• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.89-112
• /
• 2015

Recently, the business environment of healthcare has changed rapidly due to the entering the mobile era, the intensifying global competition, and the explosion of healthcare needs. Despite of necessity in expanding new IT-based medical services and investing IT resources to respond environmental changes, the small and medium sized hospitals could not realize these requirements due to the limited management resources. CHISSMH is designed and presented in this research to provide high valued clouding medical services with reasonable price. CHISMH is designed and presented in this research to provide high valued medical services with reasonable price through cloud computing. CHISME is designed to maximize resource pooling and sharing through the visualization. By doing so, Cloud Service provider could minimize maintenance cost of cloud data center, provide high level services with reasonable pay-per-use price. By doing so, Cloud Service provider could minimize maintenance cost of cloud data center, and could provide high level services with reasonable pay-per-use price. CHISME is expected to be base framework of cloud HIS services and be diffusion factor of cloud HIS services Operational experience in CHISSMH with 15 hospitals is analyzed and presented as well.

• Smart Media Journal
• /
• v.12 no.2
• /
• pp.66-75
• /
• 2023

Recently, the number of cloud web applications is increasing owing to the accelerated migration of enterprises and public sector information systems to the cloud. Traditional network attacks on cloud web applications are characterized by Denial of Service (DoS) attacks, which consume network resources with a large number of packets. However, HTTP DoS attacks, which consume application resources, are also increasing recently; as such, developing security technologies to prevent them is necessary. In particular, since low-bandwidth HTTP DoS attacks do not consume network resources, they are difficult to identify using traditional security solutions that monitor network metrics. In this paper, we propose a new detection model for detecting HTTP DoS attacks on cloud web applications by collecting the application metrics of web servers and learning them using machine learning. We collected 18 types of application metrics from an Apache web server and used five machine learning and two deep learning models to train the collected data. Further, we confirmed the superiority of the application metrics-based machine learning model by collecting and training 6 additional network metrics and comparing their performance with the proposed models. Among HTTP DoS attacks, we injected the RUDY and HULK attacks, which are low- and high-bandwidth attacks, respectively. As a result of detecting these two attacks using the proposed model, we found out that the F1 scores of the application metrics-based machine learning model were about 0.3 and 0.1 higher than that of the network metrics-based model, respectively.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.405-414
• /
• 2014

It is very important to IT users that the Cloud service provides dynamic extension of IT resources and cost-saving. However, the reliability for Cloud service hinders utilizing Cloud service actively. Existing studies on assessment program for Cloud Service are executed by extracting information security assessment articles and adding features of cloud services by referencing ISO/IEC 27001:2005. This paper will review the recently released ISO/IEC 27001:2013 for the addition, reduction, and changing of articles for Controls and Control objectives. Comparative analysis for the Controls of ISO/IEC 27001:2013 with those of CSA CCMv.3, FedRAMP which is an assessment program for Cloud service will suggest Control Objects of Information Security Management System for related Cloud service. The suggestion of Controls will be an important reference index for the security policy of companies which manage the information security management system based on Cloud service.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.2
• /
• pp.341-347
• /
• 2012

In cloud computing, a enterprise or a client can use resources of computers that they are not own them. In case of Web 2.0 applications, such as Facebook, it is difficult to predict the maximum popularity of the service. But, the cloud computing may give a solution about this problem without high cost, thus becomes wildly popular. One of the advantage of cloud computing is providing a high availability. To provide the availability when the cloud computing that has shared-nothing architecture, strict consistency is not well with cloud computing. So, some consistency was proposed including the eventual consistency that was weaken the traditional consistency and has been adopted to many cloud applications. In this paper, we observe various consistency criteria that can adjust to cloud computing and discuss about some consistency that can be adapted to many applications of cloud computing.

• Journal of Digital Convergence
• /
• v.12 no.11
• /
• pp.299-307
• /
• 2014

N-Data Center which provide of cloud computing service for the Government departments, will be prepared transforming to cloud data center and transformed into an 'IT service' provided as a service to the information resources required by each department. N-Data center already provide a cloud service to the departments as maintains a high level of security, and plan to connecting with the private sector as a precondition of security. Therefore, in order to promote them effectively, it is necessary to determine the level of security in the cloud data center, and we have proposed appropriate measures. In this paper, we analyze security requirements of cloud data centers in developed countries and identify the leading private cloud data center security. In addition, we identify the N-data center security level, and analyzes the data center and private cloud gap and provide a transition strategy in terms of security finally.

