• The Journal of Society for e-Business Studies
• /
• v.22 no.4
• /
• pp.39-51
• /
• 2017

In October 2016, the NFSA (National Financial Supervisory Authorities) revised the network separation clause of the Regulation on Supervision of Electronic Financial Activities in order to promote the Cloud Computing implementation in the financial sectors. The new regulation, however, limits the Cloud Computing usage to non-critical information and its processing system. Financial institutions that provide customer data analysis and personalized services based on personal data regard current revision as unchanged as before. The implementation of Cloud Computing has greatly contributed to cost reduction, business innovation and is an essential requirement in ever-changing information communication technology environment. To guarantee both security and reliability of the implementation of the Cloud Computing in financial sectors, a considerable amount of research and debate needs to be done. This paper examines current Cloud Computing policies in the Korean financial sector and the challenges associated with it. Finally, the paper identifies policy suggestions based on both European Union and United States' approach as they have successfully introduced Cloud Computing Services for their financial sectors.

• Korean Journal of Remote Sensing
• /
• v.38 no.4
• /
• pp.327-341
• /
• 2022

Cloud removal is often required to construct time-series sets of optical images for environmental monitoring. In regression-based cloud removal, the selection of an appropriate regression model and the impact analysis of the input images significantly affect the prediction performance. This study evaluates the potential of Gaussian process (GP) regression for cloud removal and also analyzes the effects of cloud-free optical images and spectral bands on prediction performance. Unlike other machine learning-based regression models, GP regression provides uncertainty information and automatically optimizes hyperparameters. An experiment using Sentinel-2 multi-spectral images was conducted for cloud removal in the two agricultural regions. The prediction performance of GP regression was compared with that of random forest (RF) regression. Various combinations of input images and multi-spectral bands were considered for quantitative evaluations. The experimental results showed that using multi-temporal images with multi-spectral bands as inputs achieved the best prediction accuracy. Highly correlated adjacent multi-spectral bands and temporally correlated multi-temporal images resulted in an improved prediction accuracy. The prediction performance of GP regression was significantly improved in predicting the near-infrared band compared to that of RF regression. Estimating the distribution function of input data in GP regression could reflect the variations in the considered spectral band with a broader range. In particular, GP regression was superior to RF regression for reproducing structural patterns at both sites in terms of structural similarity. In addition, uncertainty information provided by GP regression showed a reasonable similarity to prediction errors for some sub-areas, indicating that uncertainty estimates may be used to measure the prediction result quality. These findings suggest that GP regression could be beneficial for cloud removal and optical image reconstruction. In addition, the impact analysis results of the input images provide guidelines for selecting optimal images for regression-based cloud removal.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.10
• /
• pp.5039-5061
• /
• 2017

Cloud storage becomes a new trend that more and more users move their data to cloud storage servers (CSSs). To ensure the security of cloud storage, many cloud auditing schemes are proposed to check the integrity of users' cloud data. However, most of them are based on public key infrastructure, which leads to complex certificates management and verification. Besides, most existing auditing schemes are inefficient when user uploads a large amount of data or a third party auditor (TPA) performs auditing for multiple users' data on different CSSs. To overcome these problems, in this paper, we propose an efficient and secure auditing scheme based on identity-based cryptography. To relieve user's computation burden, we introduce a proxy, which is delegated to generate and upload homomorphic verifiable tags for user. We extend our auditing scheme to support auditing for dynamic data operations. We further extend it to support batch auditing in multiple users and multiple CSSs setting, which is practical and efficient in large scale cloud storage system. Extensive security analysis shows that our scheme is provably secure in random oracle model. Performance analysis demonstrates that our scheme is highly efficient, especially reducing the computation cost of proxy and TPA.

