Journal of Digital Convergence (디지털융복합연구)

The Society of Digital Policy and Management (한국디지털정책학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Integration Security Management Model in Cloud Environment

클라우드 환경에서의 통합 보안관제 모델 연구

  • Byun, Yun Sang (ISAA Lab., Department of Information Security Engineering, Soonchunhyang University) ;
  • Kwak, Jin (Dept. of Information Security Engineering, Soonchunhyang University)
  • 변연상 (순천향대학교 정보보호학과 정보보호응용및보증연구실) ;
  • 곽진 (순천향대학교 정보보호학과)
  • Received : 2013.11.20
  • Accepted : 2013.12.20
  • Published : 2013.12.28
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, Interest variety of IT services and computing resources are increasing. As a result, the interest in the security of cloud environments is also increasing. Cloud environment is stored that to provide services to a large amount of IT resources on the Cloud. Therefore, Cloud is integrity of the stored data and resources that such as data leakage, forgery, etc. security incidents that the ability to quickly process is required. However, the existing developed various solutions or studies without considering their cloud environment for development and research to graft in a cloud environment because it has been difficult. Therefore, we proposed wire-wireless integrated Security management Model in cloud environment.

최근 다양한 IT 서비스 및 컴퓨팅 자원을 인터넷 기반으로 제공받을 수 있는 클라우드 환경에 대한 사용자들의 관심이 증가하고 있으며, 이에 따라 클라우드 환경의 보안에 대한 관심 또한 증가하고 있다. 클라우드 환경은 다양한 사용자들에게 적절한 서비스를 제공하기 위해 막대한 양의 IT 자원 및 서비스들을 클라우드 상에 저장하고 사용자의 요구에 따라 제공하기 때문에 저장된 데이터 및 자원들에 대한 무결성, 불법 유출, 위 변조와 같은 보안 사고를 예방하고 신속하게 처리할 수 있는 능력이 요구된다. 그러나 기존에 개발된 다양한 솔루션이나 연구결과들은 클라우드 환경을 고려하지 않고 개발 및 연구되었기 때문에 클라우드 환경에 접목시키기에는 다소 무리가 있다. 따라서 이러한 문제를 해결하기 위해 본 논문에서는 클라우드 환경에서 발생할 수 있는 다양한 보안 사고를 사전에 방지하고, 발생 시 신속하게 대응할 수 있는 유 무선 통합 보안관제 모델을 제안한다.

Keywords

References

  1. NIST SP 800-144, "Guidelines on Security and Privacy in Public Cloud Computing", 2011.
  2. NIST SP 800-39, "Managing Information Security Risk", 2011.03
  3. Cloud Security Alliance, Top Threats to Cloud Computing V1.0, March, 2010.
  4. Cloud Security Alliance(CSA), "Security Guidance for Critical Areas of Focus in Cloud Computing V2.1", 2009.
  5. T. H. Kim, I. H. Kim, C. W. Min, Y. I. Um, " Trend of Cloud Computing Security Technology", KIISE 2012.
  6. H. H. Lee, "IT Planning Series " Cloud Computing Security Tresnds", 2011
  7. T. H. Kim, I. H. Kim, J. H. Kim, C. W. Min, J. H. Kim, Y. I. Um, "Security-Enhanced Local Process Execution Scheme in Cloud Computing Environments", Journal of KIISE Vol.20, No. 5, 2010
  8. V. Casola, R. Lettiero, M. Rak, and U. Villano, "Access Control in Cloud-on-Grid Systems: The PerfCloud Case Study," Computers, Privacy and Data Protection: an Element of Choice, 427-444, 2011.
  9. D. Chen, X. Huang, and X. Ren, "Access Control of Cloud Service Based on UCON," Lecture Notes in Computer Science, 2009.
  10. H. D. Lee, S. J. Lee, "A Study on development of evaluation indicators on the Managed Security Service(MSS)", Journal of the Korea Institute of Information Security and Cryptology, vol 22, No.5, 2012.
  11. Y. J. Kim, S. Y. Lee, H. Y. Kwon, J. I. Lim, "A Study on the Improvement of Effectiveness in National Cyber Security Monitoring and Control Services", Journal of the Korea Institute of Information Security and Cryptology, vol 19, pp. 103-111, 2009. 2
  12. Renaud Bidou, "Security Operation Center Concepts& Implementation"
  13. John W.Rittinghouse and James F.Randsome, "Cloud Computing Implementation, Management and Security " in CRC Press, pp. 153-154, 2010,
  14. B. Sotomayor, R. Montero, I. Llorente, and I. Foster, "Virtual Infrastructure Management in Private and Hybrid Clouds," IEEE Internet Computing, Vol.13, No.5, pp. 14-2, 2009.
  15. R.M.Savola and P.Heinonen, "Security Measurability Enhancing Mechanisms for a Distributed Adaptive Security Monitoring System," IEEE 4th International Conference on Emerging Security Information System and Technology, pp. 25-34, 2010.

Cited by

  1. Technology Trends, Research and Design of AIM Framework for Authentication Information Management vol.14, pp.7, 2016, https://doi.org/10.14400/JDC.2016.14.7.373
  2. A Study on the Administrative Spatial Informatization and Ubiquitous Smart City : Focus on Busan Centum City vol.11, pp.4, 2016, https://doi.org/10.13067/JKIECS.2016.11.4.351
  3. Design of Mobile Learning Contents using u-smart tourist information vol.12, pp.3, 2014, https://doi.org/10.14400/JDC.2014.12.3.383