• Journal of Korea Society of Digital Industry and Information Management
• /
• v.19 no.2
• /
• pp.39-46
• /
• 2023

The rise in popularity of cloud services has brought about a heightened concern for security in the field of cloud computing. As a response, governments have implemented CSAP(Cloud Security Assurance Program) to ensure the security of these services. However, despite such measures, the emergence of various security vulnerabilities persists, resulting in incidents related to cloud security breaches. To address this, the utilization of Common Vulnerabilities and Exposures (CVE) has been proposed as a means to facilitate the sharing of vulnerability information across different domains. Nevertheless, the unique characteristics of cloud services present challenges in assigning CVE IDs to the diverse range of vulnerabilities within the cloud environment. In this study, we analyzed how CVE can be effectively employed to enhance cloud security. The assignment of a CVE ID is contingent upon the fulfillment of three rules in the Counting Decision and five rules in the Inclusion Decision. Notably, the third rule in the Inclusion Decision, INC3, clashes with the nature of cloud services, resulting in obstacles in assigning CVE IDs to various cloud vulnerabilities. To tackle this issue, we suggest the appointment of designated individuals who would be responsible for overseeing specific areas of cloud services, thereby enabling the issuance of CVE IDs. This proposed approach aims to overcome the challenges associated with the unique characteristics of cloud services and ensure the seamless sharing of vulnerability information. Information sharing regarding vulnerabilities is crucial in the field of security, and by incorporating cloud vulnerabilities into the CVE system, this method can contribute to enhancing the security of cloud services.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.3
• /
• pp.685-703
• /
• 2024

Cloud computing provides each consumer with a large-scale computing tool. Different Cyber Attacks can potentially target cloud computing systems, as most cloud computing systems offer services to many people who are not known to be trustworthy. Therefore, to protect that Virtual Machine from threats, a cloud computing system must incorporate some security monitoring framework. There is a tradeoff between the security level of the security system and the performance of the system in this scenario. If strong security is needed, then the service of stronger security using more rules or patterns is provided, since it needs much more computing resources. A new way of security system is introduced in this work in cloud environments to the VM on account of resources allocated to customers are ease. The main spike of Fog computing is part of the cloud server's work in the ongoing study tells the step-by-step cloud server to change the tremendous measurement of information because the endeavor apps are relocated to the cloud to keep the framework cost. The cloud server is devouring and changing a huge measure of information step by step to reduce complications. The Medical Data Health-Care (MDHC) records are stored in Cloud datacenters and Fog layer based on the guard intensity and the key is provoked for ingress the file. The monitoring center sustains the Activity Log, Risk Table, and Health Records. Cloud computing and Fog computing were combined in this paper to review data movement and safe information about MDHC.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1377-1383
• /
• 2015

As the cloud services users' increase, there are important files created by individual in cloud storage. Thus, investigation of cloud artifact should be conducted. There are two methods of analyzing cloud service, one is that investigates cloud server provider (CSP), and another is that investigates client. In this paper, we presents an automated framework to detect the altered artifact and developes a tool that detects the cloud artifact. We also developed Cloud Artifact Tool that can investigate client computer. Cloud Artifact Tool provides feature of collection and analysis for the services such as Google Drive, Dropbox, Evernote, NDrive, DaumCloud, Ucloud, LG Cloud, T Cloud and iCloud.

• Journal of Convergence Society for SMB
• /
• v.5 no.1
• /
• pp.31-35
• /
• 2015

Cloud computing is internet-based computing technology. This is a form for exchanging service focused on the Internet. Because Cost is saved and use is easy there's a tendency that many companies are using. Cloud is in the form of a public cloud and private cloud and hybrid cloud. The service model is SaaS, PaaS, IaaS. Cloud computing use is simple but it has a security vulnerability. In particular, there is a vulnerability in virtualization and centralized information. In order to overcome this new security technology is to be developed. In particular, network security technology and authentication technology should be developed. Another way to overcome security responsibilities must be clearly and policies should be unified.

