• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.10-13
• /
• 2016

정부는 K-ICT 클라우드 활성화를 위해 정부 3.0 클라우드 추진 계획을 발표하고 관련 제도와 법률을 제정하여 클라우드 서비스 도입을 위한 정책을 추진하고 있다. 그러나 공공 분야의 클라우드 컴퓨팅 도입은 기존의 법률, 제도, 관행의 통제로 인해 미미한 실정이다. 공공 기관의 클라우드 컴퓨팅 도입 활성화를 위해 중요한 부분은 클라우드 컴퓨팅의 성능과 품질 등에 대한 특성을 파악하는 것이다. 클라우드 컴퓨팅의 특성을 알아야만 적격의 클라우드 컴퓨팅 사업자 선정이 가능하게 된다. 유럽 연합(European Commission)에서는 클라우드 컴퓨팅의 특성을 서비스 성능과 품질에 대한 일반특성, 기술성, 경제성으로 분류하고 있다. 그러나 클라우드 도입을 위한 설계 시 공공 기관 담당자는 클라우드 특성의 각 부문별 하위 항목에 대한 상세한 내용과 수준까지 객관적으로 평가하기 어렵다. 이러한 문제를 해결하고자 본 연구는 클라우드 컴퓨팅의 성능과 품질 및 기술 특성을 파악하여 각 특성에 대한 가중치를 구하고 우선순위 측정을 통해 사업자 선정을 위한 평가 기준으로 적용하는 기법을 제안한다.

• Review of KIISC
• /
• v.24 no.6
• /
• pp.31-36
• /
• 2014

클라우드 컴퓨팅 서비스는 자원 공유와 가상화 기술 및 자원의 서비스화 등 기존 컴퓨팅 환경과 다른 특성으로 인해 클라우드 컴퓨팅 환경에 적합한 식별/접근제어 기술 및 보안 통제 사항이 요구된다. 그러므로 기존 컴퓨팅 자원을 클라우드 컴퓨팅 환경으로 변경하는 서비스 제공자나 클라우드 서비스로 이동하는 서비스 사용자는 특정한 보안 요건을 검토해야 한다. Cloud Security Alliance에서 배포한 Cloud Control Matrix와 ISO/IEC 27001을 비교 분석하여, 클라우드 컴퓨팅 환경에서 특별히 요구되는 식별 및 접근제어의 보안 통제 요건을 확인하였다. 또한, 주요 클라우드 컴퓨팅 서비스인 아마존의 AWS, 구글의 Google Cloud Platform과 VMware의 vCloud 서비스의 식별 및 접근제어 기술을 조사하였다. 이를 기반으로 클라우드 컴퓨팅 환경의 식별 및 접근제어 기술에서 필요한 보안 요건을 확인하였다.

• The Journal of Society for e-Business Studies
• /
• v.17 no.1
• /
• pp.111-136
• /
• 2012

The global recession has made it more difficult for companies to invest in IT, and they are increasingly aware of the environmental costs of so doing. In these circumstances, cloud computing has emerged as a new paradigm in the business IT sector. Governments, institutes and companies around the world, as well as specifically in Korea since 2009, have turned to this model of providing IT resources. This study is concerned to identify those characteristics of cloud computing that affect its introduction on a company's part; it offers a theoretical framework describing cloud services and seeks to establish causal linkages between antecedent factors and a company's introduction and application of this form of IT provision. The features of cloud computing in particular contexts that the study selected for analysis were its scalability, speed, security, potential compatibility with existing services, efficiency, economic feasibility, dependency and credibility. The study thus related these to whether or not cloud computing was adopted, verifying adjustment effects for cloud services. On the basis of a survey of enterprise IT decision-makers, it emerged through a statistical analysis of correlations that cloud computing's efficiency, economic feasibility and credibility had an effect on its introduction. This study's results should be of use to vendors and potential purchasers of cloud computing services. It is one of the first pieces of research on cloud computing from the customer perspective, based on the perceived characteristics of cloud services as they are seen and valued by users.

