클라우드 스토리지 보안 기술 동향

  • 발행 : 2016.07.30

초록

키워드

참고문헌

  1. CSA Top Threats Working Group, "The Treacherous 12: Cloud Computing Top Threats in 2016," Cloud Security Alliance (CSA), Feb 2016.
  2. 클라우드컴퓨팅 연구조합, 차세대컴퓨팅학회, "2015 클라우드 컴퓨팅 기술 스택," 2016.01
  3. 정성재, 배유미, "클라우드 보안 위협요소와 기술 동향 분석," 보안공학연구논문지, 2013.04
  4. Google Compute Engine Incident #15056, https://status.cloud.google.com/incident/compute/15056#5719570367119360, (2016.07.06)
  5. Dave Barth, "Google Cloud Storage now provides server-side encruption," https://cloudplatform.googleblog.com/2013/08/googlecloud-storage-now-provides.html, Google Cloud Platform Blog (2016.07.06)
  6. 주정호 외, "클라우드 컴퓨팅 보안 위협에 대처한 저장장치 가상화 시스템 보안 요구 사항 제안," 보안공학연구논문지 Vol.11, No.6, 2014
  7. ITU-T Study Group 17, "Recommendation ITU-T X.1601 Security framework for cloud computing," 2015.10, available on http://handle.itu.int/11.1002/1000/12613
  8. ENISA, "ENISA threat Landscape 2015 (ETL 2015)," 2016.01, available on https://www.enisa.europa.eu/publications/etl2015
  9. 김홍연 외, "GLORY-FS: 대규모 인터넷 서비스를 위한 분산 파일 시스템." The Journal of The Korean Institute of Communication Sciences, 30.4 (2013.3): 16-22.
  10. Hadoop Project, http://hadoop.apache.org
  11. K. Shvachko et al., "The Hadoop Distributed File System." In Proceedings of the 2010 IEEE 26th Symposium on Mass Storage Systems and Technologies (MSST) (MSST '10). IEEE Computer Society, Washington, DC, USA, 1-10.
  12. OpenStack Swift, http://www.openstack.org
  13. 김진수, 김태웅, "OwFS: 대규모 인터넷 서비스 를 위한 분산 파일 시스템," 정보과학회지 27권 5호, 2009.05.
  14. GlusterFS, "Open source, distributed file system," http://www.gluster.org, March 2013.
  15. IETF, RFC5661, Network File System (NFS) Version 4 Minor Version 1 Protocol, Jan. 2010
  16. K Scarfone et al., "Guide to Storage Encryption Technologies for End User Devices," NIST Special Publication 800-111, Nov. 2007.
  17. 박정수, 배유미, 정성재. (2013.5). 클라우드 컴퓨팅을 위한 클라우드 스토리지 기술 분석. 한국정보통신학회논문지, 17(5), 1129-1137. https://doi.org/10.6109/jkiice.2013.17.5.1129
  18. Xuxian Jiang et al., "Stealthy malware detection and monitoring through VMM-based "out-of-the-box" semantic view reconstruction," ACM Trans. Inf. Syst. Secur.13, 2, Article 12 (March 2010), 28 pages.
  19. C. Benninger et al., "Maitland: Lighter-weight VM introspection to support cyber-security in the cloud," CLOUD'12, pages 471-478, June 2012.
  20. Wolfgang Richter, "Agentless cloud-wide monitoring of virtual disk state," In Proceedings of the 2014 workshop on PhD forum (PhD forum '14). ACM, New York, NY, USA, 15-16.
  21. W. Richter et al., "Agentless Cloud-Wide Streaming of Guest File System Updates," IC2'14, IEEE Computer Society, Washington, DC, USA.
  22. P. Puzio et al., "ClouDedup: Secure Deduplication with Encrypted Data for Cloud Storage." 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, Bristol, 2013, pp. 363-370.
  23. J. Stanek et al., "A secure data deduplication scheme for cloud storage." International Conference on Financial Cryptography and Data Security. Springer Berlin Heidelberg, 2014.
  24. N. Kaaniche and M. Laurent, "A Secure Client Side Deduplication Scheme in Cloud Storage Environments," 2014 6th International Conference on New Technologies, Mobility and Security (NTMS), Dubai, 2014, pp. 1-7.
  25. Mark W. Storer et al., "Secure data deduplication," In Proceedings of the 4th ACM international workshop on Storage security and survivability (StorageSS '08). ACM, New York, NY, USA, 1-10.
  26. Man-Ki Yoon et al., "PIFT: Predictive Information-Flow Tracking," In Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '16). ACM, New York, NY, USA, 713-725.
