• Information Systems Review
• /
• v.17 no.1
• /
• pp.1-18
• /
• 2015

Recently, the number of available cloud services are increasing dramatically because many IT companies have entered into cloud service market. Due to the reason, cloud service brokers are emerging as agents to solve cloud service selection problems and to support cloud service initialization and maintenance of unskilled cloud service users. In this study, NCloud24 case in South Korea and Right Scale case in the USA are analyzed as representative examples of the collaboration between original cloud service providers and cloud service brokers. The business models of two companies are analyzed using Business Model Canvas. The emergence of cloud service brokers are interpreted as unbundling process of IaaS (Infrastructure-as-a-service) cloud service companies. Based on the comparison with the two companies, we prospect future directions of cloud service brokerage.

• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.53-58
• /
• 2013

Due to the wide spread of the perception of cloud computing, the usage of cloud computing is increasing globally. Cloud computing is able to converge the various industrial domains based on ICT and it is more and more popular because it has a lot of benefits such as cost savings etc. in global economic recession. However, if cloud computing service is to achieve its potential, it is necessary to clearly understand the critical issues such as service security, performance and availability and so on from the perspectives of the providers and the consumers of the cloud service. In addition, customers focus on how to get and use the safe and reliable cloud service. In order to meet these problems, Korea cloud service certification system and Japanese ASP-SaaS-Cloud certification system were performed in each country. This paper aims at comparing and analyzing between them and describing the difference. Eventually, we propose the improvement strategy of Korea cloud service certification system based on the comparison results between them.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.487-498
• /
• 2023

Security incidents using vulnerabilities in cloud services occur, but it is difficult to collect and analyze traces of incidents in cloud environments with complex and diverse service models. As a result, the importance of cloud forensics research has emerged, and infringement response scenarios must be designed from the perspective of cloud service users (CSUs) and cloud service providers (CSPs) based on representative security threat cases in the public cloud service model. This simulated hacking-based proactive cloud infringement response framework can be used to respond to the cloud service critical resource attack process from the viewpoint of vulnerability detection before cyberattacks occur on the cloud, and can also be expected for data acquisition. Therefore, in this paper, we propose a framework for preventive cloud infringement based on simulated hacking by analyzing and utilizing Cloudfox, a cloud penetration test tool.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.1
• /
• pp.38-57
• /
• 2016

Service discovery is one of the major challenges in cloud computing environment with a large number of service providers and heterogeneous services. Non-uniform naming conventions, varied types and features of services make cloud service discovery a grueling problem. With the proliferation of cloud services, it has been laborious to find services, especially from Internet-based service repositories. To address this issue, services are crawled and clustered according to their similarity. The clustered services are maintained as a catalogue in which the data published on the cloud provider's website are stored in a standard format. As there is no standard specification and a description language for cloud services, new efficient and intelligent mechanisms to discover cloud services are strongly required and desired. This paper also proposes a key-value representation to describe cloud services in a formal way and to facilitate matching between offered services and demand. Since naïve users prefer to have a query in natural language, semantic approaches are used to close the gap between the ambiguous user requirements and the service specifications. Experimental evaluation measured in terms of precision and recall of retrieved services shows that the proposed approach outperforms existing methods.

• Journal of Information Technology Services
• /
• v.11 no.1
• /
• pp.173-196
• /
• 2012

Cloud computing is provided on demand service via the internet, allowing users to pay for the service they actually use. Since cloud computing is emerging stage in industry, many companies and government consider adopting the cloud computing. Actually a variety of factors may influence on the adopting decision making of cloud computing. The objective of this study is to explore the significant factors affecting the adoption decision of enterprise cloud computing. A research model has been suggested based on TOE framework and outsourcing decision framework. Based on 302 data collected from managers in various industries, the major findings are following. First, the benefit factors of cloud computing service such as agility and cost reduction have direct and positive effects on adoption of the service. Second, lock-in as a risk factor of cloud computing service has a negative effect while security has not. Third, both internal and external environment factors have positive effects on adoption of the service.

