp.57-67
• /
• 2021

Modern cloud computing is rapidly changing from traditional hypervisor-based virtual machines to container-based cloud-native environments. Due to limitations in I/O performance required for both virtual machines and containers, the use of high-speed storage (SSD, NVMe, etc.) is increasing, and in-memory computing using main memory is also emerging. Running a virtual environment on main memory gives better performance compared to other storage arrays. However, RAM used as main memory is expensive and due to its volatile characteristics, data is lost when the system goes down. Therefore, additional work is required to run the virtual environment in main memory. In this paper, we propose a hybrid in-memory storage that combines a block storage such as a high-speed SSD with main memory to safely operate virtual machines and containers on main memory. In addition, the proposed storage showed 6 times faster write speed and 42 times faster read operation compared to regular disks for virtual machines, and showed the average 12% improvement of container's performance tests.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.2
• /
• pp.85-91
• /
• 2014

Cloud storage system uses a distributed file system for storing and managing data. Traditional distributed file system makes a triplication of data in order to restore data loss in disk failure. However, enforcing data replication method increases storage utilization and causes extra I/O operations during replication process. In this paper, we propose a data replication method using erasure codes in cloud storage system to improve storage space efficiency and I/O performance. In particular, according to data access frequency, the proposed method can reduce the number of data replications but using erasure codes can keep the same data recovery performance. Experimental results show that proposed method improves performance in storage efficiency 40%, read throughput 11%, write throughput 10% better than HDFS does.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.389-394
• /
• 2012

The cloud computing is a system that provides IT resources service by using internet technologies, which grabs lots of attention today. Though cloud storage services provide service users with convenience, there is a problem in which data confidentiality is not guaranteed because it is hard for data owners to control the access to the data. This article suggested the technique by applying Public-Key Cryptosystem only to a block after dividing users' data into blocks in order to protect users' data in cloud system. Thus confidentiality and integrity are given to users' data stored in cloud storage server.

• Journal of Information Processing Systems
• /
• v.15 no.6
• /
• pp.1265-1276
• /
• 2019

Data deduplication is a common method to improve cloud storage efficiency and save network communication bandwidth, but it also brings a series of problems such as privacy disclosure and dictionary attacks. This paper proposes a secure deduplication scheme for cloud storage based on Bloom filter, and dynamically extends the standard Bloom filter. A public dynamic Bloom filter array (PDBFA) is constructed, which improves the efficiency of ownership proof, realizes the fast detection of duplicate data blocks and reduces the false positive rate of the system. In addition, in the process of file encryption and upload, the convergent key is encrypted twice, which can effectively prevent violent dictionary attacks. The experimental results show that the PDBFA scheme has the characteristics of low computational overhead and low false positive rate.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.10
• /
• pp.3607-3623
• /
• 2014

The increasing demand in promoting cloud computing in either business or other areas requires more security of a cloud storage system. Traditional cloud storage systems fail to protect data integrity information (DII), when the interactive messages between the client and the data storage server are sniffed. To protect DII and support public verifiability, we propose a data integrity verification scheme by deploying a designated confirmer signature DCS as a building block. The DCS scheme strikes the balance between public verifiable signatures and zero-knowledge proofs which can address disputes between the cloud storage server and any user, whoever acting as a malicious player during the two-round verification. In addition, our verification scheme remains blockless and stateless, which is important in conducting a secure and efficient cryptosystem. We perform security analysis and performance evaluation on our scheme, and compared with the existing schemes, the results show that our scheme is more secure and efficient.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.8C
• /
• pp.670-679
• /
• 2012

The recent dissemination of cloud computing makes the amount of data storage to be increased and the cost of storing the data grow rapidly. Accordingly, data and service requests from users also increases the load on the cloud storage. There have been many works that tries to provide low-cost and high-performance schemes on distributed file systems. However, most of them have some weaknesses on performing parallel and random data accesses as well as data accesses of frequent small workloads. Recently, improving the performance of distributed file system based on caching technology is getting much attention. In this paper, we propose a CHPC(Cloud storage High-Performance Caching) framework, providing parallel caching, distributed caching, and proxy caching in distributed file systems. This study compares the proposed framework with existing cloud systems in regard to the reduction of the server's disk I/O, prevention of the server-side bottleneck, deduplication of the page caches in each client, and improvement of overall IOPS. As a results, we show some optimization possibilities on the cloud storage systems based on some evaluations and comparisons with other conventional methods.