• Journal of Information Processing Systems
• /
• v.10 no.1
• /
• pp.103-118
• /
• 2014

Over the last couple of years, traditional VANET (Vehicular Ad Hoc NETwork) evolved into VANET-based clouds. From the VANET standpoint, applications became richer by virtue of the boom in automotive telematics and infotainment technologies. Nevertheless, the research community and industries are concerned about the under-utilization of rich computation, communication, and storage resources in middle and high-end vehicles. This phenomenon became the driving force for the birth of VANET-based clouds. In this paper, we envision a novel application layer of VANET-based clouds based on the cooperation of the moving cars on the road, called CaaS (Cooperation as a Service). CaaS is divided into TIaaS (Traffic Information as a Service), WaaS (Warning as a Service), and IfaaS (Infotainment as a Service). Note, however, that this work focuses only on TIaaS and WaaS. TIaaS provides vehicular nodes, more precisely subscribers, with the fine-grained traffic information constructed by CDM (Cloud Decision Module) as a result of the cooperation of the vehicles on the roads in the form of mobility vectors. On the other hand, WaaS provides subscribers with potential warning messages in case of hazard situations on the road. Communication between the cloud infrastructure and the vehicles is done through GTs (Gateway Terminals), whereas GTs are physically realized through RSUs (Road-Side Units) and vehicles with 4G Internet access. These GTs forward the coarse-grained cooperation from vehicles to cloud and fine-grained traffic information and warnings from cloud to vehicles (subscribers) in a secure, privacy-aware fashion. In our proposed scheme, privacy is conditionally preserved wherein the location and the identity of the cooperators are preserved by leveraging the modified location-based encryption and, in case of any dispute, the node is subject to revocation. To the best of our knowledge, our proposed scheme is the first effort to offshore the extended traffic view construction function and warning messages dissemination function to the cloud.

• Journal of the Korea Convergence Society
• /
• v.9 no.12
• /
• pp.61-68
• /
• 2018

As the smartphone and mobile environment develop, the time and space constraints for individual work performance are disappearing. Companies can reduce costs and expand their business quickly through cloud computing. As the use of various cloud expands, the boundaries of users, data, and applications are disappearing. Traditional security approaches based on boundaries (Perimeter) are losing their utility in the cloud environment. This paper describes the limitations of existing network access control (NAC) in a cloud environment and suggests network security technology that complements it. The study explains the SDP and combines SDP(Software Defined Perimeter) to overcome the limitations of NAC, while at the same time explaining its role as a new framework for supporting the cloud environment. The new framework proposed in this paper suggests a software-based network security solution that supports physical and software parts, providing identity-based access control, encrypted segment management, and dynamic policy management, not IP-based.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3794-3820
• /
• 2019

In recent years, a cloud environment with the ability to detect illegal behaviours along with a secured data storage capability is much needed. This study presents a cloud storage framework, wherein a 128-bit encryption key has been generated by combining deoxyribonucleic acid (DNA) cryptography and the Hill Cipher algorithm to make the framework unbreakable and ensure a better and secured distributed cloud storage environment. Moreover, the study proposes a DNA-based encryption technique, followed by a 256-bit secure socket layer (SSL) to secure data storage. The 256-bit SSL provides secured connections during data transmission. The data herein are classified based on different qualitative security parameters obtained using a specialized fuzzy-based classification technique. The model also has an additional advantage of being able to decide on selecting suitable storage servers from an existing pool of storage servers. A fuzzy-based technique for order of preference by similarity to ideal solution (TOPSIS) multi-criteria decision-making (MCDM) model has been employed for this, which can decide on the set of suitable storage servers on which the data must be stored and results in a reduction in execution time by keeping up the level of security to an improved grade.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.12
• /
• pp.4748-4762
• /
• 2020

