• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.182-186
• /
• 2021

The market for smart phones has been booming in the past few years. There are now over 400,000 applications on the Android market. Over 10 billion Android applications have been downloaded from the Android market. Due to the Android popularity, there are now a large number of malicious vendors targeting the platform. Many honest end users are being successfully hacked on a regular basis. In this work, a cloud based reputation security model has been proposed as a solution which greatly mitigates the malicious attacks targeting the Android market. Our security solution takes advantage of the fact that each application in the android platform is assigned a unique user id (UID). Our solution stores the reputation of Android applications in an anti-malware providers' cloud (AM Cloud). The experimental results witness that the proposed model could well identify the reputation index of a given application and hence its potential of being risky or not.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1545-1559
• /
• 2023

In the cloud environment, microservices are implemented through Kubernetes, and these services can be expanded or reduced through the autoscaling function under Kubernetes, depending on the service request or resource usage. However, the increase in the number of nodes or distributed microservices in Kubernetes and the unpredictable autoscaling function make it very difficult for system administrators to conduct operations. Artificial Intelligence for IT Operations (AIOps) supports resource management for cloud services through AI and has attracted attention as a solution to these problems. For example, after the AI model learns the metric or log data collected in the microservice units, failures can be inferred by predicting the resources in future data. However, it is difficult to construct data sets for generating learning models because many microservices used for autoscaling generate different metrics or logs in the same timestamp. In this study, we propose a cloud data refining module and structure that collects metric or log data in a microservice environment implemented by Kubernetes; and arranges it into computing resources corresponding to each service so that AI models can learn and analogize service-specific failures. We obtained Kubernetes-based AIOps learning data through this module, and after learning the built dataset through the AI model, we verified the prediction result through the differences between the obtained and actual data.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.12 no.5
• /
• pp.865-872
• /
• 2017

Recently, in response to the Internet age, the demand for hardware devices has been increasing, centering on the rapidly growing smart home field, due to the growth and management of sensor and control technology, mobile application, network traffic, big data management and cloud computing. In order to maintain the sustainable development of the hardware system, it is necessary to update the system, and the hardware device is absolutely necessary in real time processing of complex data (voice, image, etc.) as well as data collection. In this paper, we propose a method to simplify the control and communication method by integrating the hardware devices in two operating systems in a unified structure to solve the simultaneous control and communication method of hardware under different operating systems. The performance evaluation results of the proposed integrated hardware and the cloud control system connected to the cloud server are described and the main directions to be studied in the field of internet smart home are described.

• Information Systems Review
• /
• v.17 no.1
• /
• pp.117-140
• /
• 2015

Cloud Computing has drawn attention as one of 10 IT strategic technology trends and has various advantages such as cost reduction and enhancing business flexibility. However, corporations hesitate to adopt the service because of unexpected risks. Especially compared to large firm, medium and small ones use public cloud that security risk is high. Meanwhile, real option strategy has drawn attention as the method to hedge uncertainty in IT projects. Therefore, in this study causal relationships among technical, security, relational, and economic risks of cloud service will be investigated. Eventually, this study investigates how those risks influence the intention to choose the real option about the cloud service. For this study, five hypotheses is drawn, and a survey is conducted about the medium and small firms which are currently using cloud service to examine hypotheses. Since the study is at organizational level, 287 questionnaire replies are recalculated to 120 firms. For statistical analysis, Smart PLS and SPSS Statistics18 are used. As a result, technical risk of cloud service has significantly positive influence on security risk. Second, security risk and relational risk of cloud service has significantly positive influence on economic risk. Third, economic risk of cloud service has significantly positive influence on the intention to purchase the delay option or abandon option. Based on this result, this research discussed practical and academic implications and the limitations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.10
• /
• pp.2497-2513
• /
• 2013

In 2010, Dijk et al. demonstrated a simple somewhat homomorphic encryption (HE) scheme over the integers of which this simplicity came at the cost of a public key size in $\tilde{O}({\lambda}^{10})$. Although in 2011 Coron et al. reduced the public key size to $\tilde{O}({\lambda}^7)$, it is still too large for practical applications, especially for the cloud computing. In this paper, we propose a new form of somewhat HE scheme to reduce further the public key size and a variation of the scheme to optimize the ciphertext size. First of all, we propose a new somewhat HE scheme which is built on the hardness of the approximate greatest common divisor (GCD) problem of two integers, where the public key size in the scheme is reduced to $\tilde{O}({\lambda}^3)$. Furthermore, we can reduce the length of the ciphertext of the new somewhat HE scheme by applying the modular reduction technique. Additionally, we give simulation results for evaluating ability of the proposed scheme.

