• Journal of Internet Computing and Services
• /
• v.15 no.1
• /
• pp.113-123
• /
• 2014

Many people expect remarkable growth in Cloud Computing industry because of it's effectiveness. But Cloud Computing industry is still at an early stage. Especially, people who in the public sector hesitate to adopt Cloud Computing Services due to security issues and their conservative views. Also, they just have limited understanding, so we need to investigate what they really know and understand. The purpose of this study is to propose Improvement plans on cloud-based smart work service of a quasi-governmental agency based on the view point of preference and tendency. To discover three types of cloud-based smart work issues and interpret theoretical definitions of those, we conducted a subjectivity analysis through qualitative methodology. At the result, the study draws three elements of typology: convenience type, concentration type, and collaboration type, and provides directions to strategic-policy studies for future cloud-based smart work services of quasi-governmental agency.

• The Journal of the Korea Contents Association
• /
• v.19 no.12
• /
• pp.407-415
• /
• 2019

As the IT environment changes with cloud computing and smart work, the existing perimeter security model is showing its limitations and Software Defined Perimeter is being discussed as an alternative. However, SDP Spec 1.0 does not specify the device registration procedure, policy distribution process and authentication key generation and sharing process.In this paper, we propose a method to solve the problem of SDP access control by improving the operation procedure of Single Packet Authentication. This paper suggests that the proposed method can implement a consistent and automated integrated access control policy compared to the existing access control methods.

• Journal of Digital Convergence
• /
• v.12 no.6
• /
• pp.341-347
• /
• 2014

Among methods of the big data process, big data process under the cloud environment is becoming a main topic. As part of solving faced problem and strengthening industrial competitiveness in the medical and health industry, discussion on ways to activate big data is actively being conducted. Because the reason is a paradigm shift, saving pressure for increasing health care costs, and increased consumer interest for the level of service. In this paper, we find out the relationship between the cloud and big data. And we are to research and analysis a cloud-based big data case in the medical field. Finally we propose the efficient utilization and future outlook. For the smooth functioning of cloud-based medical big data, we have to solve the problems like infrastructure extension, analysis/application software development, and professional manpower training. In addition, we have to correct insufficient laws maintenance to the Cloud utilization, and improve the security and the recognition to personal information, and solve authority for data centralization.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.343-349
• /
• 2012

Usage control models are the new breed of access control models that allow description of comprehensive policies for usage of protected content. In this paradigm, decisions regarding access to objects are not limited to request time only. It is coupled with the usage of the protected objects and becomes a continuous process carried out in parallel to the usage. The realization of usage control has been a long standing research problem to overcome the issue of loss of control in secure document dissemination. With the emergence of cloud computing, documents are stored in the cloud, the document viewers and editors themselves reside in the cloud and are accessed from thin clients such as browsers. We note that such scenarios provide an ideal opportunity for the realization of usage control for securing the usage of documents based on the stakeholders' policies. In this paper, we proposed Multimedia Content Management (MCM) for a better realization multimedia content in the cloud based applications. We designed a robust architecture to provide fine-grained control over usage of protected objects through the use of emerging cloud computing paradigm. We present the design principles for this realization and discuss our proposed architecture.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.565-586
• /
• 2022

Cloud storage's elastic expansibility not only provides flexible services for data owners to store their data remotely, but also reduces storage operation and management costs of their data sharing. The data outsourced remotely in the storage space of cloud service provider also brings data security concerns about data integrity. Data integrity verification has become an important technology for detecting the integrity of remote shared data. However, users without data access rights to verify the data integrity will cause unnecessary overhead to data owner and cloud service provider. Especially malicious users who constantly launch data integrity verification will greatly waste service resources. Since data owner is a consumer purchasing cloud services, he needs to bear both the cost of data storage and that of data verification. This paper proposes a verification control algorithm in data integrity verification for remotely outsourced data. It designs an attribute-based encryption verification control algorithm for multiple verifiers. Moreover, data owner and cloud service provider construct a common access structure together and generate a verification sentinel to verify the authority of verifiers according to the access structure. Finally, since cloud service provider cannot know the access structure and the sentry generation operation, it can only authenticate verifiers with satisfying access policy to verify the data integrity for the corresponding outsourced data. Theoretical analysis and experimental results show that the proposed algorithm achieves fine-grained access control to multiple verifiers for the data integrity verification.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.323-342
• /
• 2021

