• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.10
• /
• pp.5153-5170
• /
• 2016

The benefit of the scalability and flexibility inherent in cloud computing motivates clients to upload data and computation to public cloud servers. Because data is placed on public clouds, which are very likely to reside outside of the trusted domain of clients, this strategy introduces concerns regarding the security of sensitive client data. Thus, to provide sufficient security for the data stored in the cloud, it is essential to encrypt sensitive data before the data are uploaded onto cloud servers. Although data encryption is considered the most effective solution for protecting sensitive data from unauthorized users, it imposes a significant amount of overhead during the query processing phase, due to the limitations of directly executing operations against encrypted data. Recently, substantial research work that addresses the execution of SQL queries against encrypted data has been conducted. However, there has been little research on top-k join query processing over encrypted data within the cloud computing environments. In this paper, we develop an efficient algorithm that processes a top-k join query against encrypted cloud data. The proposed top-k join processing algorithm is, at an early phase, able to prune unpromising data sets which are guaranteed not to produce top-k highest scores. The experiment results show that the proposed approach provides significant performance gains over the naive solution.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.63-76
• /
• 2023

Identity and access management in cloud computing is one of the leading significant issues that require various security countermeasures to preserve user privacy. An authentication mechanism is a leading solution to authenticate and verify the identities of cloud users while accessing cloud applications. Building a secured and flexible authentication mechanism in a cloud computing platform is challenging. Authentication techniques can be combined with other security techniques such as intrusion detection systems to maintain a verifiable layer of security. In this paper, we provide an interactive, flexible, and reliable multi-factor authentication mechanisms that are primarily based on a proposed Authentication Method Selector (AMS) technique. The basic idea of AMS is to rely on the user's previous authentication information and user behavior which can be embedded with additional authentication methods according to the organization's requirements. In AMS, the administrator has the ability to add the appropriate authentication method based on the requirements of the organization. Based on these requirements, the administrator will activate and initialize the authentication method that has been added to the authentication pool. An intrusion detection component has been added to apply the users' location and users' default web browser feature. The AMS and intrusion detection components provide a security enhancement to increase the accuracy and efficiency of cloud user identity verification.

• Journal of Korea Society of Industrial Information Systems
• /
• v.26 no.1
• /
• pp.11-19
• /
• 2021

The emerging Fifth Generation (5G) network technology brings us a new demand for low latency services. However, it may not be possible for long-distanced cloud computing servers to support users with satisfactory low latency services. For this reason, Multi-access Edge Computing (MEC) technology are gaining attraction since it is designed to provide low latency services to users by placing cloud computing resources to base-stations or mobile switching centers nearby users. Accordingly, it is necessary to verify the deployed containers on the MECs are reliable enough to provide low latency services empirically. For the purpose, we develop a testing tool to verify the reliability as well as network resources status of running MECs by deploying containers on the MECs in a Kubernetes environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2429-2449
• /
• 2018

Dynamic data possession verification is a common requirement in cloud storage systems. After the client outsources its data to the cloud, it needs to not only check the integrity of its data but also verify whether the update is executed correctly. Previous researches have proposed various schemes based on Merkle Hash Tree (MHT) and implemented some initial improvements to prevent the tree imbalance. This paper tries to take one step further: Is there still any problems remained for optimization? In this paper, we study how to raise the efficiency of data dynamics by improving the parts of query and rebalancing, using a new data structure called Rank-Based Merkle AVL Tree (RB-MAT). Furthermore, we fill the gap of verifying multiple update operations at the same time, which is the novel batch updating scheme. The experimental results show that our efficient scheme has better efficiency than those of existing methods.

• Journal of Information Processing Systems
• /
• v.9 no.3
• /
• pp.379-394
• /
• 2013

Cloud computing is an evolving computing paradigm that has influenced every other entity in the globalized industry, whether it is in the public sector or the private sector. Considering the growing importance of cloud, finding new ways to improve cloud services is an area of concern and research focus. The limitation of the available Virtual Machine Load balancing policies for cloud is that they do not save the state of the previous allocation of a virtual machine to a request from a Userbase and the algorithm requires execution each time a new request for Virtual Machine allocation is received from the Userbase. This problem can be resolved by developing an efficient virtual machine load balancing algorithm for the cloud and by doing a comparative analysis of the proposed algorithm with the existing algorithms.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.3
• /
• pp.1014-1025
• /
• 2020

