• Journal of the Korean Operations Research and Management Science Society
• /
• v.37 no.3
• /
• pp.57-68
• /
• 2012

The recent proliferation of various smart devices like the smartphone, tablet PC, and smart TV enables consumers to download various applications from the network and to access private files stored in their desktop server at any time and at any place. The trend of ubiquitous access seems to have become stronger and more diversified toward a ubiquitous network computing environment with the aggressive deployment of commercial cloud services. Recently, many Korean network service providers launched commercial B2C public cloud services, which were widely adopted by smart device users. They include Daum cloud, N drive, ucloud, and uplus box, mostly provided by major Korean telecom companies and portals. This paper aims to explore consumers' adoption behaviors toward the B2C public cloud services that were recently deployed in the Korean market. In order to achieve the goal, we identified key influencing factors that affect the consumers' adoption behaviors, based on an extension of the technology acceptance model (TAM). Several hundred smart device users were surveyed to test the generic regression model with the extended set of TAM variables.

• Journal of Korea Society of Industrial Information Systems
• /
• v.16 no.3
• /
• pp.121-135
• /
• 2011

We provide an economic evaluation model to help managers make reasonable decision for the investment in the appropriate type of cloud computing. Cloud computing can be classified into public, private and hybrid architecture and we evaluate their attractiveness using traditional NPV and real option methods. We conduct economic analysis by comparing traditional software delivery model with various types of cloud computing. The work compares each mode of cloud computing against each other using passive NPV and dynamic real-option method. For more objective and conservative evaluation of investment alternatives, we eliminate conventional benefits that are often subjective or hard to measure, and count only the reduction of investment cost and maintenance cost as benefit. We argue that hybrid and public cloud computing can be undervalued without their intrinsic options such as abandonment, expansion and contraction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.4
• /
• pp.2198-2222
• /
• 2019

The cloud storage service becomes a rising trend based on the cloud computing, which promotes the remote data integrity auditing a hot topic. Some research can audit the integrity and correctness of user data and solve the problem of user privacy leakage. However, these schemes cannot use fewer data blocks to achieve better auditing results. In this paper, we figure out that the random sampling used in most auditing schemes is not well apply to the problem of cloud service provider (CSP) deleting the data that users rarely use, and we adopt the probability proportionate to size sampling (PPS) to handle such situation. A new scheme named improving audit efficiency of remote data for cloud storage is designed. The proposed scheme supports the public auditing with fewer data blocks and constrains the server's malicious behavior to extend the auditing cycle. Compared with the relevant schemes, the experimental results show that the proposed scheme is more effective.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

• Journal of KIISE
• /
• v.43 no.4
• /
• pp.497-508
• /
• 2016

With a cloud storage service, data owners can easily access their outsourced data in cloud storage on different devices and at different locations, and can share their data with others. However, as the users no longer physically have possession of their outsourced data and the cloud still facing the existence of internal/external threats, the task of checking the data integrity is formidable. Over recent years, numerous schemes have been proposed to ensure data integrity in an untrusted cloud. However, the existing public auditing schemes use a third-party auditor(TPA) to execute high computation to check data integrity and may still face many security threats. In this paper, we first demonstrate that the scheme proposed by Zhang et al. is not secure against our two threat models, and then we propose a self-certified public auditing scheme to eliminate the security threats and guarantee a constant communication cost. Moreover, we prove the securities of our public auditing scheme under three security models.

• Journal of Digital Convergence
• /
• v.11 no.5
• /
• pp.63-72
• /
• 2013

Cloud services is recognized the essential IT infrastructure in the optimal smart society which is changing rapidly as a low-cost and high-efficiency. This service of starting from prominent overseas companies such as Google, Amazon, had influenced on the introduction of the service for the various policies of foreign governments, including the United States and the United Kingdom. Such countries adopt to the cloud computing and make transform to the cloud service of existing public service for the effective management of information resources. In this study, we propose a model for adoption of appropriate cloud-based public services in Korea through analyzing the foreign government case of adoption of cloud services.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.10
• /
• pp.5039-5061
• /
• 2017

Cloud storage becomes a new trend that more and more users move their data to cloud storage servers (CSSs). To ensure the security of cloud storage, many cloud auditing schemes are proposed to check the integrity of users' cloud data. However, most of them are based on public key infrastructure, which leads to complex certificates management and verification. Besides, most existing auditing schemes are inefficient when user uploads a large amount of data or a third party auditor (TPA) performs auditing for multiple users' data on different CSSs. To overcome these problems, in this paper, we propose an efficient and secure auditing scheme based on identity-based cryptography. To relieve user's computation burden, we introduce a proxy, which is delegated to generate and upload homomorphic verifiable tags for user. We extend our auditing scheme to support auditing for dynamic data operations. We further extend it to support batch auditing in multiple users and multiple CSSs setting, which is practical and efficient in large scale cloud storage system. Extensive security analysis shows that our scheme is provably secure in random oracle model. Performance analysis demonstrates that our scheme is highly efficient, especially reducing the computation cost of proxy and TPA.

• Journal of Internet Computing and Services
• /
• v.24 no.6
• /
• pp.13-21
• /
• 2023

Recently, due to the collapse of boundaries between fields caused by COVID-19, the government's goal of connecting all data and making it accessible to people, businesses, and governments has garnered attention. To achieve this goal, cloud technology is consistently mentioned, and since the use of cloud technology inevitably raises security concerns, various studies are being conducted on the topic. This paper analyzes the use of cloud technology in public and administrative institutions in Korea and presents a model that applies the U.S. government's TIC 3.0 concept to mitigate potential security issues. The objective is to provide a secure cloud service utilization model for public and administrative institutions, with reference to TIC 3.0.

• International journal of advanced smart convergence
• /
• v.5 no.4
• /
• pp.26-31
• /
• 2016

In a cloud computing environment, a cryptographic service allows an information owner to encrypt the information and send it to a cloud server as well as to receive and decode encrypted data from the server which guarantees the confidentiality of shared information. However, if an attacker gains a coded data and has access to an encryption key via cloud server, then the server will be unable to prevent data leaks by a cloud service provider. In this paper, we proposed a key management server which does not allow an attacker to access to a coded key of the owners and prevents data leaks by a cloud service provider. A key management server provides a service where a server receives a coded public key of an information user from an owner and delivers a coded key to a user. Using a key management server proposed in this paper, we validated that the server can secure the confidentiality of an encryption key of data owners and efficiently distribute keys to data users.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.9-15
• /
• 2015

Cloud computing has emerged with promise to decrease the cost of server additional cost and expanding the data storage and ease for computer resource sharing and apply the new technologies. However, Cloud computing also raises many new security concerns due to the new structure of the cloud service models. Therefore, several cloud service certification system were performed in the world in order to meet customers need which is the safe and reliable cloud service. This paper we propose the new risk analysis method different compare with existing method for secure the reliability of certification considering public IaaS(Infrastructure as a Service) cloud service properties.