• Journal of Internet Computing and Services
• /
• v.19 no.3
• /
• pp.25-33
• /
• 2018

This paper proposes a cloud workflow model theoretically supported by the information control net modeling methodology as a cloud workflow modeling methodology that is mandatory in implementing realtime enterprise workflow management systems running with cloud computing environments. The eventual goal of the cloud workflow model proposed in this paper is to support those cloud workflow architectures reflecting the types of cloud deployment models such as private, community, public, and hybrid cloud deployment models. Moreover, the proposed model is a mathematical graph model that is extended from the information control net modeling methodology used in conventional enterprise workflow modeling, and it aims to theoretically couple this methodology with the cloud deployment models. Finally, this paper tries to verify the feasibility of the proposed model by building a possible cloud workflow architecture and its cloud workflow services on a realtime enterpeise cloud workflow management system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.3
• /
• pp.843-871
• /
• 2015

Cloud computing evolve as a cost effective business model for IT companies to focus on their core business without perturbing on infrastructure related issues. Hence, major IT firms and Small & Medium Enterprises (SME) are adopting cloud services on rental basis from cloud providers. Cloud Service level agreements (SLA) act as a key liaison between consumers and providers on renting Anything as a Service (AaaS). Design of such an agreement must aim for greater profit to providers as well as assured availability of services to consumers. However in reality, cloud SLA is not satisfying the parties involved because of its inherent complex nature and issues. Also currently most of the agreements are unilateral to favour the provider. This study focuses on comprehensive, 360-degree survey on different aspects of the cloud service agreements. We detailed the life cycle of SLA based on negotiation, different types of SLA, current standards, languages & characteristics, metrics and issues involved in it. This study will help the cloud actors to understand and evaluate the agreements and to make firm decision on negotiation. The need for standardized, bilateral, semantic SLA has also been proposed.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.81-87
• /
• 2016

Cloud computing technologies are utilized and merged in various domains. Cloud computing technology-based personal cloud service technologies provide mobility and free access by using user centered storages and smart devices such like smart phones and table PCs. Therefore, we should overcome limits on the storage by solving the capacity problems of devices to provide security services in the personal cloud environments It can be addressable to provide the convenience of various security technologies. However, there are some security threats inherited from existing cloud environments and the possibilities of information leakage when devices are lost or stolen. Therefore, we designed a framework for providing secure cloud services by adding objects, such as user authorization, access tokens, set permissions by key generation, and key management assignments, for user management in personal cloud environments. We analyzed the stability of the proposed framework in terms of irreverent use and abuse, access to insiders, and data loss or leakage. And we evaluated the proposed framework in terms of the security with access control requirements in personal cloud environments.

• Journal of KIISE
• /
• v.43 no.9
• /
• pp.1052-1059
• /
• 2016

A key role in cloud computing systems that is becoming an issue is implementing a database on untrusted cloud servers requiring the complexity of key management. This study proposes a key management system using Self Proxy Servers to minimize key executions and improve the performance of cloud services by generating Self-Creating Algorithms where the data owner is not directly concerned with related keys when a user sends an encrypted database a query. The Self Proxy Server supports active and autonomous key managements as a distributed server if any trouble should arise from a cloud key server and for an efficient cloud key management. Therefore, the key management system provides secure cloud services by supporting confidentiality of a cloud server database.

• The Journal of Asian Finance, Economics and Business
• /
• v.6 no.1
• /
• pp.217-229
• /
• 2019

The purpose of the research is to verify how task characteristics for business and technology characteristics, economic feasibility, technology readiness, organizational factors, environmental factors of cloud computing affect the performance of cloud computing adoption through Fit and Viability. The research aims to verify the relationship among the success factors for adopting cloud computing based on the Fit-Viability model. Respondents who work for IT companies which is using cloud computing in South Korea were chosen. The data was analyzed by the structural equating model. As a result, Task characteristics and Technology characteristics affected Fit in a positive manner, while Technology readiness, Organizational factors and Environmental factors also positively impacted Viability. Fit and Viability both affected the successful adoption of cloud equally. In particular, Environmental factors were proven to have the biggest impacts on Viability, and affected highly indirect impact on the Performance of cloud computing adoption through Viability. Entering the era of the fourth industrial revolution, corporations have established digital transformation strategies to secure a competitive edge while growing continuously, and are also carrying out various digital transformation initiatives. For the success of adoption of foundational technologies, they need to understand not only the decision-making factors of adopting cloud computing, but also the success factors of adopting cloud computing.

• Journal of Information Technology Services
• /
• v.12 no.4
• /
• pp.1-23
• /
• 2013

This study examines whether key characteristics of cloud computing services would affect the intention of use for personalized cloud computing services. The research model was generated based on Technology Acceptance Model (TAM) with resistance variable, and verified statistically by undertaking a survey about the perception of personal users. As the results of this analysis, we could find the structural relationship among the factors affecting adoption of the cloud computing service. We found that the expectation of ubiquity as a representative function of the cloud computing service meaningfully affected the perceived ease of use and resistance, and that the relativeness with existing services also meaningfully affected the perceived ease of use, but not the resistance. In addition, the moderating effects of use experience in the path leading from the perceived ease of use and resistance to the intention of use were identified. This study will provide diverse implications for the companies providing personalized cloud computing services.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.8 no.6
• /
• pp.303-309
• /
• 2013

Cloud storage services are used for efficient sharing or synchronizing of user's data across multiple mobile devices. Although cloud storages provide flexibility and scalability in storing data, security issues should be handled. Currently, typical cloud storage services offer data encryption for security purpose but we think such method is not secure enough because managing encryption keys by software and identifying users by simple ID and password are main defectives of current cloud storage services. We propose a secure data access method to cloud storage in mobile environment. Our framework supports hardware-based key management, attestation on the client software integrity, and secure key sharing across the multiple devices. We implemented our prototype using ARM TrustZone and TPM Emulator which is running on secure world of the TrustZone environment.

• Journal of Information Processing Systems
• /
• v.12 no.2
• /
• pp.226-233
• /
• 2016

Cloud computing is a distributed computing model that has lot of drawbacks and faces difficulties. Many new innovative and emerging techniques take advantage of its features. In this paper, we explore the security threats to and Risk Assessments for cloud computing, attack mitigation frameworks, and the risk-based dynamic access control for cloud computing. Common security threats to cloud computing have been explored and these threats are addressed through acceptable measures via governance and effective risk management using a tailored Security Risk Approach. Most existing Threat and Risk Assessment (TRA) schemes for cloud services use a converse thinking approach to develop theoretical solutions for minimizing the risk of security breaches at a minimal cost. In our study, we propose an improved Attack-Defense Tree mechanism designated as iADTree, for solving the TRA problem in cloud computing environments.

• Proceedings of the KSRS Conference
• /
• 2005.10a
• /
• pp.34-37
• /
• 2005

An efficient and robust neural network-based scheme is introduced in this paper to perform automatic cloud detection. Unlike many existing cloud detection schemes which use thresholding and statistical methods, we used the artificial neural network methods, the multi-layer perceptrons (MLP) with back-propagation algorithm and radial basis function (RBF) networks for cloud detection from Geostationary satellite images. We have used a simple scene (a mixed scene containing only cloud and clear sky). The main results show that the neural networks are able to handle complex atmospheric and meteorological phenomena. The experimental results show that two methods performed well, obtaining a classification accuracy reaching over 90 percent. Moreover, the RBF model is the most effective method for the cloud classification.