• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.185-187
• /
• 2012

최근 클라우드 컴퓨팅 기술은 기존의 서버, 데스크톱 컴퓨팅 환경을 빠르게 변화시키며, 차세대 인터넷 서비스의 핵심 분야로 부각되고 있다. 클라우드 컴퓨팅 기술 중 특히 저비용, 안정성, 확장성, 무결성 그리고 보안성을 가지고 있는 클라우드 스토리지 서비스가 각광 받고 있다. 이에 본 논문은 클라우드 스토리지 기반 기술인 분산 파일 시스템에 관해서 살펴보고, 오픈소스 기반의 분산 파일 시스템인 MooseFS, XtreemFS, GlusterFS, Ceph 등을 이용하여 시스템 구축 및 성능 측정을 수행 하였다. 수행결과 Postmark에서는 GlusterFS, MD5SUM에서는 XtreemFS가 가장 좋은 성능을 보여주었다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.1
• /
• pp.243-250
• /
• 2019

In this paper, we develop a Secure File Management Security(: SFMS) based on media in a cloud environment to encrypt and decrypt cloud data on a computer using a Bluetooth - based cryptographic module. The Bluetooth cipher module makes it easy to browse files stored in the cloud, but it is never possible to browse without a module. It is a solution that fundamentally blocks the problems such as hacking and leakage of personal data that have recently become an issue.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.337-346
• /
• 2012

According to cloud computing service is increasing of using the Internet technology, it's increasing privacy security risks and out of control of security threats. However, the current cloud computing service providers does not provide to solutions of the privacy security management. This paper discusses the privacy security management issue of cloud computing service, and propose solutions to privacy information threats in cloud computing environment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.913-916
• /
• 2011

공공 클라우드 컴퓨팅 환경은 대부분 사용자가 직접 데이터를 보유하지 않고 데이터 센터의 논리적으로 분리된 저장 공간에 데이터가 존재하는 환경이기 때문에 데이터의 유효한 보안은 매우 중요하다. 더군다나 데이터 센터 내에 위치한 기밀데이터를 사용자 사이에 공유하고자 하는 경우에 안전한 공유기법이 제공되어야 한다. 본 논문에서는 공공 클라우드 컴퓨팅 환경에서 계약된 신뢰 모델을 기반으로 안전한 기밀 데이터 공유 방법을 제안한다. 공공 클라우드에서 사용자에게 데이터 제어권을 두고, 클라우드 서비스 제공자는 단지 데이터를 저장, 검색, 전송하는 프록시(Proxy) 서버 역할을 하게하여 증가하는 데이터 공유와 협업을 위한 데이터 공유 기법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.11a
• /
• pp.380-382
• /
• 2020

네트워크에 존재하는 저장 공간을 필요에 따라 유연하게 대여하여 사용할 수 있는 클라우드 스토리지 서비스는 데이터의 일관성 유지, 저렴한 유지관리 비용 등 여러 장점에 힘입어 널리 활용되고 있다. 하지만 클라우드 시스템은 데이터 소유자에 의한 관리가 이루어지지 않으므로 민감한 데이터의 노출에 의한 피해 또한 다수 발생하고 있는데, 이를 해결하기 위하여 암호화 등을 통한 프라이버시 보존을 위한 연구가 꾸준히 진행되고 있다. 본 연구에서는 프라이버시가 보존된 상태에서 클라우드에 저장된 데이터를 검색함에 있어, 대수적 난제에 근거를 둔 접근 제어 기능을 내포한 소프트웨어 기반의 검색 가능한 암호화 (searchable encryption) 기법과 최근 많은 관심을 받고 있는 하드웨어 기반 클라우드 데이터 검색의 효율성 및 기능에 대한 비교 분석을 수행한다. 이를 통하여 하드웨어 기반 기법의 활용을 통한 성능 향상 가능성을 확인하고 잠재적 보안 위협을 검토한다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.10
• /
• pp.339-346
• /
• 2016

1 person media is becoming the leading trend among several media in the Internet era exploiting the individual desire of showing off. But, the vast accessibility of Internet produces the worry about privacy risk, which concludes in the increasement of closed SNS. In this paper, we propose a system based on PWW (Person Wide Web) where a person is producing a media and share it with other persons. PWW is an information system which consists of a smart-phone, mobile anchors, a standard web document, and his own cloud storage. An information consumer gets the link using his smart-phone from the mobile anchors attached on the objects in the field. The web browser in the smart-phone obtains the web documents designated by the link and presents it. We also explains the 1 person media system based on PWW and presents the example utilized in the field. We compared and analyzed the security factor of the system based on between WWW and PWW, and concluded that PWW is better than WWW in the aspect of security.

