• 인터넷정보학회논문지
• /
• 제16권3호
• /
• pp.79-93
• /
• 2015

IT기술의 고속 발전에 따라 사용자들이 기술을 사용하는 방식에 큰 변화가 생기고 있다. 전통적인 서비스 응용과 저효율의 데이터를 처리하는 방식은 사용자의 요구를 만족할 수 없다. 사용자들이 데이터의 중요성을 알게 되었고, 빅 데이터에 관한 처리와 저장기술은 오늘날의 인터넷 회사의 주요 연구방향이 되고 있다. 115 네트워크 디스크는 중국에서 폭넓게 사용되기 시작하였고 각 인터넷 회사들은 클라우드 서비스 시장을 쟁탈하는 싸움에 참여하기 시작하였다. 중국의 클라우드 서비스는 아직도 스토리지 서비스 위주이지만, 이 기능을 바탕으로 확장하는 서비스 내용도 사용자의 인정을 받고 있으며, 사용자들이 이러한 새로운 서비스 방식을 사용하는 것을 시도하고 있다. 그래서 어떻게 하면 사용자들이 지속적으로 클라우드 서비스를 사용 할 것인지에 관한 연구방향이 더욱 필요해 졌다. 하나의 전통적인 정보 시스템에 대해, 학자들은 대개 TAM(Technology acceptance model)모형과 통계학을 결합하여 이 시스템에 대한 사용자들의 태도를 분석하고 검증한다. 하지만 기본적인 TAM모형은 날이 갈수록 방대해지는 시스템의 규모를 만족 할 수 없게 되었다. 따라서 TAM모형에 대한 적당한 확장과 조절이 필요하게 되었다. 본 연구는 중국의 개인용 클라우드 서비스 사용자의 지속적인 사용의도에 영향을 미치는 요인에 관한 실증분석을 목표로 브랜드 영향력, 하드웨어 환경 등 외부 변수를 추가하고, 중국 클라우드 사용자를 대상으로 설문 조사를 진행했으며, 본 논문에서 분석을 통해 수정된 모형에 관한 가설을 검증하였다. 본 연구는 주로 중국의 4개 주요 도시의 210명의 클라우드 서비스 사용자를 대상으로 인터넷 설문 조사를 실행하였다. 설문 데이터를 통해 3개의 외부 변수에 대한 분석을 진행하였고, 이 3개의 외부 변수를 세분화하고 외부요소에 영향을 주는 주요 원인을 찾아냈다. 이를 바탕으로 개인 클라우드 서비스 사용자들이 서비스를 지속적으로 사용 할 수 있는 태도를 강화 할 수 있는 것에 유용한 의견을 제시하였다. 이러한 의견들은 중국사용자들을 대상으로 하는 주요 서비스를 제공 하는 회사에게 향후 서비스 방향을 참고할 수 있는 정보를 제공한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권6호
• /
• pp.3219-3237
• /
• 2019

The Cloud Computing is growing rapidly in the current IT industry. Cloud computing has become a buzzword in relation to Grid & Utility computing. It provides on demand services to customers and customers will pay for what they get. Various "Cloud Service Provider" such as Microsoft Azure, Google Web Services etc. enables the users to access the cloud in cost effective manner. However, security, privacy and integrity of data is a major concern. In this paper various security challenges have been identified and the survey briefs the comprehensive overview of various security issues in cloud computing. The classification of security issues in cloud computing have been studied. In this paper we have discussed security challenges in cloud computing and also list recommended methods available for addressing them in the literature.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권1호
• /
• pp.58-73
• /
• 2021

