• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.109-115
• /
• 2023

The future outlook for defense faces various and challenging environments such as the acceleration of uncertainty in the global security landscape and limitations in domestic social and economic conditions. In response, the Ministry of National Defense seeks to address the problems and threats through defense innovation based on scientific and technological advancements such as artificial intelligence, drones, and robots. To introduce advanced AI-based technology, it is essential to integrate and utilize data on IT environments such as cloud and 5G. However, existing traditional security policies face difficulties in data sharing and utilization due to mainly system-oriented security policies and uniform security measures. This study proposes a paradigm shift to a data value-based security policy based on theoretical background on data valuation and life-cycle management. Through this, it is expected to facilitate the implementation of scientific and technological innovations for national defense based on data-based task activation and new technology introduction.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.155-160
• /
• 2013

The global recession circumstances, cloud computing has emerged as a new paradigm in the business IT sector. This paper explores the analysis of cloud service adoption Intension of Korean firms. Especially, we focus on Infrastructure as a Service (IaaS) among cloud services and apply TAM (Technology Acceptance Model) and VAM (Value-based Adoption Model) to analyze cloud service adoption intension The proposed exploratory model tests a number of hypotheses to understand the importance factors of IaaS adoption intension with TAM and VAM included additional cloud service characteristics such as scalability, agility, security, efficiency and reliability. Eventually, the findings of this study can not only help company users gain insights into IaaS adoption, but also help cloud service providers to develop their service effectively and improve marketing strategy in B2B cloud service market.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.6
• /
• pp.189-196
• /
• 2023

Today, in the era of the 4th industrial revolution based on the paradigm of hyper-connectivity, super-intelligence, and superconvergence, the remote work environment is becoming central based on technologies such as mobile, cloud, and big data. This remote work environment has been accelerated by the demand for non-face-to-face due to COVID-19. Since the remote work environment can perform various tasks by accessing services and resources anytime and anywhere, it has increased work efficiency, but has caused a problem of incapacitating the traditional boundary-based network security model by making the internal and external boundaries ambiguous. In this paper, we propse a method to improve the limitations of the traditional boundary-oriented security strategy by building a security model centered on core components and their relationships based on the zero trust idea that all actions that occur in the network beyond the concept of the boundary are not trusted.

• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.53-58
• /
• 2013

Due to the wide spread of the perception of cloud computing, the usage of cloud computing is increasing globally. Cloud computing is able to converge the various industrial domains based on ICT and it is more and more popular because it has a lot of benefits such as cost savings etc. in global economic recession. However, if cloud computing service is to achieve its potential, it is necessary to clearly understand the critical issues such as service security, performance and availability and so on from the perspectives of the providers and the consumers of the cloud service. In addition, customers focus on how to get and use the safe and reliable cloud service. In order to meet these problems, Korea cloud service certification system and Japanese ASP-SaaS-Cloud certification system were performed in each country. This paper aims at comparing and analyzing between them and describing the difference. Eventually, we propose the improvement strategy of Korea cloud service certification system based on the comparison results between them.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.59-65
• /
• 2012

The evolution of cloud computing service over the recent years is potentially one of the major advances in information and communication technology. However, if cloud computing service is to achieve its potential, there needs to be a clear understanding of the various issues such as service security, performance and availability and so on, both from the perspectives of the providers and the consumers of the cloud service. As more and more information on individuals, companies and public sectors are placed in the cloud service, concerns are beginning to grow about just how safe and reliable an environment it is. In order to overcome these situations, the Korea cloud service certification system and U.S. FedRAMP were performed in each country. This paper aims at comparing and analyzing between Korean cloud service certification systems and U.S. FedRAMP and describing the difference between them. Eventually, we propose the improvement strategy of Korea cloud service certification systems based on the comparison results between them.

• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.215-223
• /
• 2013

As cloud computing is activated, a variety of cloud services are being distributed. However, to use each different cloud service, you must perform a individual user authentication process to service. Therefore, not only the procedure is cumbersome but also due to repeated authentication process performance, it can cause password exposure or database overload that needs to have user's authentication information each cloud server. Moreover, there is high probability of security problem that being occurred by phishing attacks that result from different authentication schemes and input scheme for each service. Thus, when you want to use a variety of cloud service, we proposed OpenID based user authentication scheme that can be applied to a multi-cloud environment by the trusted user's verify ID provider.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.393-399
• /
• 2013

Recently, the quantity and type of data that is being processed in cloud environment are varied. A method for easy access in different network in a heterogeneous environment of big data stored in the device is required. This paper propose security management method for smoothly access to big data in other network environment conjunction with attribute information between big data and user. The proposed method has a high level of safety even if user-generated random bit signal is modulated. The proposed method is sufficient to deliver any number of bits the user to share information used to secure recognition. Also, the security awareness information bit sequence generated by a third party to avoid unnecessary exposure value by passing a hash chain of the user anonymity is to be guaranteed to receive.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.557-559
• /
• 2022

The use of open source has the advantage that the development environment is convenient and maintenance is easier, but there is a limitation in that it is easy to be exposed to vulnerabilities from a security point of view. In this regard, the LOG4J vulnerability, which is an open source logging library widely used in Apache, was recently discovered. Currently, the risk of this vulnerability is at the 'highest' level, and developers are using it in many systems without being aware of such a problem, so there is a risk that hacking accidents due to the LOG4J vulnerability will continue to occur in the future. In this paper, we analyze the LOG4J vulnerability in detail and propose a SNORT detection policy technology that can detect vulnerabilities more quickly and accurately in the security control system. Through this, it is expected that in the future, security-related beginners, security officers, and companies will be able to efficiently monitor and respond quickly and proactively in preparation for the LOG4J vulnerability.

• Journal of Digital Convergence
• /
• v.12 no.6
• /
• pp.341-347
• /
• 2014

Among methods of the big data process, big data process under the cloud environment is becoming a main topic. As part of solving faced problem and strengthening industrial competitiveness in the medical and health industry, discussion on ways to activate big data is actively being conducted. Because the reason is a paradigm shift, saving pressure for increasing health care costs, and increased consumer interest for the level of service. In this paper, we find out the relationship between the cloud and big data. And we are to research and analysis a cloud-based big data case in the medical field. Finally we propose the efficient utilization and future outlook. For the smooth functioning of cloud-based medical big data, we have to solve the problems like infrastructure extension, analysis/application software development, and professional manpower training. In addition, we have to correct insufficient laws maintenance to the Cloud utilization, and improve the security and the recognition to personal information, and solve authority for data centralization.

• Journal of Digital Convergence
• /
• v.12 no.3
• /
• pp.237-242
• /
• 2014

Recently, wind energy is expanding to combination of computing to forecast of wind power generation as well as intelligent of wind powerturbine. Wind power is rise and fall depending on weather conditions and difficult to predict the output for efficient power production. Wind power is need to reliably linked technology in order to efficient power generation. In this paper, distributed power generation forecasts to enhance the predicted and actual power generation in order to minimize the difference between the power of distributed power short-term prediction model is designed. The proposed model for prediction of short-term combining the physical models and statistical models were produced in a physical model of the predicted value predicted by the lattice points within the branch prediction to extract the value of a physical model by applying the estimated value of a statistical model for estimating power generation final gas phase produces a predicted value. Also, the proposed model in real-time National Weather Service forecast for medium-term and real-time observations used as input data to perform the short-term prediction models.