Browse > Article

A Study of Security Risk Analysis for Public IaaS Cloud Certification  

Kim, Sun-Jib (한세대학교 IT학부 정보통신공학과)
Kim, Ki-Young (서일대학교 컴퓨터소프트웨어과)
Publication Information
Convergence Security Journal / v.15, no.5, 2015 , pp. 9-15 More about this Journal
Abstract
Cloud computing has emerged with promise to decrease the cost of server additional cost and expanding the data storage and ease for computer resource sharing and apply the new technologies. However, Cloud computing also raises many new security concerns due to the new structure of the cloud service models. Therefore, several cloud service certification system were performed in the world in order to meet customers need which is the safe and reliable cloud service. This paper we propose the new risk analysis method different compare with existing method for secure the reliability of certification considering public IaaS(Infrastructure as a Service) cloud service properties.
Keywords
Cloud Computing; Risk Analysis; Security; Certification;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 S.K.Eun, "Cloud Computing Security Technology Trends", Review of Korea Institute of Information Security and Cryptology, Vol.20, No2, pp.27-31, 2010.
2 신종회, "클라우드 보안 인증 스킴과 해결과제", 정보보호학회지, 제22권 제6호, pp29-33, 2012.
3 고갑승, "보안성이 강화된 클라우드 서비스 평가. 인증 체계에 관한 연구", 보안공학연구논문지, 제9권, 제6호, 2012.
4 정성재, 배유미, "클라우드 보안 위협요소와 기술동향 분석", 보안공학연구논문지, 제10권, 제2호, 2013.
5 Jon Brodkin, "Gartner:Seven Cloud-computing security risks," Network world, 2008.
6 https://cloudsecurityalliance.org/download/cloudcomputing-vulnerability-incidents-a-statisticaloverview
7 FedRAMP(The Federal Risk and AuthorizationManagement Program). http://www.fedramp.gov/resources/nist-publications/
8 https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
9 https://cloudsecurityalliance.org/research/security-guidance/
10 https://cloudsecurityalliance.org/download/cloud-controls-matrix-v3/
11 Kwang-Kyu Seo, "A Comparison Study of Korea and Japanese Cloud Service Certification Systems", The Journal of Digital Policy & Management, 2013.
12 NIST, "Managing Information Security Risk:organization, mission, and information system view SP800-39", National Institute of Standards and Technology(NIST), 2011.
13 ENISA. "Cloud Computing: benefits, riska and recommendations for information security", The European Network and Information Security Agency(ENISA), 2009.
14 Sameer Hasan Albakri, "Traditional Security Risk Assessment Methods in Cloud Computing Envrionment: Usability Analysis", IRICT(2014) 483-495, 2014.
15 P. Mell and T. Grance, "The NIST Definition of Cloud Computing(Draft)", SP 800-145.
16 Subashini, S., Kavitha, V., "A survey on security issues in service delivery models of cloud computing", Journal of Network and Computer Applications, 2010.
17 Wooley, P., "Identifying Cloud Computing Security Risks", University of Oregon, Master's Degree Program, 2011.
18 정성재, 배유미, "클라우드 보안 위협요소와 기술 동향 분석", 보안공학연구논문지, 제10권, 제2 호, 2013.