Cloud Service Providers (CSPs) enable their users to access Cloud computing and storage services from anywhere in quick and flexible manners through the Internet. With the basis of 'pay-as-you-go' model, it makes the interactions between CSPs and the users play a vital role in shaping the Cloud computing market. A pool of virtualized and dynamically scalable Cloud services that delivered on demand to the users is associated with guaranteed performance and cost-provisioning. It needed a costing scheme for determining suitable charges in order to secure lease pricing of the Cloud services. However, it is hard to meet the satisfied prices for both CSPs and users due to their conflicting needs. Furthermore, there is lack of Service Level Agreements (SLAs) that allowing the users to take part into price negotiating process. The users may lose their interest to use Cloud services while reducing CSPs profit. Therefore, this paper proposes a generic costing scheme for Cloud services using General Equilibrium Theory (GET). GET helps to formulate the price function for various services' factors to match with various demands from the users. It is initially determined by identifying the market circumstances that a general equilibrium will be hold and reached. Specifically, there are two procedures of agreement made in response to (i) established equilibrium supply and demand, and (ii) service price formed and constructed in a price range. The SLAs in our costing scheme is integrated to satisfy both CSPs and users' needs while minimizing their conflicts. The price ranging strategy is deliberated to provide prices' options to the users with respect their budget limit. Meanwhile, the CSPs can adaptively charge based on users' preferences without losing their profit. The costing scheme is testable and analyzed in multi-tenant computing environments. The results from our simulation experiments demonstrate that the proposed costing scheme provides better users' satisfaction while fostering fairness pricing in the Cloud market.

• International Journal of Computer Science & Network Security
• /
• 제24권3호
• /
• pp.23-28
• /
• 2024

The multi-tenancy and high scalability of the cloud have inspired businesses and organizations across various sectors to adopt and deploy cloud computing. Cloud computing provides cost-effective, reliable, and convenient access to pooled resources, including storage, servers, and networking. Cloud service models, SaaS, PaaS, and IaaS, enable organizations, developers, and end users to access resources, develop and deploy applications, and provide access to pooled computing infrastructure. Despite the benefits, cloud service models are vulnerable to multiple security and privacy attacks and threats. The SaaS layer is on top of the PaaS, and the IaaS is the bottom layer of the model. The software is hosted by a platform offered as a service through an infrastructure provided by a cloud computing provider. The Hypertext Transfer Protocol (HTTP) delivers cloud-based apps through a web browser. The stateless nature of HTTP facilitates session hijacking and related attacks. The Open Web Applications Security Project identifies web apps' most critical security risks as SQL injections, cross-site scripting, sensitive data leakage, lack of functional access control, and broken authentication. The systematic literature review reveals that data security, application-level security, and authentication are the primary security threats in the SaaS model. The recommended solutions to enhance security in SaaS include Elliptic-curve cryptography and Identity-based encryption. Integration and security challenges in PaaS and IaaS can be effectively addressed using well-defined APIs, implementing Service Level Agreements (SLAs), and standard syntax for cloud provisioning.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2014년도 춘계학술대회
• /
• pp.238-240
• /
• 2014

클라우드 컴퓨팅은 소프트웨어를 서비스로서 사용할 수 있도록 하는 SaaS 프레임워크를 포함한다. 기존의 서비스가 있음에도 테넌트와 용도의 차이에 따라 서비스 제공자가 서비스를 다시 구축한다면 비용이나 관리적 측면에서 많은 자원을 요구하게 된다. 이에 우리는 기존 소프트웨어를 재사용 할 수 있도록 프로세스 알제브라를 이용하여 분석하는 기법을 제안한다. process algebra는 소프트웨어의 구조를 분석하고, 이를 비즈니스 프로세스나 다른 언어로 표현할 수 있으며, 재사용할 수 있는지 검증할 수 있다. process algebra 중 CCS(Calculus of Communicating Systems)는 비즈니스 프로세스나 XML로 변환하기 유용하므로, 이를 이용하여 프로세스를 구조화하고, 구조화된 명세를 비교 및 관리를 위한 메타 저장소를 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권9호
• /
• pp.4576-4598
• /
• 2018

In big data age, flexible and affordable cloud storage service greatly enhances productivity for enterprises and individuals, but spontaneously has their outsourced data susceptible to integrity breaches. Provable Data Possession (PDP) as a critical technology, could enable data owners to efficiently verify cloud data integrity, without downloading entire copy. To address challenging integrity problem on multiple clouds for multiple owners, an identity-based batch PDP scheme was presented in ProvSec 2016, which attempted to eliminate public key certificate management issue and reduce computation overheads in a secure and batch method. In this paper, we firstly demonstrate this scheme is insecure so that any clouds who have outsourced data deleted or modified, could efficiently pass integrity verification, simply by utilizing two arbitrary block-tag pairs of one data owner. Specifically, malicious clouds are able to fabricate integrity proofs by 1) universally forging valid tags and 2) recovering data owners' private keys. Secondly, to enhance the security, we propose an improved scheme to withstand these attacks, and prove its security with CDH assumption under random oracle model. Finally, based on simulations and overheads analysis, our batch scheme demonstrates better efficiency compared to an identity based multi-cloud PDP with single owner effort.

