• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

• Journal of Internet Computing and Services
• /
• v.16 no.3
• /
• pp.79-93
• /
• 2015

With the rapid development of information technology, the ways of usage have changed drastically. The ways and efficiency of traditional service application to data processing already could not satisfy the requirements of modern users. Nowadays, users have already understood the importance of data. Therefore, the processing and saving of big data have become the main research of the Internet service company. In China, with the rise and explosion of 115 Cloud leads to other technology companies have began to join the battle of cloud services market. Although currently Chinese cloud services are still mainly dominated by cloud storage service, the series of service contents based on cloud storage service have been affirmed by users, and users willing to try these new ways of services. Thus, how to let users to keep using cloud services has become a topic that worth for exploring and researching. The academia often uses the TAM model with statistical analysis to analyze and check the attitude of users in using the system. However, the basic TAM model obviously already could not satisfy the increasing scale of system. Therefore, the appropriate expansion and adjustment to the TAM model (i. e. TAM2 or TAM3) are very necessary. This study has used the status of Chinese internet users and the related researches in other areas in order to expand and improve the TAM model by adding the brand influence, hardware environment and external environments to fulfill the purpose of this study. Based on the research model, the questionnaires were developed and online survey was conducted targeting the cloud services users of four Chinese main cities. Data were obtained from 210 respondents were used for analysis to validate the research model. The analysis results show that the external factors which are service contents, and brand influence have a positive influence to perceived usefulness and perceived ease of use. However, the external factor hardware environment only has a positive influence to the factor of perceived ease of use. Furthermore, the perceived security factor that is influenced by brand influence has a positive influence persistent intention to use. Persistent intention to use also was influenced by the perceived usefulness and persistent intention to use was influenced by the perceived ease of use. Finally, this research analyzed external variables' attributes using other perspective and tried to explain the attributes. It presents Chinese cloud service users are more interested in fundamental cloud services than extended services. In private cloud services, both of increased user size and cooperation among companies are important in the study. This study presents useful opinions for the purpose of strengthening attitude for private cloud service users can use this service persistently. Overall, it can be summarized by considering the all three external factors could make Chinese users keep using the personal could services. In addition, the results of this study can provide strong references to technology companies including cloud service provider, internet service provider, and smart phone service provider which are main clients are Chinese users.

• Journal of the Korea Convergence Society
• /
• v.9 no.4
• /
• pp.57-63
• /
• 2018

IoT devices are used in many areas to perform various roles and functions in a cloud environment. However, a method of access control that can stably control the IoT device has not been proposed yet. In this paper, we propose a hierarchical multi-level property access control scheme that can perform stable access of IoT devices used in a cluster environment. In order to facilitate the access of the IoT device, the proposed method not only provides the ID key (security token) unique to the IoT device by providing the IoT Hub, but also allows the IoT Hub to authenticate the X.509 certificate and the private key, So that the private key of the IoT device can not be seen outside the IoT device. As a result of the performance evaluation, the proposed method improved the authentication accuracy by 10.5% on average and the processing time by 14.3%. The overhead of IoT Hub according to the number of IoT attributes was 9.1% lower than the conventional method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1035-1045
• /
• 2018

Recently, with the development of IT technology, authentication methods of users using cloud services have been diversified. However, research on providing authentication information of a user using a cloud service securely according to authority has not been make until now. In this paper, we propose a key establishment protocol which can perform split authentication using secret key and access control key according to the role authority of user in Intra cloud environment. The proposed protocol generates the access control key and secret key of the user by using the attributes of the user and the generated random number($t_1$, $t_2$), and classifies the roles according to the user's authority after generating the key. Unnecessary operation processes can be reduced. As a result of the performance evaluation, the proposed protocol guarantees the security against various type of attacks that may occur in the cloud environment because the user is authenticated by dividing the access control key and secret key. The size of the ciphertext used to establish the key could be reduced by ${\sum}+1$ more than the existing protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.4
• /
• pp.998-1019
• /
• 2024

Mobile cloud computing is a very attractive service paradigm that outsources users' data computing and storage from mobile devices to cloud data centers. To protect data privacy, users often encrypt their data to ensure data sharing securely before data outsourcing. However, the bilinear and power operations involved in the encryption and decryption computation make it impossible for mobile devices with weak computational power and network transmission capability to correctly obtain decryption results. To this end, this paper proposes an outsourcing decryption algorithm of verifiable transformed ciphertext. First, the algorithm uses the key blinding technique to divide the user's private key into two parts, i.e., the authorization key and the decryption secret key. Then, the cloud data center performs the outsourcing decryption operation of the encrypted data to achieve partial decryption of the encrypted data after obtaining the authorization key and the user's outsourced decryption request. The verifiable random function is used to prevent the semi-trusted cloud data center from not performing the outsourcing decryption operation as required so that the verifiability of the outsourcing decryption is satisfied. Finally, the algorithm uses the authorization period to control the final decryption of the authorized user. Theoretical and experimental analyses show that the proposed algorithm reduces the computational overhead of ciphertext decryption while ensuring the verifiability of outsourcing decryption.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.2
• /
• pp.86-100
• /
• 2015

