• Title/Summary/Keyword: Public Cloud

Search Result 308, Processing Time 0.023 seconds

Reference Architecture and Operation Model for PPP (Public-Private-Partnership) Cloud

  • Lee, Youngkon;Lee, Ukhyun
    • Journal of Information Processing Systems
    • /
    • v.17 no.2
    • /
    • pp.284-296
    • /
    • 2021
  • The cloud has already become the core infrastructure of information systems, and government institutions are rapidly migrating information systems to the cloud. Government institutions in several countries use private clouds in their closed networks. However, because of the advantages of public clouds over private clouds, the demand for public clouds is increasing, and government institutions are expected to gradually switch to public clouds. When all data from government institutions are managed in the public cloud, the biggest concern for government institutions is the leakage of confidential data. The public-private-partnership (PPP) cloud provides a solution to this problem. PPP cloud is a form participation in a public cloud infrastructure and the building of a closed network data center. The PPP cloud prevents confidential data leakage and leverages the benefits of the public cloud to build a cloud quickly and easily maintain the cloud. In this paper, based on the case of the PPP cloud applied to the Korean government, the concept, architecture, operation model, and contract method of the PPP cloud are presented.

Public Key based Secure Data Management Scheme for the Cloud Data Centers in Public Institution (공공기관 클라우드 데이터 센터에 활용 가능한 공개키 기반의 안전한 데이터 관리 기법)

  • Wi, Yukyeong;Kwak, Jin
    • Journal of Digital Convergence
    • /
    • v.11 no.12
    • /
    • pp.467-477
    • /
    • 2013
  • The cloud computing has propagated rapidly and thus there is growing interest on the introduction of cloud services in the public institution. Accordingly, domestic public institution are adoption of cloud computing impose and devise a plan. In addition, more specifically, is building a cloud computing system in the public institution. However, solutions to various security threats(e.g., availability invasion of storage, access by unauthorized attacker, data downloaded from uncertain identifier, decrease the reliability of cloud data centers and so on) is required. For the introduction and revitalize of cloud services in the public institution. Therefore, in this paper, we propose a public key based secure data management scheme for the cloud data centers in public institution. Thus, the use of cloud computing in the public institutions, the only authorized users have access to the data center. And setting for importance and level of difficulty of public data management enables by systematic, secure, and efficient. Thus, cloud services for public institution to improve the overall security and convenience.

The Establishment of Security Strategies for Introducing Cloud Computing

  • Yoon, Young Bae;Oh, Junseok;Lee, Bong Gyou
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.4
    • /
    • pp.860-877
    • /
    • 2013
  • Cloud computing has become one of the most important technologies for reducing cost and increasing productivity by efficiently using IT resources in various companies. The cloud computing system has mainly been built for private enterprise, but public institutions, such as governments and national institutes, also plans to introduce the system in Korea. Various researches have pointed to security problems as a critical factor to impede the vitalization of cloud computing services, but they only focus on the security threats and their correspondents for addressing the problems. There are no studies that analyze major security issues with regard to introducing the cloud computing system. Accordingly, it is necessary to research the security factors in the cloud computing given to public institutions when adopting cloud computing. This research focuses on the priority of security solutions for the stepwise adoption of cloud computing services in enterprise environments. The cloud computing security area is classified into managerial, physical and technical area in the research, and then derives the detailed factors in each security area. The research derives the influence of security priorities in each area on the importance of security issues according to the identification of workers in private enterprise and public institutions. Ordered probit models are used to analyze the influences and marginal effects of awareness for security importance in each area on the scale of security priority. The results show workers in public institutions regard the technical security as the highest importance, while physical and managerial security are considered as the critical security factors in private enterprise. In addition, the results show workers in public institutions and private enterprise have remarkable differences of awareness for cloud computing security. This research compared the difference in recognition for the security priority in three areas between workers in private enterprise, which use cloud computing services, and workers in public institutions that have never used the services. It contributes to the establishment of strategies, with respect to security, by providing guidelines to enterprise or institutions that want to introduce cloud computing systems.

Efficient Public Verification on the Integrity of Multi-Owner Data in the Cloud

  • Wang, Boyang;Li, Hui;Liu, Xuefeng;Li, Fenghua;Li, Xiaoqing
    • Journal of Communications and Networks
    • /
    • v.16 no.6
    • /
    • pp.592-599
    • /
    • 2014
  • Cloud computing enables users to easily store their data and simply share data with others. Due to the security threats in an untrusted cloud, users are recommended to compute verification metadata, such as signatures, on their data to protect the integrity. Many mechanisms have been proposed to allow a public verifier to efficiently audit cloud data integrity without receiving the entire data from the cloud. However, to the best of our knowledge, none of them has considered about the efficiency of public verification on multi-owner data, where each block in data is signed by multiple owners. In this paper, we propose a novel public verification mechanism to audit the integrity of multi-owner data in an untrusted cloud by taking the advantage of multisignatures. With our mechanism, the verification time and storage overhead of signatures on multi-owner data in the cloud are independent with the number of owners. In addition, we demonstrate the security of our scheme with rigorous proofs. Compared to the straightforward extension of previous mechanisms, our mechanism shows a better performance in experiments.

Cloud computing Issues and Security measure (클라우드 컴퓨팅 보안 대책 연구)

  • Lee, Sang Ho
    • Journal of Convergence Society for SMB
    • /
    • v.5 no.1
    • /
    • pp.31-35
    • /
    • 2015
  • Cloud computing is internet-based computing technology. This is a form for exchanging service focused on the Internet. Because Cost is saved and use is easy there's a tendency that many companies are using. Cloud is in the form of a public cloud and private cloud and hybrid cloud. The service model is SaaS, PaaS, IaaS. Cloud computing use is simple but it has a security vulnerability. In particular, there is a vulnerability in virtualization and centralized information. In order to overcome this new security technology is to be developed. In particular, network security technology and authentication technology should be developed. Another way to overcome security responsibilities must be clearly and policies should be unified.

