• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.95-105
• /
• 2015

In this paper, we propose the security requirements for developing the security functions of server virtualization system. The security requirements are based on the security threats of server virtualization system, and we verified the validity by defending the security threats of server virtualization system. For inducting the security threats damaging server virtualization system from cloud computing security threats, we analyze and suggest the relations between security threats and security issue of server virtualization system.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.2
• /
• pp.73-79
• /
• 2013

Cloud computing is a form which provides IT resources through network and pays the cost as much as you used. And it has advantages that it doesn't need to construct infrastructure and can be offered a variety of environments. The main core of these computing is virtualization technology. Security mechanism about attacks using vulnerabilities of virtualization technology isn't provided right and existing security tools can't be applied as it is. In this paper, we proposed honeyVM structure that can cope actively by collecting the information about attacks using virtualization vulnerability. Mamdani fuzzy inference is used to adjust dynamically the number of formed honeyVM depending on the load of system. Security structure to protect actual virtual machine from attacks and threats is proposed. The performance of the proposed structure in this paper measured occurred attack detection rate and resource utilization rate.

• Journal of Digital Contents Society
• /
• v.19 no.3
• /
• pp.453-460
• /
• 2018

Virtualization technology is characterized by the ability to isolate the user's system environment and to support the computing resources flexibly and extensively on demand. However, virtualization technology of cloud computing, which is already well known, must overload the guest OS and the hypervisor to manage it. Container technology is emerging to solve such OS-based virtualization problems. This technology can isolate the processes under which the application is running, thus creating a virtualization-like environment with minimal overhead. In this work, we construct a container-based education practice system using Docker instead of the existing cloud-based environment. To do this, we analyze the requirements for the establishment of the training practice environment. We also analyze the functions of the container and study the method to meet the requirements. This can take advantage of the existing flexible and scalable cloud computing. Also, it maximizes the availability of limited resources by minimizing the performance load.

• Journal of Information Processing Systems
• /
• v.6 no.4
• /
• pp.553-562
• /
• 2010

The core services in cloud computing environment are SaaS (Software as a Service), Paas (Platform as a Service) and IaaS (Infrastructure as a Service). Among these three core services server virtualization belongs to IaaS and is a service technology to reduce the server maintenance expenses. Normally, the primary purpose of sever virtualization is building and maintaining a new well functioning server rather than using several existing servers, and in improving the various system performances. Often times this presents an issue in that there might be a need to increase expenses in order to build a new server. This study intends to use grid service architecture for a form of server virtualization which utilizes the existing servers rather than introducing a new server. More specifically, the proposed system is to enhance system performance and to reduce the corresponding expenses, by adopting a scheduling algorithm among the distributed servers and the constituents for grid computing thereby supporting the server virtualization service. Furthermore, the proposed server virtualization system will minimize power management by adopting the sleep severs, the subsidized servers and the grid infrastructure. The power maintenance expenses for the sleep servers will be lowered by utilizing the ACPI (Advanced Configuration & Power Interface) standards with the purpose of overcoming the limits of server performance.

• Journal of Digital Convergence
• /
• v.17 no.8
• /
• pp.221-228
• /
• 2019

The importance of security for virtualization products has been increased with the activation policy of cloud computing and it is necessary to analyze cyber security threats and develop security requirements for virtualization products to provide with more secure cloud environments. This paper is a preliminary study with the purpose of developing security functional requirements through analyzing security features and cyber security threats as well as comparison of foreign countries' cases for virtualization products. To do this, the paper compares evaluation schemes for virtualization products in US and UK foreign countries, and analyzes the cyber security threats, security objectives and security requirements in both countries. Furthermore, it proposes the essential checking items and processes for developing security functional requirements about security features of virtualization products to contribute to its more secure development and the establishment of related security evaluation standards.

