• 정보보호학회논문지
• /
• 제25권6호
• /
• pp.1377-1383
• /
• 2015

클라우드 서비스 이용자의 증가로 클라우드 스토리지상에 개인이 생성한 중요한 파일이 다수 존재한다. 즉, 클라우드 사용 흔적은 주요 증거가 될 수 있기에 조사할 필요성이 있다. 클라우드 서비스를 조사하는 방법에는 스토리지 서버 공급자(CSP:Cloud Service Provider)를 이용하여 조사하는 방법과 클라이언트를 조사하는 방법이 있다. 이 중 본 논문에서는 클라이언트 컴퓨터를 조사할 수 있는 도구(Cloud Artifact)를 개발하였다. Cloud Artifact는 Google Drive, Dropbox, Evernote, N드라이브, Daum 클라우드, Ucloud, LG Cloud, T 클라우드, iCloud 9가지 클라우드 서비스 아티팩트를 수집 및 분석한다.

• International Journal of Computer Science & Network Security
• /
• 제24권1호
• /
• pp.140-150
• /
• 2024

Database-as-a-Service is one of the prime services provided by Cloud Computing. It provides data storage and management services to individuals, enterprises and organizations on pay and uses basis. In which any enterprise or organization can outsource its databases to the Cloud Service Provider (CSP) and query the data whenever and wherever required through any devices connected to the internet. The advantage of this service is that enterprises or organizations can reduce the cost of establishing and maintaining infrastructure locally. However, there exist some database security, privacychallenges and query performance issues to access data, to overcome these issues, in our recent research, developed a database security model using a deterministic encryption scheme, which improved query execution performance and database security level.As this model is implemented using a deterministic encryption scheme, it may suffer from chosen plain text attack, to overcome this issue. In this paper, we proposed a new model for cloud database security using nondeterministic encryption, order preserving encryption, homomorphic encryptionand database distribution schemes, andour proposed model supports execution of queries with equality check, range condition and aggregate operations on encrypted cloud database without decryption. This model is more secure with optimal query execution performance.

• 한국시뮬레이션학회논문지
• /
• 제23권4호
• /
• pp.143-150
• /
• 2014

클라우드 컴퓨팅은 가정과 비즈니스 컴퓨팅에 있어 빠르게 확산되고 있다. 이러한 변화에 따라 수년 내에 다양한 클라우드 서비스를 제공하는 클라우드 서비스 공급자의 수가 폭발적으로 증가할 것으로 예측된다. 하지만 클라우드는 하나의 독립체가 아니고 서로 단절되어 있는 많은 응용 프로그램(SaaS)과 기반시설(IaaS), 상이한 플렛폼 서비스(PaaS)들의 집합으로 볼 수 있다. 클라우드 중개방법(brokering mechanism)은 산재되어 있는 서비스들의 집합을 통합하고 편리하게 유용한 서비스를 다양한 사용자에게 제공할 수 있게 하기 때문에 서로 상이한 클라우드 시장을 하나의 통상적 서비스로 변환시키는데 있어 필수적이다. 따라서 CSBs(클라우드 서비스 중개자들)는 사용자와 CSP(클라우드 서비스 제공자)사이의 거리를 최소화하고 예약과 on-demand 서비스의 비용을 최소화하는 운영전략을 찾을 필요가 있다. 이를 위하여 본 연구에서는 클라우드 서비스의 비용과 품질을 최적화하기 위해 예약 접근법을 고려한 수리적 모형을 제안한다.

• International Journal of Computer Science & Network Security
• /
• 제23권5호
• /
• pp.65-72
• /
• 2023

Cloud Computing is one of the current research areas in computer science. Recently, Cloud is the buzz word used everywhere in IT industries; It introduced the notion of 'pay as you use' and revolutionized developments in IT. The rapid growth of modernized cloud computing leads to 24×7 accessing of e-resources from anywhere at any time. It offers storage as a service where users' data can be stored on a cloud which is managed by a third party who is called Cloud Service Provider (CSP). Since users' data are managed by a third party, it must be encrypted ensuring confidentiality and privacy of the data. There are different types of cryptographic algorithms used for cloud security; in this article, the algorithms and their security measures are discussed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권4호
• /
• pp.2198-2222
• /
• 2019