• Journal of the Korean BIBLIA Society for library and Information Science
• /
• v.23 no.3
• /
• pp.57-84
• /
• 2012

With the advent of Big data era unleashed by tremendous increase of structured and unstructured data, a library needs an effective method to store, manage and preserve various information resources. Also, needs of collaboration of libraries are continuously increased in digital environment. As an effective method to handle the changes and challenges in libraries, interest on cloud computing is growing more and more. This study aims to propose a method to introduce cloud computing in libraries. To achieve the goals, this study performed the literature review to analyze problems of existing library systems. Also, this study proposed considerations, expectations, service scenario, phased strategy to introduce cloud computing in libraries. Based on the results extracted from cases that libraries have introduced cloud computing-based systems, this study proposed introduction strategy and specific applying areas in library works as considered features of cloud computing models. The proposed phased strategy and service scenario may reduce time and effort in the process of introduction of cloud computing and maximize the effect of cloud computing.

• Journal of Information Technology and Architecture
• /
• v.10 no.4
• /
• pp.509-516
• /
• 2013

Cloud services are recognized the essential IT infrastructure in the optimal smart society which is changing rapidly as a low-cost and high-efficiency. This service of starting from prominent overseas companies such as Google, Amazon, had influenced on the introduction of the service for the various policies of foreign governments, including the United States and the United Kingdom. Such countries adopting to the cloud computing and make transform to the cloud service of existing public service for the effective management of information resources. In this study, we have proposed the main determining factors of cloud adoption, the model of cloud governance for the adoption of public cloud service.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.1
• /
• pp.282-304
• /
• 2014

Each cloud service has numerous owners and tenants, so it is necessary to construct a privacy preserving identity management and access control mechanism for cloud computing. On one hand, cloud service providers (CSP) depend on tenant's identity information to enforce appropriate access control so that cloud resources are only accessed by the authorized tenants who are willing to pay. On the other hand, tenants wish to protect their personalized service access patterns, identity privacy information and accessing newfangled cloud services by on-demand ways within the scope of their permissions. There are many identity authentication and access control schemes to address these challenges to some degree, however, there are still some limitations. In this paper, we propose a new comprehensive approach, called Privacy pReserving Identity and Access Management scheme, referred to as PRIAM, which is able to satisfy all the desirable security requirements in cloud computing. The main contributions of the proposed PRIAM scheme are threefold. First, it leverages blind signature and hash chain to protect tenant's identity privacy and implement secure mutual authentication. Second, it employs the service-level agreements to provide flexible and on-demand access control for both tenants and cloud services. Third, it makes use of the BAN logic to formally verify the correctness of the proposed protocols. As a result, our proposed PRIAM scheme is suitable to cloud computing thanks to its simplicity, correctness, low overhead, and efficiency.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.15 no.3
• /
• pp.129-137
• /
• 2020

Kubernetes is one of the most widely used tool in cloud computing environments. It m anages POD as a basic operational unit, providing a isolated environments through container tech nology. Basically, its scheduler properly allocates POD, considering the utilizations of CPUs, mem ories and volumes on hosts. In our work, we develop a customized scheduling framework additio nally considering network resources. In the framework, we can monitor the dynamic variations of resources and make it possible to utilize the resources for the scheduler. This framework offers not only observing necessary information but also visualizing the data to scheduler for providing convenience.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.310-328
• /
• 2022

Internet of things (IoT) has emerged as the most popular technique that facilitates enhancing humans' quality of life. However, most time sensitive IoT applications require quick response time. So, processing these IoT applications in cloud servers may not be effective. Therefore, fog computing has emerged as a promising solution that addresses the problem of managing large data bandwidth requirements of devices and quick response time. This technology has resulted in processing a large amount of data near the data source compared to the cloud. However, efficient management of computing resources involving balancing workload, allocating resources, provisioning resources, and scheduling tasks is one primary consideration for effective computing-based solutions, specifically for time-sensitive applications. This paper provides a comprehensive review of the source management strategies considering resource limitations, heterogeneity, unpredicted traffic in the fog computing environment. It presents recent developments in the resource management field of the fog computing environment. It also presents significant management issues such as resource allocation, resource provisioning, resource scheduling, task offloading, etc. Related studies are compared indifferent mentions to provide promising directions of future research by fellow researchers in the field.