Browse > Article
http://dx.doi.org/10.20465/KIOTS.2020.6.3.031

A Study On The Cloud Hypervisor ESXi Security Vulnerability Analysis Standard  

Kim, Sun-Jib (Division of Information Technology, Hansei University)
Heo, Jin (Dept. of ICT Environmental Engineering, Hansei University)
Publication Information
Journal of Internet of Things and Convergence / v.6, no.3, 2020 , pp. 31-37 More about this Journal
Abstract
The cloud computing industry is regarded as a key element of the ICT industry and an important industry that will be a watershed for the future development of ICT industry. Korea has established the 1st~2nd cloud computing development basic plan to induce the growth of the cloud industry. However, the domestic information security guide provides technical vulnerability analysis criteria for Unix and Windows servers, DBMS, network equipment, and security equipment, but fails to provide vulnerability analysis criteria for hypervisors that are key elements of cloud computing. Organizations that have deployed cloud systems will be able to assist in vulnerability analysis using the criteria presented in this paper.
Keywords
Cloud; Hypervisor; ESXi;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J.Y.Kim, "Self-diagnosis of Suitability for the Introduction of Cloud Services in the Public Sector and a Guidebook for the Introduction of Each," TTA, p.15, 2016.
2 W.Y.Kang, "Recent Cloud Computing Service Trends," NET Term, p.22, 2013.
3 Gartner, 2019[Internet], https://www.gartner.com/en/newsroom/press-releases/2019-11-13-gartner-forecasts-worldwide-public-cloud-revenue-to-grow-17-percent-in-2020
4 Gartner, 2019[Internet], https://biz.chosun.com/site/data/html_dir/2019/04/03/2019040302058.html
5 S.W.Ahn, "Policy and Direction for Enabling Cloud Computing in Korea," SPRi, pp.1-6, 2019.
6 M.S.Kang, "Cloud Computing Market Trends and Prospects," KDB Monthly News, Vol.1, No.758, 2019.
7 "2019 Current State of Domestic Cloud Adoption," Bespin Global, p.19, 2019.
8 "State of Hybrid Cloud Security," FireMon, p.12, 2019.
9 "Untangling the Web of Cloud Security Threats," TrendMicro, p.34, 2020.
10 "Detailed Guide on the Analysis and Evaluation of Vulnerabilities in Major Information and Communication Infrastructure," KISA, p.3, 2017.
11 "ISMS-P Certification Criteria Guide," KISA, p.175, 2019.
12 "Guide to Evaluation Criteria for Security Vulnerability of Electronic Financial Infrastructure," FSI p.11, 2020.
13 "Ministry of Science and ICT public notice 2017-7," MSIT, 2017.
14 "International Standard ISO/IEC 27017," ISO/IEC p.26, 2015.
15 "Cloud Security Guide," KISA, p.49, 2017.
16 ETNews, 2019[Internet], https://m.etnews.com/20190718000155