Browse > Article
http://dx.doi.org/10.13089/JKIISC.2012.22.1.141

A Study on Operating the IaaS Cloud Computing in view of Integrated Security Management System  

Choi, Ju-Young (Seoul Women's University Department of Information Security)
Park, Choon-Sik (Seoul Women's University Department of Information Security)
Kim, Myuhng-Joo (Seoul Women's University Department of Information Security)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.22, no.1, 2012 , pp. 141-153 More about this Journal
Abstract
In the recent years, various researches on the use cases of the cloud computing service have been achieved for its standardization. Notwithstanding, we need more additory effort to refine the operating mechanisms on the cloud computing environment. In this paper, we suggest an operating mechanism on IaaS cloud computing environment that is related to the integrated security management system. By using CloudStack 2.2.4 toolkit, we have built a test-bed for IaaS cloud computing service i.e., SWU-IaaS cloud computing environment. Through operating this hierarchical SWU-IaaS cloud computing environment, we have derived the attributes and the methods of its components. Its scenarios can be described in case of both normal state and abnormal state. At the end, a special scenario has been described when it receives a security event from the integrated security management system.
Keywords
Operating the IaaS Cloud Computing;
Citations & Related Records
연도 인용수 순위
  • Reference
1 P.Mell and T.Grance, "The NIST Definition of Cloud Computing, National Institute of Standards and Technology", National Institute of Standards and Technology, ver.15,9 pp. 1-2, July 2010.
2 Gartner, "Gartner Highlights Five Attributes of Cloud Computing", Available at: http://www.gartner.com/it/page.jsp?id=103501
3 박원환, "정보통합전산센터 스토리지 가상화 구축 사례", 클라우드 컴퓨팅과 스토리지 가상화 콘퍼런스 발표집, pp. 2-4, 2009년 9월.
4 ENISA, "Cloud Computing: Benefits, risks and recommendations for information security", European Network and Information Security Agency, pp. 14-16 , Nov. 2009.
5 Cloud Computing Use Cases Discussion Group, "Cloud Computing Use Cases White Paper", Version 4.0, 2 pp. 18-61 ,July 2010.
6 Michael Hogan, Fang Liu, Annie Sokol and Jin Tong, "NIST Cloud Computing Standards Roadmap", National Institute of Standards and Technology, SP 500-291, pp. 14-30, July 2011.
7 Renaud Bidou, "Security Operation Center Concepts & Implementation", Available at:http://www.iv2-technologies.com/SOCConceptAndImplementation.pdf
8 "정보보호시스템간 통합보안관리 시스템 개발", 정보통신부, pp. 21-30, 2001년 11월.
9 CloudStack. Available at: http://cloudstack.org/cloudstack.html
10 Lee Badger, Tim Grance, Robert Patt-Corner and Jeff Voas, "DRAFT Cloud Computing Synopsis and Recommendations", National Institute of Standards and Technology, SP800-146, pp. 7-1 - 7-8, May 2011.
11 Radhesh Balakrishnan, "Delivering IT as a Service", Cloud&Data center 2011, Microsoft, pp. 5-6, April 2011.
12 Ju-Young Choi, Hyung-Jong Kim, Choon-Sik Park and Myuhng-Joo Kim, "Integrated Security Management against the Weakness of Virtualization in Cloud Computing", The 4th International Conference on Convergence Technology and Information Convergence, pp. 17-23, July 2009.
13 Cloud.com, "Cloud.com CloudStack Installation Guide", Version 2.2.4-2.2.7, pp. 11-16, June 2011.
14 Karen Scarfone, Murugiah Souppaya and Paul Hoffman, "Guide to Security for Full Virtualization Technologies", National Institute of Standards and Technology, SP 800-125, pp. 2-1 - 2-8 ,January 2011.
15 Catbird Networks, "Virtualization Security : The Catbird Primer", pp. 3, September 2008.
16 이효, "가상화 기반의 클라우드 컴퓨팅", 한국정보보호학회 클라우드컴퓨팅연구회, pp. 4-14, 2009년 5월.
17 Citrix Systems, "Xen Architecture Overview", pp. 3-8, February 2008.
18 Christopher Clark, Keir Fraser, Steven Hand and Jakob Gorm Hanse, "Live Migration of Virtual Machines", NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2, NSDI USENIX Symposium, pp. 1-10, Jun 2005.
19 F. Hao, "Enhancing Dynamic Cloud-based Services using Network Virtualization", ACM VISA, pp. 37-44, August 2009.
20 J. Oberheide, "Empirical Exploitation of Live Virtual Machine Migration", Black-Hat Symposium, pp. 1-6, March 2008.