Browse > Article
http://dx.doi.org/10.15207/JKCS.2018.9.12.061

Proposal of Network Security Solution based on Software Definition Perimeter for Secure Cloud Environment  

Cha, Wuk-Jae (Division of Research Planning Office, Genians,Inc)
Shin, Jae-In (Division of Research Planning Office, Genians,Inc)
Lee, Dong-Bum (Genians,Inc)
Kim, Hyeob (Division of Research Planning Office, Genians,Inc)
Lee, Dae-Hyo (Division of Research Planning Office, Genians,Inc)
Publication Information
Journal of the Korea Convergence Society / v.9, no.12, 2018 , pp. 61-68 More about this Journal
Abstract
As the smartphone and mobile environment develop, the time and space constraints for individual work performance are disappearing. Companies can reduce costs and expand their business quickly through cloud computing. As the use of various cloud expands, the boundaries of users, data, and applications are disappearing. Traditional security approaches based on boundaries (Perimeter) are losing their utility in the cloud environment. This paper describes the limitations of existing network access control (NAC) in a cloud environment and suggests network security technology that complements it. The study explains the SDP and combines SDP(Software Defined Perimeter) to overcome the limitations of NAC, while at the same time explaining its role as a new framework for supporting the cloud environment. The new framework proposed in this paper suggests a software-based network security solution that supports physical and software parts, providing identity-based access control, encrypted segment management, and dynamic policy management, not IP-based.
Keywords
SDx(Software-Defined Everything); Perimeter; Network Access Control; IoT(Internet of Things); Black Cloud;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 Korea IDG Report. what makes you hesitate to be applicate cloud security?
2 Take The Wheel: Build Your Cloud Computing Strategic Plan Now Strategic Plan: The Cloud Computing Playbook.
3 CLOUD SECURITY ALLIANCE(April 2014), Software Defined Perimeter Working Group, SDP Specification 1.0
4 Check Point, 2017 Global Cyber Attack Trends Report
5 Cyxtera, How to Overcome NAC Limitations.
6 Musa Abubakar Muhammad, Aladdin Ayesh, Pooneh Bagheri Zadeh,(2017). Developing an Intelligent Filtering Technique for Bring Your Own Device Network Access Control, the International Conference on Future Networks and Distributed System, No. 46. DOI : 10.1145/3102304.3105573.   DOI
7 Choi Eun-bok, Lee Sang-joon (2016). MAC Policy-based Access Control Mechanism for Cloud Convergence, Journal 7 of the Korean Convergence Society, 1-8.
8 Jung Yoon-soo, Han Gun-hee (2018). Effective access control techniques between different IoT devices in the cloud environment, Journal 9 of the[ Korean Convergence Society, No. 4, 57-63.
9 Kang Yong-hyuk, Kim Moon-jung, Han Moon-seok (2017), a study on the intrusion detection technique using software-defined networking techniques in wireless sensor networks, Journal 8 of the Korean Convergence Society, 51-57.   DOI
10 Jung Sung-jae, Bae Yu-mi, (2013). Analysis of cloud security threats and technology trends, Journal of Security Engineering Research, No. 10, No. 2, 199-212
11 Won-Bon Koo, Kab-Seung Kou, Jae-In Shin, Jae-goo Jeong&Young-Gi Min. (2013). A Study on Information Security Requirements Considering the Security Technical Aspects in Cloud Service. Journal of Security Engineering, 10(3), 355-370.
12 Kim Chang-soo, Jang Bong-im, Chung Hoi-kyung (2013). Analysis of cloud security threats and technology trends, Journal of Security Engineering Research, No. 10, No. 2, 199-212.
13 Ashish Singh & Kakali Chatterjee. (2017). Cloud security issues and challenges: A survey. Journal of Network and Computer Applications, 79, 88-115. DOI : 10.1016/j.jnca.2016.11.027.   DOI
14 Miss. Shakeeba S & Khan, Miss. Sakshi S. Deshmukh. (2017). Security in Cloud Computing Using Cryptographic Algorithms. Journal of Computer Science and Mobile Computing, 3, 517-525.
15 SalmanIqbal. Miss Laiha Mat Kiah. Babak Dhaghighi. Muzammil Hussain. Suleman Khan. Muhammad Khurram Khan. Kim-Kwang Raymond Choo. (2016). On cloud security attacks: A taxonomy and intrusion detection and prevention as a service. Journal of Network and Computer Applications, 74, 98-120. DOI : 10.1016/j.jnca.2016.08.016.   DOI