• Smart Media Journal
• /
• v.12 no.7
• /
• pp.27-42
• /
• 2023

The development of cloud services and IoT technology has radically changed the cloud environment, and has evolved into a new concept called fog computing and F2C (fog-to-cloud). However, as heterogeneous cloud/fog layers are integrated, problems of access control and security management for end users and edge devices may occur. In this paper, an F2C-based IoT smart health monitoring system architecture was designed to operate a medical information service that can quickly respond to medical emergencies. In addition, a role-based service access control technology was proposed to enhance the security of user's personal health information and sensor information during service interoperability. Through simulation, it was shown that role-based access control is achieved by sharing role registration and user role token issuance information through blockchain. End users can receive services from the device with the fastest response time, and by performing service access control according to roles, direct access to data can be minimized and security for personal information can be enhanced.

• Journal of Convergence for Information Technology
• /
• v.8 no.3
• /
• pp.79-84
• /
• 2018

Cloud services are readily available through a variety of media, attracting a lot of attention from users. However, there are various security damages that abuse the privacy of users who use cloud services, so there is not enough technology to prevent them. In this paper, we propose a protection model to safeguard user's privacy in a cloud environment so as not to illegally exploit user's privacy. The proposed model randomly manages the user's signature to strengthen the role of the middle manager and the cloud server. In the proposed model, the user's privacy information is provided illegally by the cloud server to the user through the security function and the user signature. Also, the signature of the user can be safely used by bundling the random number of the multiplication group and the one-way hash function into the hash chain to protect the user's privacy. As a result of the performance evaluation, the proposed model achieved an average improvement of data processing time of 24.5% compared to the existing model and the efficiency of the proposed model was improved by 13.7% than the existing model because the user's privacy information was group managed.

• Smart Media Journal
• /
• v.12 no.2
• /
• pp.66-75
• /
• 2023

Recently, the number of cloud web applications is increasing owing to the accelerated migration of enterprises and public sector information systems to the cloud. Traditional network attacks on cloud web applications are characterized by Denial of Service (DoS) attacks, which consume network resources with a large number of packets. However, HTTP DoS attacks, which consume application resources, are also increasing recently; as such, developing security technologies to prevent them is necessary. In particular, since low-bandwidth HTTP DoS attacks do not consume network resources, they are difficult to identify using traditional security solutions that monitor network metrics. In this paper, we propose a new detection model for detecting HTTP DoS attacks on cloud web applications by collecting the application metrics of web servers and learning them using machine learning. We collected 18 types of application metrics from an Apache web server and used five machine learning and two deep learning models to train the collected data. Further, we confirmed the superiority of the application metrics-based machine learning model by collecting and training 6 additional network metrics and comparing their performance with the proposed models. Among HTTP DoS attacks, we injected the RUDY and HULK attacks, which are low- and high-bandwidth attacks, respectively. As a result of detecting these two attacks using the proposed model, we found out that the F1 scores of the application metrics-based machine learning model were about 0.3 and 0.1 higher than that of the network metrics-based model, respectively.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.15 no.3
• /
• pp.7-15
• /
• 2019

Cloud computing markets are rapidly growing as cost savings and business innovation are being carried out through ICT worldwide. In line with this paradigm, the nation is striving to introduce cloud computing in various areas, including the public sector and defense sector, through various research. In the defense sector, DIDC was established in 2015 by integrating military, naval, air and military computing centers, and it provides cloud services in the form of IaaS to some systems in the center. In DIDC and various future cloud defense systems, It is an important issue to ensure availability in cloud defense systems in the defense sector because system failures such as network delays and system resource failures are directly linked to the results of battlefields. However, ensuring the highest levels of availability for all systems in the defense cloud can be inefficient, and the efficiency that can be gained from deploying a cloud system can be reduced. In this paper, we classify and define the level of availability of defense cloud systems step by step, and propose the strategy of introducing Erasure coding and failure acceptance systems, and disaster recovery system technology according to each level of availability acquisition.