• International Journal of Computer Science & Network Security
• /
• 제21권2호
• /
• pp.1-8
• /
• 2021

Cloud computing has proven its efficiency, especially after the increasing number of cloud services offered by a wide range of cloud providers, from different domains. Despite, these cloud services are mostly heterogeneous. Consequently, and due to the rising interest of cloud consumers to adhere to a multi-cloud environment instead of being locked-in to one cloud provider, the need for semantically interconnecting different cloud services from different cloud providers is a crucial and important task to ensure. In addition, considerable research efforts proposed interoperability solutions leading to different representation models of cloud services. In this work, we present our solution to overcome this limitation, precisely in the IAAS service model. This solution is a framework permitting the semantic interoperability of different IAAS resources in a multi-cloud environment, in order to assist cloud consumers to retrieve the cloud resource that meets specific requirements.

• 한국컴퓨터정보학회논문지
• /
• 제22권11호
• /
• pp.9-16
• /
• 2017

In this paper, we propose to present a model of cloud security that has emerged as the biggest topic of cloud computing, replacing the traditional IT environment. While cloud computing is an extension of existing IT technology, security issues and threats can be applied to traditional security technologies. However, the biggest difference between a typical computing environment and a cloud computing environment is a virtualized environment with a hypervisor. Currently, there are many weaknesses in the virtualized environment, and there are few related security products. In order for a cloud computing environment to function as a reliable IT environment, we expect more research on hypervisor-based security technologies, and we expect to secure safer cloud services through a secure model over the next generation of new-based networks.

• International Journal of Computer Science & Network Security
• /
• 제22권7호
• /
• pp.315-319
• /
• 2022

Cloud computing has emerged to be the most effective headway for investigating crime especially cybercrime in this modern world. Even as we move towards an information technology-controlled world, it is important to note that when innovations are made, some negative implications also come with it, and an example of this is these criminal activities that involve technology, network devices, and networking that have emerged as a result of web improvements. These criminal activities are the ones that have been termed cybercrime. It is because of these increased criminal activities that organizations have come up with different strategies that they use to counter these crimes, and one of them is carrying out investigations using the cloud environment. A cloud environment has been defined as the use of web-based applications that are used for software installation and data stored in computers. This paper examines problems that are a result of cybercrime investigation in the cloud environment. Through analysis of the two components in play; cybercrime and cloud environment, we will be able to understand what are the problems that are encountered when carrying out investigations in cloud forensics. Through the use of secondary research, this paper found out that most problems are associated with technical and legal channels that are involved in carrying out these investigations. Investigator's mistakes when extracting pieces of evidence form the most crucial problems that take a lead when it comes to cybercrime investigation in the cloud environment. This paper not only flags out the challenges that are associated with cybercrime investigation in cloud environments but also offer recommendations and suggested solutions that can be used to counter the problems in question here. Through a proposed model to perform forensics investigations, this paper discusses new methodologies solutions, and developments for performing cybercrime investigations in the cloud environment.

• International journal of advanced smart convergence
• /
• 제4권1호
• /
• pp.31-34
• /
• 2015

Recently, the various types of data are began to increase. In order to manage the data efficiently, a variety of cloud services are being made. However, while providing a cloud service, the problem is the cost and waste a lot of human power to manage the data that is generated and managed by the server. To solve this problem, it is build the cloud environment using a single board computer with Raspberry pi. In this paper, we used Raspberry pi as a cloud server to provide services for the users. And we construct a Total Server to manage the generated data. It can separate the processing of data and the provision of services. We ensure the efficient operation by building a cloud environment with Raspberry pi and by managing the data which generated in cloud environment with the total server.

• 한국컴퓨터정보학회논문지
• /
• 제22권8호
• /
• pp.55-61
• /
• 2017

Cloud computing is cost-effective in terms of system configuration and maintenance and does not require special IT skills for management. Also, cloud computing provides an access control setting where SSO is adopted to secure user convenience and availability. As the SSO user authentication structure of cloud computing is exposed to quite a few external security threats in wire/wireless network integrated service environment, researchers explore technologies drawing on distributed SSO agents. Yet, although the cloud computing access control using the distributed SSO agents enhances security, it impacts on the availability of services. That is, if any single agent responsible for providing the authentication information fails to offer normal services, the cloud computing services become unavailable. To rectify the environment compromising the availability of cloud computing services, and to protect resources, the current paper proposes a security policy that controls the authority to access the resources for cloud computing services by applying the authentication policy of user authentication agents. The proposed system with its policy of the authority to access the resources ensures seamless and secure cloud computing services for users.

