• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1377-1383
• /
• 2015

As the cloud services users' increase, there are important files created by individual in cloud storage. Thus, investigation of cloud artifact should be conducted. There are two methods of analyzing cloud service, one is that investigates cloud server provider (CSP), and another is that investigates client. In this paper, we presents an automated framework to detect the altered artifact and developes a tool that detects the cloud artifact. We also developed Cloud Artifact Tool that can investigate client computer. Cloud Artifact Tool provides feature of collection and analysis for the services such as Google Drive, Dropbox, Evernote, NDrive, DaumCloud, Ucloud, LG Cloud, T Cloud and iCloud.

• Journal of Platform Technology
• /
• v.8 no.1
• /
• pp.10-15
• /
• 2020

Recently, various industrial sectors have introduced cloud service actively in their business because cloud computing technology enables storage·management and analysis·utilization of data easily in anytime, anywhere. Especially in financial sector, the business provocatively adopted the service and creates various innovative cases; furthermore, already in abroad, the sector has been accelerating digitization of analysis in cases of credit risk, financial fraud data, stock trading etc. On the contrary, in the domestic financial industry, not only the cloud service introduction and innovation cases are underperformed, but most of them are focused on the back-office service. Most Korean financial corporations are burdened with the adoption of cloud service due to various conservative regulatory requirements, such as regulations on data storage and management, regulations on privacy, and other tasks such as developing decision models and establishing responsibility standard for security incidents and service failures. In this study, it would be aimed to contribute to promote the introduction of the cloud in the domestic financial sector by drawing up preemptive challenges and inspecting priorities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.177-186
• /
• 2011

Mobile services which are applied PC performance and mobile characteristics are increased with spread of the smartphone. Recently, mobile cloud service is getting the spotlight as a solution of mobile service problems that mobile device is lack of memory, computing power and storage and mobile services are subordinate to a particular mobile device platform. However, mobile cloud service has more potential security threats by the threat inheritance of mobile service, wireless network and cloud computing service. Therefore, security threats of mobile cloud service has to be removed in order to deploy secure mobile cloud services and user and manager should be able to respond appropriately in the event of threat. In this paper, We define mobile cloud service threats by threat analysis of mobile device, wireless network and cloud computing and we propose mobile cloud service countermeasures in order to respond mobile cloud service threats and threat scenarios in order to respond and predict to potential mobile cloud service threats.

• KIISE Transactions on Computing Practices
• /
• v.21 no.7
• /
• pp.470-475
• /
• 2015

Openstack is an open source software that enables developers to build IaaS(Infrastructure as a Service) cloud platforms. Openstack can virtualize servers, networks and storages, and provide them to users. This paper proposes the structure of Openstack cloud storage system applying Infiniband to solve bottlenecking that may occur between server and storage nodes when the server performs an I/O operation. Furthermore, we implement all flash array based high-performance Cinder storage volumes which can be used at Nova virtual machines by applying distributed RAID-60 structures to three 8-bay SSD storages and show that Infiniband storage networks applied to Openstack is suitable for virtualizing high-performance storage.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.9-15
• /
• 2015

Cloud computing has emerged with promise to decrease the cost of server additional cost and expanding the data storage and ease for computer resource sharing and apply the new technologies. However, Cloud computing also raises many new security concerns due to the new structure of the cloud service models. Therefore, several cloud service certification system were performed in the world in order to meet customers need which is the safe and reliable cloud service. This paper we propose the new risk analysis method different compare with existing method for secure the reliability of certification considering public IaaS(Infrastructure as a Service) cloud service properties.

• Journal of KIISE
• /
• v.43 no.10
• /
• pp.1165-1172
• /
• 2016

In cloud storage environment, deduplication enables efficient use of the storage. Also, in order to save network bandwidth, cloud storage service provider has introduced client-side deduplication. Cloud storage service users want to upload encrypted data to ensure confidentiality. However, common encryption method cannot be combined with deduplication, because each user uses a different private key. Also, client-side deduplication can be vulnerable to security threats because file tag replaces the entire file. Recently, proof of ownership schemes have suggested to remedy the vulnerabilities of client-side deduplication. Nevertheless, client-side deduplication over encrypted data still causes problems in efficiency and security. In this paper, we propose a secure and practical client-side encrypted data deduplication scheme that has resilience to brute force attack and performs proof of ownership over encrypted data.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.389-394
• /
• 2012

The cloud computing is a system that provides IT resources service by using internet technologies, which grabs lots of attention today. Though cloud storage services provide service users with convenience, there is a problem in which data confidentiality is not guaranteed because it is hard for data owners to control the access to the data. This article suggested the technique by applying Public-Key Cryptosystem only to a block after dividing users' data into blocks in order to protect users' data in cloud system. Thus confidentiality and integrity are given to users' data stored in cloud storage server.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.65-72
• /
• 2023

Cloud Computing is one of the current research areas in computer science. Recently, Cloud is the buzz word used everywhere in IT industries; It introduced the notion of 'pay as you use' and revolutionized developments in IT. The rapid growth of modernized cloud computing leads to 24×7 accessing of e-resources from anywhere at any time. It offers storage as a service where users' data can be stored on a cloud which is managed by a third party who is called Cloud Service Provider (CSP). Since users' data are managed by a third party, it must be encrypted ensuring confidentiality and privacy of the data. There are different types of cryptographic algorithms used for cloud security; in this article, the algorithms and their security measures are discussed.

• International Journal of Computer Science & Network Security
• /
• v.24 no.9
• /
• pp.157-161
• /
• 2024

Cloud computing becomes an important technology for distributed computing and parallel computing. Cloud computing provides various facility like to share resources, software packages, information, storage and many different applications depending on user demand at any time and at any place. It provides an extensive measure for computing and storage. A service provided by it to user follows pay-as-you-go model. Although it provides many facilities still there is some problem which are resource discovery, fault tolerance, load balancing, and security. Out of these Load balancing is the main challenges. There are many techniques which used to distribute wor9kload or task equally across the servers. This paper includes cloud computing, cloud computing architecture, virtualization and MS load balancing technique which provide enhanced load balancing.

• Convergence Security Journal
• /
• v.17 no.3
• /
• pp.15-20
• /
• 2017

Cloud computing is a service that to use IT resources (software, storage, server, network) through various equipment in an Internet-enabled environment. Due to convenience, efficiency, and cost reduction, the utilization rate has increased recently. However, Cloud providers have become targets for attack Also, Abuse of cloud service is considered as the top security threat. The existing digital forensic procedures are suitable for investigations on individual terminals. In this paper, we propose a new investigation model by analyzing the vulnerable points that occur when you investigate the cloud environment with the existing digital forensic investigation procedure. The proposed investigation model adds a way to obtain account information, and can apply public cloud and private cloud together. Cloud services are also easily accessible and are likely to destroy digital evidence. Therefore, the investigation model was reinforced by adding an account access blocking step.