  27. C. Wang and Shiuhpyng Winston Shieh. "SWIFT: Decoupled System-Wide Information Flow Tracking and its Optimizations." Journal of Information Science and Engineering 31.4 (2015): 1413-1429.
  28. Christos Gkantsidis et al., "Rhea: automatic filtering for unstructured cloud storage," In Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation (nsdi'13), USENIX Association, Berkeley, CA, USA, 343-356.
  29. Dongyoung Koo et al., "Secure and efficient data retrieval over encrypted data using attribute-based encryption in cloud storage," Comput. Electr. Eng. 39, 1 (January 2013), 34-46. https://doi.org/10.1016/j.compeleceng.2012.11.002
  30. 허의남, "퍼스널 클라우드 보안 기술과 프라이버시," TTA 저널 no.139, 2012, 65-69.
  31. IEEE Security in Storage Working Group, "IEEE P1619/D16 Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices," IEEE Computer Society Committee, May 2007.
  32. E. Casey and Gerasimos J. Stellatos, "The impact of full disk encryption on digital forensics." ACM SIGOPS Operating Systems Review42.3 (2008): 93-98. https://doi.org/10.1145/1368506.1368519
  33. E. Casey et al. "The growing impact of full disk encryption on digital forensics," Digital Investigation 8.2 (2011): 129-134. https://doi.org/10.1016/j.diin.2011.09.005
  34. A. Bacs et al., "Slick: an intrusion detection system for virtualized storage devices," In Proceedings of the 31st Annual ACM Symposium on Applied Computing (SAC '16). ACM, New York, NY, USA, 2033-2040.
  35. Adam G. Pennington et al., "Storage-Based Intrusion Detection," ACM Trans. Inf. Syst. Secur. 13, 4, Article 30 (December 2010), 27 pages.
  36. Anjo Vahldiek-Oberwagner et al., "Guardat: enforcing data policies at the storage layer," In Proceedings of the Tenth European Conference on Computer Systems (EuroSys '15). ACM, New York, NY, USA, , Article 13, 16 pages.
  37. 은하수 외, "Outsourced Storage Auditing Scheme using Coefficient Matrix." 정보처리학회논문지 2.11 (2013): 483-488. https://doi.org/10.3745/KTCCS.2013.2.11.483
  38. 김태연, 조기환, "클라우드 컴퓨팅에서 동적 데이터 무결성을 위한 개선된 감사 시스템," 한국정보통신학회논문지 Vol.19, No.8, (2015.08): 1818-1824. https://doi.org/10.6109/jkiice.2015.19.8.1818
  39. Amazon S3, "Protecting Data Using Encryption," http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingEncryption.html (2016,07,06)
  40. 신재복 외, "클라우드 스토리지 서비스를 위한 ARM TrustZone 기반의 안전한 데이터 관리 기법," 대한임베디드공학회 추계학술대회, 2012. 11. 85-88.
  41. 백목련 외, "안전한 클라우드 스토리지를 위한 프라이버시 보장 자체 인증 공공 감사," 정보과학회논문지, 43(4), 497-508.
  42. 권오민, 윤현수, "클라우드 데이터 무결성 검증방법 조사," 한국정보과학회 학술발표논문집, 2013.6, 689-691.
  43. 신수연, 권태경, "손상 클라우드 식별 가능한 다중 클라우드 일괄 감사 기법에 관한 연구," 정보보호학회논문지 25(1), 2015.2, 75-82. https://doi.org/10.13089/JKIISC.2015.25.1.75
  44. C. Wang et al., "Privacy-Preserving Public Auditing for Secure Cloud Storage," in IEEE Transactions on Computers, vol. 62, no. 2, pp. 362-375, Feb. 2013. https://doi.org/10.1109/TC.2011.245
  45. M. Bakhtiari et al., "Secure Search Over Encrypted Data in Cloud Computing," Advanced Computer Science Applications and Technologies (ACSAT), 2013 International Conference on, Kuching, 2013, pp. 290-295.
  46. C. Liu et al., "Efficient Searchable Symmetric Encryption for Storing Multiple Source Data on Cloud," Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 451-458.
  47. K. Beer and R. Holland, "Securing Data at Rest with Encryption," Amazon Web Services, Nov. 2013.
  48. 신재복 외, "모바일 클라우드 스토리지 서비스에서의 데이터 보안을 위한 데이터 접근 제어 및 보안 키 관리 기법," 대한임베디드공학회논문지 8(6), 303-309. https://doi.org/10.14372/IEMEK.2013.8.6.303
  49. S. Alneyadi et al., "A survey on data leakage prevention systems," Journal of Network and Computer Applications 62, 2016, 137-152. https://doi.org/10.1016/j.jnca.2016.01.008
  50. D. Harnik et al, "Side channels in cloud services: Deduplication in cloud storage." IEEE S&P, 8(6) 2010, 40-47