• Journal of Convergence Society for SMB
• /
• v.5 no.1
• /
• pp.31-35
• /
• 2015

Cloud computing is internet-based computing technology. This is a form for exchanging service focused on the Internet. Because Cost is saved and use is easy there's a tendency that many companies are using. Cloud is in the form of a public cloud and private cloud and hybrid cloud. The service model is SaaS, PaaS, IaaS. Cloud computing use is simple but it has a security vulnerability. In particular, there is a vulnerability in virtualization and centralized information. In order to overcome this new security technology is to be developed. In particular, network security technology and authentication technology should be developed. Another way to overcome security responsibilities must be clearly and policies should be unified.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.7
• /
• pp.526-534
• /
• 2013

With rapid rise of virtualization technology from diverse types of cloud computing service, security problems such as data safety and reliability are the issues at stake. Since damage in virtualization layer of cloud service can cause damage on all host (user) tasks, Hypervisor that provides an environment for multiple virtual operating systems can be a target of attackers. This paper propose a security structure for protecting Hypervisor from hacking and malware infection.

• International Journal of Computer Science & Network Security
• /
• v.24 no.9
• /
• pp.157-161
• /
• 2024

Cloud computing becomes an important technology for distributed computing and parallel computing. Cloud computing provides various facility like to share resources, software packages, information, storage and many different applications depending on user demand at any time and at any place. It provides an extensive measure for computing and storage. A service provided by it to user follows pay-as-you-go model. Although it provides many facilities still there is some problem which are resource discovery, fault tolerance, load balancing, and security. Out of these Load balancing is the main challenges. There are many techniques which used to distribute wor9kload or task equally across the servers. This paper includes cloud computing, cloud computing architecture, virtualization and MS load balancing technique which provide enhanced load balancing.

• Journal of information and communication convergence engineering
• /
• v.10 no.1
• /
• pp.61-65
• /
• 2012

Many public organizations have been adopting and operating various servers. These servers run on Windows, Unix, and Linux operating systems that generally use less than 10% of their capacity. For migrating a public organization to cloud computing, we must first virtualize the server environment. This article proposes a strategy for server virtualization that the National IT Industry Promotion Agency (NIPA) has done and describes the effects of a public organization migrating to cloud computing. The NIPA Computer Center planned an effective virtualization migration on various servers. This project of virtualization migration was conducted with the existing policy of separate x86 servers and Unix servers. There are three popular approaches to server virtualization: a virtual machine model, a paravirtual machine model, and virtualization at the operating system layer. We selected a VMware solution that uses the virtual machine model. We selected servers for virtualization in the following manner. Servers were chosen that had the highest rate of service usage and CPU usage and had been operating for five years or more. However, we excluded servers that require 80% or greater rates of CPU usage. After adopting the server virtualization technique, we consolidated 32 servers into 3 servers. Virtualization is a technology that can provide benefits in these areas: server consolidation and optimization, infrastructure cost reduction and improved operational flexibility, and implementation of a dual computing environment.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2013.07a
• /
• pp.83-84
• /
• 2013

클라우드 컴퓨팅을 이용하여 다양한 서비스가 생겨남에 따라 클라우드 컴퓨팅 환경에서의 보안이 더욱 중요해지고 있다. 이에 따라 클라우드 컴퓨팅을 구축하는 핵심 기술인 가상화 기술의 보안 또한 중요한 이슈가 되고 있다. 가상화 기술은 독립된 컴퓨팅 환경을 제공함으로써 기본적으로 안전한 컴퓨팅 환경을 제공하지만 가상화 기술의 보안 취약점을 이용하여 보안 공격하는 사례가 증가하고 있다. 이에 본 논문에서는 전가상화 기법과 운영체제 레벨 가상화 기법을 접목시켜 게스트 운영체제로부터 시작되는 보안 공격에 대해 대응할 수 있게 함으로써 보안성을 강화시키는 기법을 제안한다. 또한, 벤치마킹을 통해 이러한 접근방법이 기존의 컴퓨팅 성능에 거의 영향을 미치지 않음을 확인하였다.