Personal health records (PHRs) is an electronic medical system that enables patients to acquire, manage and share their health data. Nevertheless, data confidentiality and user privacy in PHRs have not been handled completely. As a fine-grained access control over health data, ciphertext-policy attribute-based encryption (CP-ABE) has an ability to guarantee data confidentiality. However, existing CP-ABE solutions for PHRs are facing some new challenges in access control, such as policy privacy disclosure and dynamic policy update. In terms of addressing these problems, we propose a privacy protection and dynamic share system (PPADS) based on CP-ABE for PHRs, which supports full policy hiding and flexible access control. In the system, attribute information of access policy is fully hidden by attribute bloom filter. Moreover, data user produces a transforming key for the PHRs Cloud to change access policy dynamically. Furthermore, relied on security analysis, PPADS is selectively secure under standard model. Finally, the performance comparisons and simulation results demonstrate that PPADS is suitable for PHRs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4545-4566
• /
• 2021

The evolution of IoT technology is having a significant impact on people's lives. Almost all areas of people's lives are benefiting from increased productivity and simplification made possible by this trending technology. On the downside, however, the application of IoT technology is posing some security challenges, among them, unauthorized access to IoT devices. This paper presents an Attribute-based Access Control Fog architecture that aims to achieve effective distribution, increase availability and decrease latency. In the proposed architecture, the main functional points of the Attribute-based Access Control are distributed to provide policy decision and policy information mechanisms in fog nodes, locating these functions near end nodes. To evaluate the proposed architecture, an access control engine based on the Attribute-based Access Control was built using the Balana library and simulated using EdgeCloudSim to compare it to the traditional cloud-based architecture. The experiments show that the fog-based architecture provides robust results in terms of reducing latency in making access decisions.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.21-29
• /
• 2016

Our society is currently exposed to environment of various information that is exchanged real time through networks. Especially regarding medical policy, the government rushes to practice remote medical treatment to improve the quality of medical services for citizens. The remote medical practice requires establishment of medical information based on big data for customized treatment regardless of where patients are. This study suggests establishment of regional medical cluster along with defense and protection cooperation models that in case service availability is harmed, and attacks occur, the attacks can be detected, and proper measures can be taken. For this, the study suggested forming networks with nationwide local government hospitals as regional virtual medical cluster bases by the same medical information system. The study also designed a mutual cooperation security model that can real time cope with IP Spoofing attack that can occur in the medical cluster and DDoS attacks accordingly, so that the limit that sole system and sole security policy have can be overcome.

• Journal of Digital Convergence
• /
• v.12 no.10
• /
• pp.299-308
• /
• 2014

Today, a number of users using smartphone is very rapidly increasing by development of smartphone performance and providing various services. Also, they are using it for enjoying various services(cloud service, game, banking service, mobile office, etc.). today's mobile security solution is simply to detect malicious code or stay on the level of mobile device management. In particular, the services which use sensitive information, such as certificate, corporation document, personal credit card number, need the technology which are prevented from hacking and leaking it. Recently, interest of these mobile security problems are increasing, as the damage cases been occurred. To solve the problem, there is various security research such as mobile virtualization, ARM trustzone, GlobalPlatform for mobile device. Therefore, in this paper, I suggested efficient method that uses the mobile virtualization techniques of certification, security policy and access control, password/key management, safe storage, etc. and Trustzone of ARM for preventing information leakage and hacking.

• Informatization Policy
• /
• v.21 no.2
• /
• pp.49-66
• /
• 2014

In the last few years, cloud computing has grown from being a promising business concept to one of the fast growing segments of the IT industry. However, as more and more information on individuals and companies are placed in the cloud, concerns on just how safe the computing environment is have gradually increased. In this study, it will be explored if key characteristics of cloud computing services would affect the behavioral intention to use public cloud computing services. A conceptual model is developed and seven research hypotheses are proposed for empirical testing. The proposed model is examined through structural equation analysis. The results show that perceived risk has statistically significant effect on the privacy concern of users and the privacy concern has a negative influence on the trust. Finally, the trust has a positive effect on the attitude and the attitude has statistically significant effect on use intention. Implications of these findings are discussed for both researchers and practitioners and future research issues are raised as well.