• 정보보호학회논문지
• /
• 제27권3호
• /
• pp.579-589
• /
• 2017

클라우드 환경은 하이퍼바이저 기반으로 다수의 가상머신들이 상호 연결된 형태로 악성코드의 전파가 용이하기 때문에 다른 환경에 비해 악성코드에 감염될 경우 그 피해규모가 상대적으로 크다. 본 논문에서는 이러한 문제점을 해결하기 위해 안전한 클라우드 환경을 위한 악성트래픽 동적 분석 시스템을 제안한다. 제안하는 시스템은 클라우드 환경에서 발생하는 악성트래픽을 판별하여 악성행위를 격리된 가상네트워크 환경에서 지속적으로 모니터링 및 분석한다. 또한, 분석된 결과를 추후 발생하는 악성트래픽의 판별과 분석에 반영한다. 본 논문에서 제안하는 시스템은 클라우드 환경에서 발생하는 신 변종 악성트래픽 탐지 및 대응을 목적으로 클라우드 환경에서의 악성트래픽 분석환경을 구축함으로써 안전하고 효율적인 악성트래픽 동적 분석을 제공한다.

• 디지털산업정보학회논문지
• /
• 제8권4호
• /
• pp.107-113
• /
• 2012

Cloud computing has brought changes to the IT environment. Due to the spread of LTE, users of cloud services are growing more. This which provides IT resources to meet the needs of users of cloud services are noted as a core industry. But it is not activated because of the security of personal data and the safety of the service. In order to solve this, intrusion detection system is constructed as follows. This protects individual data safely which exists in the cloud and also protects information exhaustively from malicious attack. The cause of most attack risk which exists to cloud computing can find in distributed environment. In this study, we analyzed about necessary property of network-based intrusion detection system that process and analyze large amount of data which occur in cloud computing environment. Also, we studied functions which detect and correspond attack occurred in interior of virtualization.

• 한국통신학회논문지
• /
• 제36권9B호
• /
• pp.1066-1072
• /
• 2011

가상화를 통해 원하는 만큼의 컴퓨팅 파워와 데이터 저장 공간을 제공하면서도 관련된 IT자원의 유지보수 비용과 관리에서는 사용자를 해방시켜주는 많은 장점에도 불구하고, 클라우드 컴퓨팅이 가까운 미래에 실질적인 서비스로 자리잡고 활성화를 위해서는 먼저 넘어야 할 장벽들이 있다. 즉, 사용자의 제어 너머에 있는 클라우드 컴퓨팅 환경이 IT서비스와 인프라에 대해 사용자에게는 이용권만을 주기 때문에 비롯되는 여러 문제들이 생기게 된다. 가장 큰 이슈 중의 하나는 클라우드에 저장되는 정보의 보호 및 신뢰성 확보이다. 본 논문에서는 provenance 통한 클라우드 상의 데이터 신뢰확보에 대한 효과적이고 유용한 해법을 제안한다.

• 한국컴퓨터정보학회논문지
• /
• 제23권12호
• /
• pp.81-87
• /
• 2018

Cloud computing is a computing environment in which users borrow as many IT resources as they need to, and use them over the network at any point in time. This is the concept of leasing and using as many IT resources as needed to lower IT resource usage costs and increase efficiency. Recently, cloud computing is emerging to provide stable service and volume of data along with major technological developments such as the Internet of Things, artificial intelligence and big data. However, for a more secure cloud environment, the importance of perimeter security such as shared resources and resulting secure data storage and access control is growing. This paper analyzes security threats in cloud computing environments and proposes a security architecture for effective response.

• 한국멀티미디어학회논문지
• /
• 제23권2호
• /
• pp.328-342
• /
• 2020

As the cloud-based ICT(Information & Communication Technology) infrastructure matures, the existing monolithic software development method is evolving into a micro-service structure based on cloud native computing. To develop and operate the services efficiently under the cloud native environment, DevOps-based application development plans through MSA(Micro Service Architecture) design based are essential. A cloud native environment is an approach to developing and running applications that take advantage of cloud computing models such as automation of source distribution, container-based virtualization, application scalability, resource efficiency, and flexible maintenance through object independence. To implement this approach, the utilization of key elements such as DevOps, continuous delivery, micro service, and containers is essential, but there are not enough previous studies on case analyses or application methods of these key elements. Therefore, in this paper, we analyze the cases of application development in cloud native environment and propose the optimized application development process and development method through small and medium-sized SI projects.