  • PDF

A Cloud Adoption Method of Public Sectors using a Convergence Decision-making Model (융합의사결정모델을 이용한 공공기관의 클라우드 도입 방법)

  • Seo, Kwang-Kyu
    • Journal of Digital Convergence
    • /
    • v.15 no.11
    • /
    • pp.147-153
    • /
    • 2017
  • The Korean government has implemented various policies to introduce the cloud to the public sector. The objectives of the paper are to develop a decision-making model and to propose the roadmap for cloud introduction in the public sector. To achieve these objectives, we analyze the characteristics of public services and types of cloud service. Then we develope a cloud introduction method using fuzzy AHP based convergence decision-making model. As a result of this study, we decided to prioritize the cloud service candidates and proposed a three-step roadmap. The results are expected to contribute to cloud introduction and transition in the public sector and establishment of the cloud policy. In the future, it will be necessary to develop budget plans as well as additional decision-making factors for cloud adoption.

Cloud-Native Expansion: Strategies for Encouraging Cloud Adoption in the Public Sector Through Qualitative and Quantitative Research Methods (Cloud-Native의 확산: 정성적·정량적 연구기법을 이용한 공공부문의 클라우드 활성화 방안)

  • Yi, Jaehyuk;Kim, Sanghyun
    • The Journal of Bigdata
    • /
    • v.8 no.2
    • /
    • pp.55-71
    • /
    • 2023
  • Cloud Native refers to the Technical Maturity Level of a cloud environment that can utilize all cloud resources to fully function. In converting public sector information resources to the cloud, the characteristics of the cloud are not being used well. Therefore, in this study, the qualitative research method cloud expert interview technique and the quantitative research method used text network analysis for domestic and foreign related articles. Through this, we analyzed the utilization trends related to domestic and foreign cloud natives and the cloud policies of developed countries. Through previous research, the core components of cloud-native were examined, and the need for agile methodologies that were not addressed in previous studies was raised. It is believed that these core components will be applied in the public sector to contribute to business innovation through digital innovation. In addition, this study aims to provide important implications for the use of cloud native in Korea through an in-depth discussion on how to spread cloud native in the public sector.

Effects of Innovation Characteristics of Cloud Computing Services, Technostress on Innovation Resistance and Acceptance Intention: Focused on Public Sector (클라우드 컴퓨팅 서비스의 혁신특성, 테크노스트레스가 혁신저항 및 수용의도에 미치는 영향: 공공부문 도입을 중심으로)

  • Shin, Woochan;Ahn, Hyunchul
    • Knowledge Management Research
    • /
    • v.20 no.2
    • /
    • pp.59-86
    • /
    • 2019
  • As the era of the 4th Industrial Revolution evolves, not only private companies but also government agencies and institutions in public sector are adopting cloud computing services converged by new information technologies such as IoT, big data, and artificial intelligence to strengthen competitiveness and create new business values. The purpose of this study is to investigate the relationship between innovation characteristics, innovation resistance, and acceptance of innovative technologies from the perspective of cloud computing services in the public sector. In this study, we collected the survey data from 190 employees of IT division in the public sector, and analyzed the causal relationship between innovation characteristics, technostress, innovation resistance, and intention to adopt the cloud computing service that they perceived. As a result of the analysis, we demonstrated that innovation characteristics, technostress have significant effect on innovation resistance and acceptance intention, and that top executive commitment and innovation resistance also have significant effect on acceptance intention. This study provides meaningful practical implications for the staffs preparing for adoption of cloud computing services and the executives who make the final decision in public sector.

A Study on Batch Auditing with Identification of Corrupted Cloud Storage in Multi-Cloud Environments (손상 클라우드 식별 가능한 다중 클라우드 일괄 감사 기법에 관한 연구)

  • Shin, Sooyeon;Kwon, Taekyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.1
    • /
    • pp.75-82
    • /
    • 2015
  • Recently, many public auditing schemes have been proposed to support public auditability that enables a third party auditor to verify the integrity of data stored in the remote cloud server. To improve the performance of the auditor, several public auditing schemes support batch auditing which allows the auditor to handle simultaneously multiple auditing delegations from different users. However, when even one data is corrupted, the batch auditing will fail and individual and repeated auditing processes will be required. It is difficult to identify the corrupted data from the proof in which distinct data blocks and authenticators of distinct users are intricately aggregated. In this paper, we extend a public auditing scheme of Wang et al. to support batch auditing for multi-cloud and multi-user. We propose an identification scheme of the corrupted cloud when the data of a single cloud is corrupted in the batch auditing of multi-cloud and multi-user.

Protocol Analysis and Evaluation of the Transport Layer to Improve Security in a Public Cloud Environment (공공 클라우드 환경에서 보안성 향상을 위한 전송계층 프로토콜 분석·평가)

  • Bong, Jin Sook;Park, Sang Jin;Shin, Yongtae
    • Journal of KIISE
    • /
    • v.45 no.1
    • /
    • pp.76-85
    • /
    • 2018
  • Governments and public agencies try to use the cloud to carry out their work and provide public services. However, a public cloud is vulnerable to security side because it has a structure to support services using public networks (i.e, the internet). Thus, this paper finds the general security vulnerabilities of a network and compares and analyzes the characteristics of transport protocols (UDP, TCP, SCTP, and MPTCP) on the basis of their security vulnerabilities. This paper uses a reliability and security factor for the comparative analysis, evaluates the security exposure, and chooses a suitable protocol considering the security of the transport protocols in the cloud circumstance.