• Journal of Korean Society of Archives and Records Management
• /
• v.19 no.2
• /
• pp.1-24
• /
• 2019

In this study, we propose a logical transfer method of records using cloud storage to solve the integrity problem of digital component, which is generated when electronic records are transferred from the electronic record production system to the record management system. This method, which produces electronic records using cloud storage from the production stage and transfers them to the archives, has the following advantages. First, as a record management method, it can be effectively applied in public institutions by utilizing cloud computing technology, which has been the trend recently. Second, unlike the existing method of copying and physically transferring electronic records, the proposed method can reduce various risk factors that may occur in the transfer of electronic records by logically transferring the storage. Third, the method can prevent errors of the digital component according to the physical transfer of the electronic record; hence, the integrity of the electronic record can be guaranteed. Fourth, administrative power and cost that are wasted because of the electronic transfer of electronic records can be reduced.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.9-15
• /
• 2015

Cloud computing has emerged with promise to decrease the cost of server additional cost and expanding the data storage and ease for computer resource sharing and apply the new technologies. However, Cloud computing also raises many new security concerns due to the new structure of the cloud service models. Therefore, several cloud service certification system were performed in the world in order to meet customers need which is the safe and reliable cloud service. This paper we propose the new risk analysis method different compare with existing method for secure the reliability of certification considering public IaaS(Infrastructure as a Service) cloud service properties.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.389-394
• /
• 2012

The cloud computing is a system that provides IT resources service by using internet technologies, which grabs lots of attention today. Though cloud storage services provide service users with convenience, there is a problem in which data confidentiality is not guaranteed because it is hard for data owners to control the access to the data. This article suggested the technique by applying Public-Key Cryptosystem only to a block after dividing users' data into blocks in order to protect users' data in cloud system. Thus confidentiality and integrity are given to users' data stored in cloud storage server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.295-303
• /
• 2023

As the cloud computing market grows, a variety of cloud services are now reliably delivered. Administrative agencies and public institutions of South Korea are transferring all their information systems to cloud systems. It is essential to develop security solutions in advance in order to safely operate cloud services, as protecting cloud services from misuse and malicious access by insiders and outsiders over the Internet is challenging. In this paper, we propose a zero trust model for cloud storage services that store sensitive data. We then verify the effectiveness of the proposed model by operating a cloud storage service. Memory, web, and network forensics are also performed to track access and usage of cloud users depending on the adoption of the zero trust model. As a cloud storage service, we use Amazon S3(Simple Storage Service) and deploy zero trust techniques such as access control lists and key management systems. In order to consider the different types of access to S3, furthermore, we generate service requests inside and outside AWS(Amazon Web Services) and then analyze the results of the zero trust techniques depending on the location of the service request.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4576-4598
• /
• 2018

In big data age, flexible and affordable cloud storage service greatly enhances productivity for enterprises and individuals, but spontaneously has their outsourced data susceptible to integrity breaches. Provable Data Possession (PDP) as a critical technology, could enable data owners to efficiently verify cloud data integrity, without downloading entire copy. To address challenging integrity problem on multiple clouds for multiple owners, an identity-based batch PDP scheme was presented in ProvSec 2016, which attempted to eliminate public key certificate management issue and reduce computation overheads in a secure and batch method. In this paper, we firstly demonstrate this scheme is insecure so that any clouds who have outsourced data deleted or modified, could efficiently pass integrity verification, simply by utilizing two arbitrary block-tag pairs of one data owner. Specifically, malicious clouds are able to fabricate integrity proofs by 1) universally forging valid tags and 2) recovering data owners' private keys. Secondly, to enhance the security, we propose an improved scheme to withstand these attacks, and prove its security with CDH assumption under random oracle model. Finally, based on simulations and overheads analysis, our batch scheme demonstrates better efficiency compared to an identity based multi-cloud PDP with single owner effort.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.3
• /
• pp.1014-1025
• /
• 2020

Cloud computing services changed the way the data are managed across the healthcare system that can improve patient care. Currently, most healthcare organizations are using cloud-based applications and related services to deliver better healthcare facilities. But architecting a cloud-based healthcare system needs deep knowledge about the working nature of these services and the requirements of the healthcare environment. The success is based on the usage of appropriate cloud services in the architecture to manage the data flow across the healthcare system.Cloud service providers offer a wide variety of services to ingest, store and process healthcare data securely. The top three public cloud providers- Amazon, Google, and Microsoft offers advanced cloud services for the solution that the healthcare industry is looking for. This article proposes a framework that can effectively utilize cloud services to handle the data flow among the various stages of the healthcare infrastructure. The useful cloud services for ingesting, storing and analyzing the healthcare data for the proposed framework, from the top three cloud providers are listed in this work. Finally, a cloud-based healthcare architecture using Amazon Cloud Services is constructed for reference.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.1-17
• /
• 2017

Mobile Cloud Computing has become a promising computing platform. It moves users' data to the centralized large data centers for users' mobile devices to conveniently access. Since the data storage service may not be fully trusted, many public verification algorithms are proposed to check the data integrity. However, these algorithms hardly consider the huge computational burden for the verifiers with resource-constrained mobile devices to execute the verification tasks. We propose an energy-efficient algorithm for assigning verification tasks (EEAVT) to optimize the energy consumption and assign the verification tasks by elastic and customizable ways. The algorithm prioritizes verification tasks according to the expected finish time of the verification, and assigns the number of checked blocks referring to devices' residual energy and available operation time. Theoretical analysis and experiment evaluation show that our algorithm not only shortens the verification finish time, but also decreases energy consumption, thus improving the efficiency and reliability of the verification.

• Convergence Security Journal
• /
• v.17 no.3
• /
• pp.15-20
• /
• 2017

Cloud computing is a service that to use IT resources (software, storage, server, network) through various equipment in an Internet-enabled environment. Due to convenience, efficiency, and cost reduction, the utilization rate has increased recently. However, Cloud providers have become targets for attack Also, Abuse of cloud service is considered as the top security threat. The existing digital forensic procedures are suitable for investigations on individual terminals. In this paper, we propose a new investigation model by analyzing the vulnerable points that occur when you investigate the cloud environment with the existing digital forensic investigation procedure. The proposed investigation model adds a way to obtain account information, and can apply public cloud and private cloud together. Cloud services are also easily accessible and are likely to destroy digital evidence. Therefore, the investigation model was reinforced by adding an account access blocking step.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.4
• /
• pp.135-142
• /
• 2023

Recently, many companies are using public cloud services or building their own data center because digital transformation is expanding. The software-defined storage is a key solution for storing data on the cloud platform and its use is expanding worldwide. Software-defined storage has the advantage of being able to virtualize and use all storage resources as a single storage device and supporting flexible scale-out. On the other hand, since the size of an object is variable, an imbalance occurs in the use of the disk and may cause a failure. In this study, a method of redistributing objects by optimizing disk weights based on storage state information was proposed to solve the imbalance problem of disk use, and the experimental results were presented. As a result of the experiment, it was confirmed that the maximum utilization rate of the disk decreased by 10% from 89% to 79%. Failures can be prevented, and more data can be stored by optimizing the use of disk.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2012.05a
• /
• pp.269-269
• /
• 2012