• 한국컴퓨터정보학회논문지
• /
• 제23권12호
• /
• pp.81-87
• /
• 2018

Cloud computing is a computing environment in which users borrow as many IT resources as they need to, and use them over the network at any point in time. This is the concept of leasing and using as many IT resources as needed to lower IT resource usage costs and increase efficiency. Recently, cloud computing is emerging to provide stable service and volume of data along with major technological developments such as the Internet of Things, artificial intelligence and big data. However, for a more secure cloud environment, the importance of perimeter security such as shared resources and resulting secure data storage and access control is growing. This paper analyzes security threats in cloud computing environments and proposes a security architecture for effective response.

• 한국융합학회논문지
• /
• 제5권4호
• /
• pp.93-99
• /
• 2014

클라우드 컴퓨팅은 인터넷 기술을 활용하여 IT자원을 필요한 만큼 빌려서 사용하고 서비스 부하에 따라서 실시간 확장성을 지원받으며 사용한 만큼 비용을 지불하는 컴퓨팅 기술을 말한다. 클라우드 컴퓨팅의 핵심기술인 가상화는 서버, 스토리지 및 하드웨어 등을 분리된 시스템이 아닌 하나의 영역으로 간주하여 자원을 필요에 따라 할당하는 기술이다. 그러나 가상화 환경에서 필요로 하는 보안 메커니즘은 하나의 서버 내부가 아닌 서버 간의 트래픽을 모니터링 하도록 설계되어 있고 기본 수준의 가시성, 통제성 및 감사 기능을 갖는 기존 보안 메카니즘으로는 대응하기 어려운 상황이다. 본 논문에서는 클라우드 컴퓨팅 환경에서 가상화 기술의 보안 취약점을 분석하고 이를 토대로 가상화 기술과 관련된 하이퍼바이저 보안 및 게스트 OS 보안 권고 사항을 제시하고자 한다.

• Journal of Information Processing Systems
• /
• 제19권3호
• /
• pp.394-406
• /
• 2023

In this study, a real-time surveillance system using Internet of Things technology is proposed for vaccine cold chains. This system fully visualizes vaccine transport and storage. It comprises a 4G gateway module, lowpower and low-cost wireless temperature and humidity collection module (WTHCM), cloud service software platform, and phone app. The WTHCM is installed in freezers or truck-mounted cold chain cabinets to collect the temperature and humidity information of the vaccine storage environment. It then transmits the collected data to a gateway module in the radiofrequency_physical layer (RF_PHY). The RF_PHY is an interface for calling the bottom 2.4-GHz transceiver, which can realize a more flexible communication mode. The gateway module can simultaneously receive data from multiple acquisition terminals, process the received data depending on the protocol, and transmit the collated data to the cloud server platform via 4G or Wi-Fi. The cloud server platform primarily provides data storage, chart views, short-message warnings, and other functions. The phone app is designed to help users view and print temperature and humidity data concerning the transportation and storage of vaccines anytime and anywhere. Thus, this system provides a new vaccine management model for ensuring the safety and reliability of vaccines to a greater extent.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권3호
• /
• pp.1014-1025
• /
• 2020

Cloud computing services changed the way the data are managed across the healthcare system that can improve patient care. Currently, most healthcare organizations are using cloud-based applications and related services to deliver better healthcare facilities. But architecting a cloud-based healthcare system needs deep knowledge about the working nature of these services and the requirements of the healthcare environment. The success is based on the usage of appropriate cloud services in the architecture to manage the data flow across the healthcare system.Cloud service providers offer a wide variety of services to ingest, store and process healthcare data securely. The top three public cloud providers- Amazon, Google, and Microsoft offers advanced cloud services for the solution that the healthcare industry is looking for. This article proposes a framework that can effectively utilize cloud services to handle the data flow among the various stages of the healthcare infrastructure. The useful cloud services for ingesting, storing and analyzing the healthcare data for the proposed framework, from the top three cloud providers are listed in this work. Finally, a cloud-based healthcare architecture using Amazon Cloud Services is constructed for reference.