  51. S. Keelveedhi et al., "DupLESS: server-aided encryption for deduplicated storage." 22nd USENIX Security Symposium (USENIX Security 13). 2013.
  52. S. Matsuda and S. Moriai, "Lightweight Cryptography for the Cloud: Exploit the Power of Bitslice Implementation," Cryptographic Hardware and Embedded Systems (CHES), 2012, 408-425
  53. S. Belguith et al., "Enhancing Data Security in Cloud Computing Using a Lightweight Cryptographic Algorithm," Eleventh International Conference on Autonomic and Autonomous Systems, 2015.
  54. Y. Chou et al., "Enforcing confidentiality in a SaaS cloud environment," Telecommunications Forum (TELFOR), 2011, 90-93.
  55. S. Rehman and R. Gautam, "Research on ACcess Control Techniques in SaaS of Cloud Computing," Security in Computing and Communications, Springer, 2014, 92-100.
  56. R. Wilkins and B. Richardson, "UEFI Secure Boot in Modern Computer Security Solutions," UEFI Forum, Sep. 2013.
  57. O. Khan et al., "Rethinking Erasure Codes for Cloud File Systems: Minimizing I/O for Recovery and Degraded Reads," USENIX FAST, 2012.
  58. P. Mell and T. Grance, "The NIST Definition of Cloud Computing," 2011, http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf
  59. Xingjie Yu et al., "Remotely wiping sensitive data on stolen smartphones," In Proceedings of the 9th ACM symposium on Information, computer and communications security (ASIA CCS '14). ACM, New York, NY, USA, 537-542.
  60. D. Birk and C. Wegener, "Technical Issues of Forensic Investigations in Cloud Computing Environments," Systematic Approaches to Digital Forensic Engineering (SADFE), 2011 IEEE Sixth International Workshop on, Oakland, CA, 2011, pp. 1-10.
  61. S. Alqahtany et al., "Cloud Forensics: A Review of Challenges, Solutions and Open Problems," Cloud Computing (ICCC), 2015 International Conference on, Riyadh, 2015, pp. 1-9.
  62. S. Zawoad et al., "Towards Building Forensics Enabled Cloud Through Secure Logging-as-a-Service," in IEEE Transactions on Dependable and Secure Computing, vol. 13, no. 2, pp. 148-162, March-April 1 2016. https://doi.org/10.1109/TDSC.2015.2482484
  63. T. Sang, "A Log Based Approach to Make Digital Forensics Easier on Cloud Computing," Intelligent System Design and Engineering Applications (ISDEA), 2013 Third International Conference on, Hong Kong, 2013, pp. 91-94.
  64. A. K. Mishra et al., "Cloud Forensics: State-of-the-Art and Research Challenges," Cloud and Services Computing (ISCOS), 2012 International Symposium on, Mangalore, 2012, pp. 164-170.
  65. S. Almulla et al., "A Distributed Snapshot Framework for Digital Forensics Evidence Extraction and Event Reconstruction from Cloud Environment," 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, Bristol, 2013, pp. 699-704.
  66. V. M. Katilu et al., "Challenges of Data Provenance for Cloud Forensic Investigations," Availability, Reliability and Security (ARES), 2015 10th International Conference on, Toulouse, 2015, pp. 312-317.
  67. 남궁재웅 외, "포렌식 관점의 파티션 복구 기법에 관한 연구," Journal of The Korea Institute of Information Security & Cryptology, 23(4), 2013.08, 655-665. https://doi.org/10.13089/JKIISC.2013.23.4.655
  68. S. Khan et al., "Cloud Log Forensics: Foundations, State of the Art, and Future Directions," ACM Computing Syrveys 49(1), Feb. 2016.
  69. NIST Cloud Computing Forensic Science Working Group IT Laboratory, "Draft NISTIR 8006, NIST Cloud Computing Forensic Science Challenges," NIST, 2014.
  70. 정일훈 외, "IaaS 유형의 클라우드 컴퓨팅 서비스에 대한 디지털 포렌식 연구," 정보보호학회논문지 21(6), 2011.12, 55-65.
  71. 김등화 외, "사설 클라우드 환경에서 수집된 VM 데이터의 무결성 입증과 관련 포렌식 도구의 신뢰성 검증," 정보보호학회논문지 23(2), 2013.4, 223-230. https://doi.org/10.13089/JKIISC.2013.23.2.223