• Journal of Platform Technology
• /
• v.12 no.2
• /
• pp.3-11
• /
• 2024

In the trend of digital transformation and the increase in non-face-to-face services triggered by the Fourth Industrial Revolution, the demand for cloud computing services is being sharply stimulated. Currently, the cloud is being introduced in various industrial sectors including public, IT, and finance, and the manufacturing industry is also adopting the cloud to secure future sustainability and is promoting innovation through smart manufacturing. However, it has been found that there are constraints in the adoption of cloud by manufacturing companies due to concerns about security. Existing studies that have identified cloud security risks have been limited to presenting general cloud security risks or technical security risks rather than focusing on the manufacturing industry. Therefore, this study aimed to identify cloud security risks in the manufacturing industry based on the actual concerns in the field. For this, expert interviews and literature research were conducted to newly identify cloud security risks in the manufacturing industry, and the adequacy and urgency of the selected security risks were verified through surveys. Based on this study, if a cloud security management system for the manufacturing industry is designed in the future, it is expected that the adoption of cloud in the manufacturing industry will be more activated.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.31-38
• /
• 2024

Recent expansion in cloud service usage has heightened the importance of cloud security. The purpose of this study is to analyze current research trends in the field of cloud security and to derive implications. To this end, R&D project data provided by the National Science and Technology Knowledge Information Service (NTIS) from 2010 to 2023 was utilized to analyze trends in cloud security research. Fifteen core topics in cloud security research were identified using LDA topic modeling and ARIMA time series analysis. Key areas identified in the research include AI-powered security technologies, privacy and data security, and solving security issues in IoT environments. This highlights the need for research to address security threats that may arise due to the proliferation of cloud technologies and the digital transformation of infrastructure. Based on the derived topics, the field of cloud security was divided into four categories to define a technology reference model, which was improved through expert interviews. This study is expected to guide the future direction of cloud security development and provide important guidelines for future research and investment in academia and industry.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.337-346
• /
• 2012

According to cloud computing service is increasing of using the Internet technology, it's increasing privacy security risks and out of control of security threats. However, the current cloud computing service providers does not provide to solutions of the privacy security management. This paper discusses the privacy security management issue of cloud computing service, and propose solutions to privacy information threats in cloud computing environment.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.41-50
• /
• 2021

Cloud computing is one of the most expanding technologies nowadays; it offers many benefits that make it more cost-effective and more reliable in the business. This paper highlights the various benefits of cloud computing and discusses different cryptography algorithms being used to secure communications in cloud computing environments. Moreover, this thesis aims to propose some improvements to enhance the security and safety of cloud computing technologies.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.153-160
• /
• 2024

Information technology plays an important role in healthcare. The cloud has several applications in the fields of education, social media and medicine. But the advantage of the cloud for medical reasons is very appropriate, especially given the large volume of data generated by healthcare organizations. As in increasingly health organizations adopting towards electronic health records in the cloud which can be accessed around the world for various health issues regarding references, healthcare educational research and etc. Cloud computing has many advantages, such as "flexibility, cost and energy savings, resource sharing and rapid deployment". However, despite the significant benefits of using the cloud computing for health IT, data security, privacy, reliability, integration and portability are some of the main challenges and obstacles for its implementation. Health data are highly confidential records that should not be made available to unauthorized persons to protect the security of patient information. In this paper, we discuss the privacy and security requirement of EHS as well as privacy and security issues of EHS and also focus on a comprehensive review of the current and existing literature on Electronic health that uses a variety of approaches and procedures to handle security and privacy issues. The strengths and weaknesses of some of these methods were mentioned. The significance of security issues in the cloud computing environment is a challenge.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.181-186
• /
• 2022

Cloud computing is the latest approach that is developed for reducing the storage of space to store the data and helps the quick sharing of the data. An increase in the cloud computing users is observed that is also making the users be prone to hacker's attacks. To increase the efficiency of cloud storage encryption mechanisms are used. The encryption techniques that are discussed in this survey paper are searchable encryption, attribute-based, Identity-based encryption, homomorphic encryption, and cloud DES algorithms. There are several limitations and disadvantages of each of the given techniques and they are discussed in this survey paper. Techniques are found to be effective and they can increase the security of cloud storage systems.