• Journal of KIISE
• /
• v.42 no.11
• /
• pp.1361-1371
• /
• 2015

Depending on the increase amongst various cloud services, the technology of the Cloud Service Broker (CSB) to find the most appropriate services to meet the needs of cloud service consumers has emerged. In order to advance for cloud services to be used through the CSB, it is important to ensure the quality level that meets the demands of consumers through a negotiation process based on the Service Level Agreement (SLA). However, quality metrics of cloud services are different from each other based on the measurement scale, which represents the quality level, and the calculation for each type of cloud services. Therefore, it is necessary to analyze the variability of the quality of cloud services and establish a SLA model for ensuring and improving the level of quality. In this paper, we analyze the quality metrics for the specific type of cloud services by applying the cross-cutting concept and propose a Virtual SLA (VSLA) meta-model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1523-1545
• /
• 2019

Cloud computing is now a widespread and economical option when data owners need to outsource or share their data. Designing secure and efficient data access control mechanism is one of the most challenging issues in cloud storage service. Anonymous broadcast encryption is a promising solution for its advantages in the respects of computation cost and communication overload. We bring forward an efficient anonymous identity-based broadcast encryption construction combined its application to the data access control mechanism in cloud storage service. The lengths for public parameters, user private key and ciphertext in the proposed scheme are all constant. Compared with the existing schemes, in terms of encrypting and decrypting computation cost, the construction of our scheme is more efficient. Furthermore, the proposed scheme is proved to achieve adaptive security against chosen-ciphertext attack adversaries in the standard model. Therefore, the proposed scheme is feasible for the system of data access control in cloud storage service.

• Asia-Pacific Journal of Business
• /
• v.12 no.4
• /
• pp.313-329
• /
• 2021

Purpose - Digital trade, which started in the early 2000s, is showing a sharp increase due to the recent pandemic. However, despite this proliferation, users' acceptance of innovation is very slow. Cloud services are at the center of digital trade activation. This study aims to contribute to the spread of digital trade through empirical analysis of the resistance factors that hinder the use of cloud service-based digital trade using the innovation resistance theory and the status quo bias theory. Design/Methodology/Approach - In order to achieve the research purpose, this study was conducted with 171 entrepreneurs using cloud service-based digital trade. Structural equation model(SEM) was used through empirical analysis. Findings - As a result of the study, it was found that the complexity of technology, perceived risk, compatibility, and trust in service providers had a significant effect on innovation resistance, and policy trust did not affect innovation resistance. Also, security concerns and institutional trust were analyzed to have a significant effect on the trust of service providers. Research Implications - This study is meaningful to help the rapid diffusion of innovative technologies through empirical analysis of factors that lower the intention to accept cloud service-based digital trade.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.181-196
• /
• 2014

Cloud computer technology currently provides diverse services based on a comprehensive environment ranging from hardware to solution, network and service. While the target of services has been extended from institutions and corporations to personal infrastructure and issues were made about security problems involved with protection of private information, measures on additional security demands for such service characteristics are insufficient. This paper proposes a multi-session authentication technique based on the characteristics of SaaS (Software as a Service) among cloud services. With no reliable authentication authority, the proposed technique reinforced communication sessions by performing key agreement protocol safe against key exposure and multi-channel session authentication, providing high efficiency of performance through key renewal using optimzied key table. Each formed sessions have resistance against deprivation of individual confirmation and service authority. Suggested confirmation technique that uses these features is expected to provide safe computing service in clouding environment.

• Journal of Korea Multimedia Society
• /
• v.23 no.2
• /
• pp.328-342
• /
• 2020

As the cloud-based ICT(Information & Communication Technology) infrastructure matures, the existing monolithic software development method is evolving into a micro-service structure based on cloud native computing. To develop and operate the services efficiently under the cloud native environment, DevOps-based application development plans through MSA(Micro Service Architecture) design based are essential. A cloud native environment is an approach to developing and running applications that take advantage of cloud computing models such as automation of source distribution, container-based virtualization, application scalability, resource efficiency, and flexible maintenance through object independence. To implement this approach, the utilization of key elements such as DevOps, continuous delivery, micro service, and containers is essential, but there are not enough previous studies on case analyses or application methods of these key elements. Therefore, in this paper, we analyze the cases of application development in cloud native environment and propose the optimized application development process and development method through small and medium-sized SI projects.