• The Journal of Society for e-Business Studies
• /
• v.16 no.1
• /
• pp.71-100
• /
• 2011

There are expectations about future internet technology with IT development by end-users. Cloud computing is attracted to satisfy those demands. However, adoption of cloud computing is not active that much. Therefore, this study verified how cloud computing environment affects performance of team project. We conducted empirical study on performance of team project with cloud computing as technology tool focusing on Task-Technology Fit Model. We collected samples that were undergraduate and graduate school students and had experience on initial cloud computing such as Google-Docs and Webhard when they conducted team project for assignment. We focused on accessibility and reliability as task-technology fit and those variables treated as first order factor. Result showed that cloud computing is suitable technology tool for team project. This study suggests positive effects of cloud computing for collaboration by proving perceived fit and performance in initial cloud computing.

• Review of KIISC
• /
• v.22 no.7
• /
• pp.46-53
• /
• 2012

클라우드 컴퓨팅의 보안 위험에 대한 여러 연구 결과들을 분석해 보고 퍼블릭 클라우드 컴퓨팅의 여러 비즈니스 모델의 특성을 기반으로 재분류를 통해 퍼블릭 클라우드 컴퓨팅 사용 기업이 고려해야 할 보안 위험과 대응에 대해 고찰하고자 한다.

• Journal of Platform Technology
• /
• v.9 no.2
• /
• pp.10-25
• /
• 2021

Although many studies have been conducted on risk analysis and evaluation in the on-premises environment in information security, studies on effective methodologies of risk analysis and evaluation for cloud computing systems are lacking. In 2015, the Cloud Computing Development Act was enacted, which served as an opportunity to promote the introduction of cloud computing. However, due to the increase in security incidents in the cloud computing system, activation is insufficient. In addition, the cloud computing system is not being actively introduced because of the difficulty in understanding the cloud computing system technology of the person in charge who intends to introduce the cloud computing system. In this regard, this study presented an effective risk analysis and evaluation method by examining the characteristics, concepts, and models of cloud computing systems and analyzing how these characteristics affect risk analysis and evaluation.

• Review of KIISC
• /
• v.20 no.2
• /
• pp.56-64
• /
• 2010

클라우드 컴퓨팅은 혼돈의 시기를 지나 그 실체가 점차 분명해 지고 있으나 그 기능과 역할 및 도입 방식이나 문제점을 논하는 세부적인 부분에서는 논쟁 거리가 적지 않다. 본 기고에서는 조직의 특성과 관계 없이 서비스 유틸리티로서 클라우드 컴퓨팅의 가치에 초점을 두고, 현재 널리 공감대를 얻어가고 있는 클라우드 컴퓨팅의 정의, 배포 및 배치 방식, 아키텍처 등을 정리하고 실제 적용 가능한 도입 시나리오 및 도입시의 고려 사항으로 법제 규정과 보안 등의 관련 문제를 폭넓게 다룸으로서, 클라우드 컴퓨팅의 기본 가치에 대한 공통된 이해의 대해 살펴보고자한다.

• KIISE Transactions on Computing Practices
• /
• v.22 no.8
• /
• pp.345-350
• /
• 2016

Cloud computing services have different characteristics from the traditional computing environment such as resource sharing, virtualization, etc. These characteristics of cloud computing environment necessitate specific properties such as user identify, access control, security control property, etc. Recently, Yoo proposed an attribute-based authentication scheme for secure cloud computing. However, Yoo's authentication scheme is vulnerable to customer attack and an adversary can modify the authentication request message. In this paper, we propose a secure and efficient attribute-based authentication scheme for cloud computing based on Yoo's scheme.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.3
• /
• pp.1408-1416
• /
• 2011

Cloud computing provides not only cost savings and efficiencies for computing resources, but the ability to expend and enhance services. However, cloud service users(enterprisers) are very concerned about the risks created by the characteristics of cloud computing. In this paper, we discuss major concerns about cloud computing environments including concerns regarding security. We also analyze the security concerns specifically, identify threats to cloud computing, and propose general countermeasures to reduce the security risks.

• The Journal of the Korea Contents Association
• /
• v.20 no.4
• /
• pp.564-570
• /
• 2020

The development of cloud computing service technologies plays a particularly important role in the enterprise. The introduction of cloud computing services by companies is also contributing to the improvement of market value and changes in corporate earnings. In this study, we demonstrated the importance of priorities by selecting sub-items that can be evaluated by separating the expected characteristics of efficiency, economics, and dependencies when introducing cloud computing services. The main priority items were selected based on prior research and the survey was conducted by IT system experts. Using AHP analysis method, the results of performing a double contrast bridge resulted in the final priority. The findings will later be used as important data to determine an enterprise's decision to accept cloud computing services.