• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.804-807
• /
• 2012

Cloud service provider has to protect client's information securely since all the resources are offered by the service provider, and a large number of users share the resources. In this paper, a NoSQL-based anomaly detection system is proposed in order to enhance the security of mobile cloud services. The existing integrated security management system that uses a relational database can not be used for real-time processing of data since security log from a variety of security equipment and data from cloud node have different data format with unstructured features. The proposed system can resolve the emerging security problem because it provides real time processing and scalability in distributed processing environment.

• Journal of Convergence for Information Technology
• /
• v.9 no.1
• /
• pp.142-150
• /
• 2019

This study is a file management security system that encrypts and decrypts computer and cloud data by using Bluetooth based cryptographic module. It is a necessary solution in terms of abuse of personal information and protection of social and national information. We developed H/W and S/W for SFMS(: Safe File Management Security) related Bluetooth module in cloud environment and implemented firmware development, encryption key generation and issuance, client program for system mobile and key management system. In the terminal internal encryption and decryption, SFMS was developed to ensure high security that the hacking itself is not possible because key values exist separately for each file.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.11
• /
• pp.275-280
• /
• 2018

The choice of a suitable distributed file system is required for loading large data and high-speed processing through subsequent applications in a cloud environment. In this paper, we propose a write performance improvement method based on GlusterFS and evaluate the performance of MapRFS, CephFS and GlusterFS among existing distributed file systems in cloud environment. The write performance improvement method proposed in this paper enhances the response time by changing the synchronization level used by the synchronous replication method from disk to memory. Experimental results show that the distributed file system to which the proposed method is applied is superior to other distributed file systems in the case of sequential write, random write and random read.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.12
• /
• pp.4042-4061
• /
• 2022

Recently, various security threats such as data leakage and data forgery have been possible in the communication and storage of data shared in the cloud environment. This paper conducted a study on the CP-ABSC scheme to solve these security threats. In the existing CP-ABSC scheme, if the data is obtained by the unsigncryption of the data user incorrectly, the identity of the data owner who uploaded the ciphertext cannot be known. Also, when verifying the leaked secret key, the identity information of the data user who leaked the secret key cannot be known. In terms of efficiency, the number of attributes can affect the ciphertext. In addition, a large amount of computation is required for the user to unsigncrypt the ciphertext. In this paper, we propose ECP-ABSC that provides data user traceability, and use it in a cloud environment to provide an efficient and secure data sharing scheme. The proposed ECP-ABSC scheme can trace and verify the identity of the data owner who uploaded the ciphertext incorrectly and the data user who leaked the secret key for the first time. In addition, the ciphertext of a constant size is output and the efficiency of the user's unsigncryption computation were improved.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1545-1559
• /
• 2023

In the cloud environment, microservices are implemented through Kubernetes, and these services can be expanded or reduced through the autoscaling function under Kubernetes, depending on the service request or resource usage. However, the increase in the number of nodes or distributed microservices in Kubernetes and the unpredictable autoscaling function make it very difficult for system administrators to conduct operations. Artificial Intelligence for IT Operations (AIOps) supports resource management for cloud services through AI and has attracted attention as a solution to these problems. For example, after the AI model learns the metric or log data collected in the microservice units, failures can be inferred by predicting the resources in future data. However, it is difficult to construct data sets for generating learning models because many microservices used for autoscaling generate different metrics or logs in the same timestamp. In this study, we propose a cloud data refining module and structure that collects metric or log data in a microservice environment implemented by Kubernetes; and arranges it into computing resources corresponding to each service so that AI models can learn and analogize service-specific failures. We obtained Kubernetes-based AIOps learning data through this module, and after learning the built dataset through the AI model, we verified the prediction result through the differences between the obtained and actual data.

• Journal of Internet Computing and Services
• /
• v.15 no.3
• /
• pp.1-10
• /
• 2014

The cloud computing paradigm introduced pay-per-use models in which IT services can be created and scaled on-demand. However, service providers are still concerned about the constraints imposed by their physical infrastructures. In order to keep the required QoS and achieve the goal of upholding the SLA, virtualized resources must be efficiently consolidated to maximize system throughput while keeping energy consumption at a minimum. Using ANN, we propose a predictive SLA-aware approach for consolidating virtualized resources in a cloud environment. To maintain the QoS and to establish an optimal trade-off between performance and energy efficiency, the server's utilization threshold dynamically adapts to the physical machine's resource consumption. Furthermore, resource-intensive VMs are prevented from getting underprovisioned by assigning them to hosts that are both capable and reputable. To verify the performance of our proposed approach, we compare it with non-optimized conventional approaches as well as with other previously proposed techniques in a heterogeneous cloud environment setup.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1247-1257
• /
• 2013

The security vulnerabilities of cloud storage virtualization environments are different from those of the existing computer system and are difficult to be protected in the existing computer system environment. Therefore we need some technical measures to address this issue. First of all, the technology used in cloud storage virtualization environment needs to be thoroughly analyzed, and also, we should understand those security requirements of various stakeholders in the view of cloud storage service and perform the research on security guidelines of the research security requirements. In this paper, we propose security requirements based on layers and roles of cloud storage virtualization. The proposed security requirements can be a basement for development of solution of cloud storage virtualization security.

• Journal of Convergence Society for SMB
• /
• v.2 no.2
• /
• pp.35-41
• /
• 2012

The rapid development of cloud computing and mobile internet service changes to an mobile cloud service environment that can serve and pay computing source that users want anywhere and anytime. But when user misses mobile device, the respond to any threat like user's personal information exposal is insufficient. This paper proposes cloud service access control model to provide secure service for mobile cloud users to other level users. The proposed role-based model performs access authority when performs user certification to adapt various access security policy. Also, the proposed model uses user's attribute information and processes before user certification therefore it lowers communication overhead and service delay. As a result, packet certification delay time is increased 3.7% and throughput of certification server is increased 10.5%.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.693-696
• /
• 2013

Information protection system (Information protection system)-based IT environment built popularity in public agencies and businesses take advantage of the resources for the integration of the information system one essential environment began to recognize, cloud systems (Cloud System), cloud security (Cloud Security), big data (Big Data), big data security (Big Data Security), industrial security (Security Industry), as well as the issue. Due to the influence of these information protection system (Information protection system) in response to my external security threats based on the analysis plan. In this paper, data protection systems (Information protection system), resulting in the introduction, there are a number of security threats and particularly industrial security aspects and internal and external security threats in response by lighting about aspects of the plan is based on knowledge.

• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.215-223
• /
• 2013

As cloud computing is activated, a variety of cloud services are being distributed. However, to use each different cloud service, you must perform a individual user authentication process to service. Therefore, not only the procedure is cumbersome but also due to repeated authentication process performance, it can cause password exposure or database overload that needs to have user's authentication information each cloud server. Moreover, there is high probability of security problem that being occurred by phishing attacks that result from different authentication schemes and input scheme for each service. Thus, when you want to use a variety of cloud service, we proposed OpenID based user authentication scheme that can be applied to a multi-cloud environment by the trusted user's verify ID provider.