The cloud storage service becomes a rising trend based on the cloud computing, which promotes the remote data integrity auditing a hot topic. Some research can audit the integrity and correctness of user data and solve the problem of user privacy leakage. However, these schemes cannot use fewer data blocks to achieve better auditing results. In this paper, we figure out that the random sampling used in most auditing schemes is not well apply to the problem of cloud service provider (CSP) deleting the data that users rarely use, and we adopt the probability proportionate to size sampling (PPS) to handle such situation. A new scheme named improving audit efficiency of remote data for cloud storage is designed. The proposed scheme supports the public auditing with fewer data blocks and constrains the server's malicious behavior to extend the auditing cycle. Compared with the relevant schemes, the experimental results show that the proposed scheme is more effective.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권4호
• /
• pp.1258-1275
• /
• 2023

Cloud computing is a new technology that has adapted to the traditional way of service providing. Service providers are responsible for managing the allocation of resources. Selecting suitable containers and bandwidth for job scheduling has been a challenging task for the service providers. There are several existing systems that have introduced many algorithms for resource allocation. To overcome these challenges, the proposed system introduces an Optimized Task Scheduling Algorithm with Deep Learning (OTS-DL). When a job is assigned to a Cloud Service Provider (CSP), the containers are allocated automatically. The article segregates the containers as' Long-Term Container (LTC)' and 'Short-Term Container (STC)' for resource allocation. The system leverages an 'Optimized Task Scheduling Algorithm' to maximize the resource utilisation that initially inquires for micro-task and macro-task dependencies. The bottleneck task is chosen and acted upon accordingly. Further, the system initializes a 'Deep Learning' (DL) for implementing all the progressive steps of job scheduling in the cloud. Further, to overcome container attacks and errors, the system formulates a Container Convergence (Fault Tolerance) theory with high-level security. The results demonstrate that the used optimization algorithm is more effective for implementing a complete resource allocation and solving the large-scale optimization problem of resource allocation and security issues.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권11호
• /
• pp.4522-4536
• /
• 2020

Nowadays, cloud is the fastest emerging technology in the IT industry. We can store and retrieve data from the cloud. The most frequently occurring problems in the cloud are security and privacy preservation of data. For improving its security, secret information must be protected from various illegal accesses. Numerous traditional cryptography algorithms have been used to increase the privacy in preserving cloud data. Still, there are some problems in privacy protection because of its reduced security. Thus, this article proposes an ElGamal Elliptic Curve (EGEC) Homomorphic encryption scheme for safeguarding the confidentiality of data stored in a cloud. The Users who hold a data can encipher the input data using the proposed EGEC encryption scheme. The homomorphic operations are computed on encrypted data. Whenever user sends data access permission requests to the cloud data storage. The Cloud Service Provider (CSP) validates the user access policy and provides the encrypted data to the user. ElGamal Elliptic Curve (EGEC) decryption was used to generate an original input data. The proposed EGEC homomorphic encryption scheme can be tested using different performance metrics such as execution time, encryption time, decryption time, memory usage, encryption throughput, and decryption throughput. However, efficacy of the ElGamal Elliptic Curve (EGEC) Homomorphic Encryption approach is explained by the comparison study of conventional approaches.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.455-472
• /
• 2020

As a user in modern societies with the rapid growth of Internet environment and more complicated business flow processes in order to be effective at work and accomplish things on time when the manager of the company went for a business trip, he/she need to delegate his/her signing authorities to someone such that, the delegatee can act as a manager and sign a message on his/her behalf. In order to make the delegation process more secure and authentic, we proposed a secure and efficient identity-based proxy signcryption in cloud data sharing (SE-IDPSC-CS), which provides a secure privilege delegation mechanism for a person to delegate his/her signcryption privilege to his/her proxy agent. Our scheme allows the manager of the company to delegate his/her signcryption privilege to his/her proxy agent and the proxy agent can act as a manager and generate signcrypted messages on his/her behalf using special information called "proxy key". Then, the proxy agent uploads the signcrypted ciphertext to a cloud service provider (CSP) which can only be downloaded, decrypted and verified by an authorized user at any time from any place through the Internet. Finally, the security analysis and experiment result determine that the proposed scheme outperforms previous works in terms of functionalities and computational time.