• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.203-212
• /
• 2013

Recently, cloud computing is one of the parts showing the biggest growth in the IT market and is expected to continue to grow into. Especially, many companies are adopting virtual desktop infrastructure as private cloud computing to achieve in saving the cost and enhancing the efficiency of the servers. However, current digital forensic investigation methodology of cloud computing is not systematized scientifically and technically. To do this, depending on the type of each cloud computing services, digital evidence collection system for the legal enforcement should be established. In this paper, we focus on virtual desktop infrastructure as private cloud computing and introduce the most widely used around the world desktop virtualization solutions of VMware, Citrix, and Microsoft. And We propose digital forensic investigation methodology for private cloud computing that is constructed by these solutions.

• The Journal of the Convergence on Culture Technology
• /
• v.5 no.1
• /
• pp.219-225
• /
• 2019

Today, in the era of the 4th Industrial Revolution, the cloud computing sector has advantages for cost reduction and efficiency of work, but problems related to privacy may arise. Therefore, the law on the development of cloud computing and user protection should be improved to enable providers of cloud computing services to proactively identify whether or not they contain their personal information, or to take steps to protect their privacy. And this same law is desirable to improve the implementation of a national mandatory certification system for privacy protection systems for cloud computing businesses. This same law is also desirable that cloud computing service providers create direct accountability for privacy breaches and appropriate scope for those responsibilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.251-265
• /
• 2013

Cloud computing provided as a service type by sharing IT resources cannot be activated unless the issue of information security is solved. The enterprise attempts to maximize the efficiency of information and communication resources by introducing cloud computing services. In comparison to the United States and Japan, however, cloud computing service in korea has not been activated because of a lack of confidence in the security. This paper suggests core evaluation criteria and added evaluation criteria which is removed the redundancy of the security controls from existing ISMS for Korean cloud computing through a comparative analysis between domestic and foreign security controls of cloud certification scheme and guidelines and information security management system. A cloud service provider certified ISMS can minimize redundant and unnecessary certification assessment work by considering added evaluation criteria.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.16 no.4
• /
• pp.141-152
• /
• 2013

The applications and concerned technologies of cloud computing services, one of major trends in the information communication technology, are widely progressing and advancing. OpenStack, one of open source cloud computing platforms, is comprised of several service components; using these, it can be possible to build public or private cloud computing service for a given target application. In this study, a remote sensing image analysis processing service on cloud computing environment has designed and implemented as an operational test application in the private cloud computing environment based on OpenStack. The implemented service is divided into instance server, web service, and mobile app. A instance server provides remote sensing image processing and database functions, and the web service works for storage and management of remote sensing image from user sides. The mobile app provides functions for remote sensing images visualization and some requests.

• Journal of Convergence for Information Technology
• /
• v.11 no.7
• /
• pp.7-13
• /
• 2021

Recently, due to the many features and advantages of cloud computing, cloud service is being introduced to countless industries around the world at an unbelievably rapid pace. With the rapid increase in the introduction of multi-cloud based services, security vulnerabilities are increasing, and the risk of data leakage from cloud computing services are also expected to increase. Therefore, this study will propose an AWS Well-Architected based security architecture configuration method such as AWS standard security architecture, AWS shared security architecture model that can be applied for personal information security including cost effective of cloud services for better security in AWS cloud service. The AWS security architecture proposed in this study are expected to help many businesses and institutions that are hoping to establish a safe and reliable AWS cloud system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.295-303
• /
• 2023

As the cloud computing market grows, a variety of cloud services are now reliably delivered. Administrative agencies and public institutions of South Korea are transferring all their information systems to cloud systems. It is essential to develop security solutions in advance in order to safely operate cloud services, as protecting cloud services from misuse and malicious access by insiders and outsiders over the Internet is challenging. In this paper, we propose a zero trust model for cloud storage services that store sensitive data. We then verify the effectiveness of the proposed model by operating a cloud storage service. Memory, web, and network forensics are also performed to track access and usage of cloud users depending on the adoption of the zero trust model. As a cloud storage service, we use Amazon S3(Simple Storage Service) and deploy zero trust techniques such as access control lists and key management systems. In order to consider the different types of access to S3, furthermore, we generate service requests inside and outside AWS(Amazon Web Services) and then analyze the results of the zero trust techniques depending on the location of the service request.

• Journal of KIISE
• /
• v.42 no.11
• /
• pp.1361-1371
• /
• 2015

Depending on the increase amongst various cloud services, the technology of the Cloud Service Broker (CSB) to find the most appropriate services to meet the needs of cloud service consumers has emerged. In order to advance for cloud services to be used through the CSB, it is important to ensure the quality level that meets the demands of consumers through a negotiation process based on the Service Level Agreement (SLA). However, quality metrics of cloud services are different from each other based on the measurement scale, which represents the quality level, and the calculation for each type of cloud services. Therefore, it is necessary to analyze the variability of the quality of cloud services and establish a SLA model for ensuring and improving the level of quality. In this paper, we analyze the quality metrics for the specific type of cloud services by applying the cross-cutting concept and propose a Virtual SLA (VSLA) meta-model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.8
• /
• pp.3203-3215
• /
• 2015

Due to the high growth of SNS population, service scalability is one of the critical issues to be addressed. The cloud environment provides the flexible computing and storage resources for services deployment, which fits the characteristics of scalable SNS deployment. However, if the SNS related information is not properly placed, it will cause unbalance load and heavy transmission cost on the storage virtual machine (VM) and cloud data center (CDC) network. In this paper, we characterize the SNS into a graph model based on the users' associations and interest correlations. The node weight represents the degree of associations, which can be indexed by the number of friends or data sources, and the link weight denotes the correlation between users/data sources. Then, based on the SNS graph, the two-step algorithm is proposed in this paper to determine the placement of SNS related data among VMs. Two k-means based clustering schemes are proposed to allocate social data in proper VM and physical servers for pre-configured VM and dynamic VM environment, respectively. The experimental example was conducted and to illustrate and compare the performance of the proposed schemes.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.181-196
• /
• 2014

Cloud computer technology currently provides diverse services based on a comprehensive environment ranging from hardware to solution, network and service. While the target of services has been extended from institutions and corporations to personal infrastructure and issues were made about security problems involved with protection of private information, measures on additional security demands for such service characteristics are insufficient. This paper proposes a multi-session authentication technique based on the characteristics of SaaS (Software as a Service) among cloud services. With no reliable authentication authority, the proposed technique reinforced communication sessions by performing key agreement protocol safe against key exposure and multi-channel session authentication, providing high efficiency of performance through key renewal using optimzied key table. Each formed sessions have resistance against deprivation of individual confirmation and service authority. Suggested confirmation technique that uses these features is expected to provide safe computing service in clouding environment.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.6 no.6
• /
• pp.377-382
• /
• 2011

This paper describes the method of data synchronization among devices for personal cloud services. Existing data synchronization for mobile devices is based on a central server to mobile devices or a PC to a mobile device. However, the purpose of this paper is to share user data in heterogeneous environments, without depending on central server. This technology can be applied to synchronize personal data between a device and a personal cloud storage for personal cloud services. The ad hoc synchronization needs a sync agent service discovery module, a user authentication module, a network adapter, and an application data synchronization module. The method described in this paper is better than existing synchronization technology based on client-server in availability, performance, scalability quality attributes.