• Smart Structures and Systems
• /
• v.21 no.5
• /
• pp.611-621
• /
• 2018

Compared with the highway bridges, the relatively higher requirement on the safety and comfort of vehicle makes the high-speed railway (HSR) bridges need to present enhanced dynamic performance. To this end, installing a health monitor system (HMS) on selected key HSR bridges has been widely applied. Typically, the HSR takes fully enclosed operation model and its skylight time is very short, which means that it is not easy to operate the acquisition devices and download data on site. However, current HMS usually involves manual operations, which makes it inconvenient to be used for the HSR. Hence, a HMS named DASP-MTS (Data Acquisition and Signal Processing - Monitoring Test System) that integrates the internet, cloud computing (CC) and virtual instrument (VI) techniques, is developed in this study. DASP-MTS can realize data acquisition and transmission automatically. Furthermore, the acquired data can be timely shared with experts from various locations to deal with the unexpected events. The system works in a Browser/Server frame so that users at any places can obtain real-time data and assess the health situation without installing any software. The developed integrated HMS has been applied to the Xijiang high-speed railway arch bridge. Preliminary analysis results are presented to demonstrate the efficacy of the DASP-MTS as applied to the HSR bridges. This study will provide a reference to design the HMS for other similar bridges.

• Journal of Information Processing Systems
• /
• v.14 no.5
• /
• pp.1087-1101
• /
• 2018

As cloud computing has become a widespread technology, malicious attackers can obtain the private information of users that has leaked from the service provider in the outsourced databases. To resolve the problem, it is necessary to encrypt the database prior to outsourcing it to the service provider. However, the most existing data encryption schemes cannot process a query without decrypting the encrypted databases. Moreover, because the amount of the data is large, it takes too much time to decrypt all the data. For this, Programmable Order-Preserving Secure Index Scheme (POPIS) was proposed to hide the original data while performing query processing without decryption. However, POPIS is weak to both order matching attacks and data count attacks. To overcome the limitations, we propose a group order-preserving data encryption scheme (GOPES) that can support efficient query processing over the encrypted data. Since GOPES can preserve the order of each data group by generating the signatures of the encrypted data, it can provide a high degree of data privacy protection. Finally, it is shown that GOPES is better than the existing POPIS, with respect to both order matching attacks and data count attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.2
• /
• pp.670-686
• /
• 2017

MapReduce (MRV1), a popular programming model, proposed by Google, has been well used to process large datasets in Hadoop, an open source cloud platform. Its new version MapReduce 2.0 (MRV2) developed along with the emerging of Yarn has achieved obvious improvement over MRV1. However, MRV2 suffers from long finishing time on certain types of jobs. Speculative Execution (SE) has been presented as an approach to the problem above by backing up those delayed jobs from low-performance machines to higher ones. In this paper, an adaptive SE strategy (ASE) is presented in Hadoop-2.6.0. Experiment results have depicted that the ASE duplicates tasks according to real-time resources usage among work nodes in a cloud. In addition, the performance of MRV2 is largely improved using the ASE strategy on job execution time and resource consumption, whether in a multi-job environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.12
• /
• pp.5972-5989
• /
• 2019

With the onset of the big data age, data is growing exponentially, and the issue of how to optimize large-scale data processing is especially significant. Large-scale global optimization (LSGO) is a research topic with great interest in academia and industry. Spark is a popular cloud computing framework that can cluster large-scale data, and it can effectively support the functions of iterative calculation through resilient distributed datasets (RDD). In this paper, we propose a hybrid mechanism of particle swarm optimization (PSO) and differential evolution (DE) algorithms based on Spark (SparkPSODE). The SparkPSODE algorithm is a parallel algorithm, in which the RDD and island models are employed. The island model is used to divide the global population into several subpopulations, which are applied to reduce the computational time by corresponding to RDD's partitions. To preserve population diversity and avoid premature convergence, the evolutionary strategy of DE is integrated into SparkPSODE. Finally, SparkPSODE is conducted on a set of benchmark problems on LSGO and show that, in comparison with several algorithms, the proposed SparkPSODE algorithm obtains better optimization performance through experimental results.