Cloud computing services changed the way the data are managed across the healthcare system that can improve patient care. Currently, most healthcare organizations are using cloud-based applications and related services to deliver better healthcare facilities. But architecting a cloud-based healthcare system needs deep knowledge about the working nature of these services and the requirements of the healthcare environment. The success is based on the usage of appropriate cloud services in the architecture to manage the data flow across the healthcare system.Cloud service providers offer a wide variety of services to ingest, store and process healthcare data securely. The top three public cloud providers- Amazon, Google, and Microsoft offers advanced cloud services for the solution that the healthcare industry is looking for. This article proposes a framework that can effectively utilize cloud services to handle the data flow among the various stages of the healthcare infrastructure. The useful cloud services for ingesting, storing and analyzing the healthcare data for the proposed framework, from the top three cloud providers are listed in this work. Finally, a cloud-based healthcare architecture using Amazon Cloud Services is constructed for reference.

• Information Systems Review
• /
• v.21 no.4
• /
• pp.47-68
• /
• 2019

As cloud services and deployment models become diverse, there are a growing number of cloud computing selection options. Therefore, financial companies need a methodology to select the appropriated cloud for each financial computing system. This study adopted the Balanced Scorecard (BSC) framework to classify factors for the introduction of cloud computing in financial companies. Using Analytic Hierarchy Process (AHP), the evaluation items are layered into the performance perspective and the cloud consideration factor and a comprehensive decision model is proposed. To verify the proposed research model, a system of financial company is divided into three: account, information, and channel system, and the result of decision making by both financial business experts and technology experts from two financial companies were collected. The result shows that some common factors are important in all systems, but most of the factors considered are very different from system to system. We expect that our methodology contributes to the spread of cloud computing adoption.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.5654-5668
• /
• 2018

Driven by security and real-time demands of Internet of Things (IoT), the timing of fog computing and edge computing have gradually come into place. Gateways bear more nearby computing, storage, analysis and as an intelligent broker of the whole computing lifecycle in between local devices and the remote cloud. In fog computing, the edge broker requires X-aware capabilities that combines software programmability, stream processing, hardware optimization and various connectivity to deal with such as security, data abstraction, network latency, service classification and workload allocation strategy. The prosperous of Field Programmable Gate Array (FPGA) pushes the possibility of gateway capabilities further landed. In this paper, we propose a software-defined gateway (SDG) scheme for fog computing paradigm termed as Fog Computing Zero-Knowledge Gateway that strengthens data protection and resilience merits designed for industrial internet of things or highly privacy concerned hybrid cloud scenarios. It is a proxy for fog nodes and able to integrate with existing commodity gateways. The contribution is that it converts Privacy-Enhancing Technologies rules into provable statements without knowing original sensitive data and guarantees privacy rules applied to the sensitive data before being propagated while preventing potential leakage threats. Some logical functions can be offloaded to any programmable micro-controller embedded to achieve higher computing efficiency.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.89-100
• /
• 2022

With the advancement in the Internet of things Technology (IoT) cloud computing, billions of physical devices have been interconnected for sharing and collecting data in different applications. Despite many advancements, some latency - specific application in the real world is not feasible due to existing constraints of IoT devices and distance between cloud and IoT devices. In order to address issues of latency sensitive applications, fog computing has been developed that involves the availability of computing and storage resources at the edge of the network near the IoT devices. However, fog computing suffers from many limitations such as heterogeneity, storage capabilities, processing capability, memory limitations etc. Therefore, it requires an adequate task scheduling method for utilizing computing resources optimally at the fog layer. This work presents a comprehensive review of different task scheduling methods in fog computing. It analyses different task scheduling methods developed for a fog computing environment in multiple dimensions and compares them to highlight the advantages and disadvantages of methods. Finally, it presents promising research directions for fellow researchers in the fog computing environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.12
• /
• pp.2294-2314
• /
• 2011

The key issue in providing fast and reliable access on cloud services is the effective management of resources in a cloud system. However, the high variation in cloud service access rates affects the system performance considerably when there are no default routines to handle this type of occurrence. Adaptive techniques are used in resource management to support robust systems and maintain well-balanced loads within the servers. This paper presents an adaptive resource management for cloud systems which supports the integration of intelligent methods to promote quality of service (QoS) in provisioning of cloud services. A technique of dynamically assigning cloud services to a group of cloud servers is proposed for the adaptive resource management. Initially, cloud services are collected based on the excess cloud services load and then these are deployed to the assigned cloud servers. The assignment function uses the proposed proportional ordering which efficiently assigns cloud services based on its resource consumption. The difference in resource consumption rate in all nodes is analyzed periodically which decides the execution of service assignment. Performance evaluation showed that the proposed dynamic service assignment (DSA) performed best in throughput performance compared to other resource allocation algorithms.