Recently, the COVID 19 pandemic has affected on our daily lives and society in many ways. Specifically, it has brought rapid changes in the working environment from office working to smart telecommuting. In addition, cloud computing technology and services not only provided ubiquitous access, but also led to a sharing of information, internal-external communication channels, telework, and innovative smart work for the business process. As a result, smart work services based on social cloud networking have spread to the public sector. However, existing academic research examining smart work merely remains to focus on the theoretical conceptualization or to deal with merely several examples of private views. Best practices of smart work services based on cloud computing technology in the public field rarely exists. Moreover, many studies have been differently measured the values of smart work for private and public sectors depending on organizational singularities. Therefore, the study aims to define new theoretical implications and to explore future business strategies and policy directions based on a technical working group's personal psychological subjectivity. The research applied Q methodology, and selected five public organizations in Korea, that they have adopted or currently plan to adopt some part of smart work services.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.1
• /
• pp.145-164
• /
• 2023

Cloud computing offers a platform that is both adaptable and scalable, making it ideal for outsourcing data for sharing. Various organizations outsource their data on cloud storage servers for availing management and sharing services. When the organizations outsource the data, they lose direct control on the data. This raises the privacy and security concerns. Cryptographic encryption methods can secure the data from the intruders as well as cloud service providers. Data owners may also specify access control policies such that only the users, who satisfy the policies, can access the data. Attribute based access control techniques are more suitable for the cloud environment as they cover large number of users coming from various domains. Multi-authority attribute-based encryption (MA-ABE) technique is one of the propitious attribute based access control technique, which allows data owner to enforce access policies on encrypted data. The main aim of this paper is to comprehensively survey various state-of-the-art MA-ABE schemes to explore different features such as attribute and key management techniques, access policy structure and its expressiveness, revocation of access rights, policy updating techniques, privacy preservation techniques, fast decryption and computation outsourcing, proxy re-encryption etc. Moreover, the paper presents feature-wise comparison of all the pertinent schemes in the field. Finally, some research challenges and directions are summarized that need to be addressed in near future.

• The Journal of Information Systems
• /
• v.32 no.2
• /
• pp.153-176
• /
• 2023

Purpose As non-face-to-face work environments become common due to COVID-19, interest in online collaboration tools that can communicate smoothly without time and space limitations is continuously increasing. Most of the prior studies are about the introduction, use intention, and satisfaction of cloud computing-based collaboration tools, and studies on the effects of collaboration tools on work-life balance and quality of life are somewhat lacking. Therefore, in this study, the characteristics of cloud computing-based collaboration tools were derived, and the effect on job satisfaction during work and job stress outside of working hours was confirmed. Design/methodology/approach This study applied the S-O-R framework and conducted an online survey of office workers who used cloud computing-based collaboration tools for more than three months. Hypotheses were tested using structural equations. Findings As a result of the analysis, among the characteristics of collaboration tools, stability, usefulness, and interoperability had higher job satisfaction as more stimuli were applied. In addition, the higher the job satisfaction during work, the higher the job performance, work-life balance, and quality of life.

• Journal of Information Technology Services
• /
• v.11 no.2
• /
• pp.107-118
• /
• 2012

Recently, as the clouding computing begins to receive a great attention from people all over the world, it became the most popular buzz word in recent IT magazines or journal and heard it in many different services or different fields. However, a notion of the cloud service is defined vaguely compared to increasing attentions from others. Generally the cloud service could be understood as a specific service model base on the clouding computing, but the cloud, the cloud computing, the cloud computing service and cloud service, these four all terms are often used without any distinction of its notions and characteristics so that it's difficult to define the exact nature of the cloud service. To explore and analyze the cloud service systematically, an accurate conception and scope have to be preceded. Therefore this study is to firstly clarify its definition by Delpi method using expert group and then tries to provide the foundation needed to enable relative research such as establishing business model or value chain and policies for its activation to set off. For the Delpi, 16 experts participated in several surveys from different fields such industry, academy and research sector. As a result of the research, Characteristics of the Cloud Service are followings : Pay per use, Scalability, Internet centric Virtualization. And the scope as defined including Grid Computing, Utility Computing, Server Based Computing, Network Computing.