Cloud computing is a computing term that evolved in the late 2000s, based on utility and consumption of computer resources. Google say that "Cloud computing involves deploying groups of remote servers and software networks that allow different kinds of data sources be uploaded for real time processing to generate computing results without the need to store processed data on the cloud. Cloud computing relies on sharing of resources to achieve coherence and economies of scale, similar to a utility (like the electricity grid) over a network. At the foundation of cloud computing is the broader concept of converged infrastructure and shared services. Cloud computing, or in simpler shorthand just "the cloud", also focuses on maximizing the effectiveness of the shared resources." The cloud service is a smart and/or intelligent service to save private files in any device, anytime, anywhere. Dropbox, OAuth, PAClous are required that the accumulated user's data are archives with cloud service. Currently we suggest an implementation technique to process many tasks to the cloud server with a thread pooling. Thread pooling is one of efficient implementating technique for client and service environment. In this paper, to present the implementation technique we suggest three diagrams in the consideration of software engineering.

• Journal of Internet Computing and Services
• /
• v.16 no.1
• /
• pp.91-100
• /
• 2015

Recently many companies began to feel the pressures of cost savings due to the global recession, so they have been interested in the Cloud Computing. Cloud Computing is one of using method of IT resources through the network. Users can borrow softwares or hardwares instead of buying them. Many people expect remarkable growth in Cloud Computing industry because of it's effectiveness. But Cloud Computing industry is still at an early stage. Especially, people who in the public sector hesitate to adopt Cloud Computing Services due to security issues and their conservative views. Also, they just have limited understanding, so we need to investigate what they really know and understand. Researches about the Cloud Computing generally focus on technical issues, so we can hardly find researches reference for decision making in considering the services. The study aims to investigate diverse factors for agencies' adoption decisions, such as benefits, costs, and risk in developing the most ideal type of cloud computing service for them, and performs priority analyses by applying ANP (Analytic Network Process). The results identify that features pertaining to the risk properties were considered the most significant factors. According to this research, the usage of private cloud computing services may prove to be appropriate for public environment in Korea. The study will hopefully provide the guideline to many governmental agencies and service providers, and assist the related authorities with cloud computing policy in coming up with the relevant regulations.

• Information Systems Review
• /
• v.19 no.1
• /
• pp.75-100
• /
• 2017

Today, firms are constantly transforming and innovating to survive under the rapidly changing business environment. The introduction of cloud computing services has become popular throughout society as a whole and is expected to result in many changes and developments not only in firms and but also in the public sector subject to innovation. The purpose of this study is to investigate the effect of the characteristics of cloud computing services on the perceived expected performance according to innovativeness based on innovation diffusion theory. The results of the analysis of the data collected from this research are as follows. The convenience and understanding of individuals' work as well as the benefits of cloud computing services to them depend on the innovative trend of cloud computing services. Further, the expectations for personal benefit and those for organizational benefit of cloud computing services are different from each other. Leading firms in the global market have been actively engaged in the utilization of cloud computing services in the public sector as well as in private firms. In consideration of the importance of cloud computing services, using cloud computing services as the target of innovation diffusion research is important. The results of the study are expected to contribute to developing future research models for the diffusion of new technologies, such as big data, digital convergence, and Internet of Things.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2012.07a
• /
• pp.210-212
• /
• 2012

하이브리드 스마트 홈 클라우드 플랫폼/서비스 기술은 가정 내 외 클라우드와 연계하여 실시간으로 수정되는 다양한 콘텐츠, 응용 프로그램, 스마트 가전, 개인 생활 정보들을 융합 관리 함으로써 멀티미디어, 어플리케이션, 스마트 가전 등을 통하여 다양한 스마트 융복합 서비스를 제공해 줄 수 있는 기술이다. 이에 본 논문은 데이터의 프라이버시, 안정성, 보안성, 종속화등 Public Cloud에 대한 거부반응을 해소하기 위해 개인 또는 흠단위로 스마트 콘텐츠를 서로 공유할수 있는 댁내 Private 클라우드와 다양한 스마트 홈 서비스를 제공하는 사업자 및 소셜 그룹간의 공유가 가능한 댁 외 Public 클라우드와 연계하여, 실시간으로 수집되는 다양한 콘텐츠, 용용 프로그램, 스마트 가전, 개인 생활 정보들을 통합 관리하고, 서비스 가상화 기술을 이용하여 다양한 경량화 스마트 가전(Thin/Zero Client)에 동시 적용 가능한 "하이브리드 홈 클라우드 단말 서버 플랫폼 기술을 연구하였다.

• Annual Conference of KIPS
• /
• 2015.04a
• /
• pp.164-166
• /
• 2015

Recently, the implementations of private and public cloud service (IaaS: Infrastructure as a Service) have been growing rapidly. As a result, the need to provide High-Availability and Load-Balancing for the users has also increased. Openstack which is one of cloud computing solutions currently offers a feature to meet the need through an extension called Load Balancing as a Service (LBaaS). This paper will provide a detailed explanation about Openstack's LBaaS and its operation principle will be analyzed through the actual implementation.