• 디지털융복합연구
• /
• 제11권12호
• /
• pp.467-477
• /
• 2013

클라우드 컴퓨팅 서비스가 대중적으로 보급됨에 따라 공공분야에서 해당 서비스의 도입에 대한 관심이 증가하고 있다. 이에 따라 국내에서는 클라우드 컴퓨팅을 공공분야에 도입하거나 계획하고 있으며 점차 구체적으로 구축하고 있다. 하지만 공공분야에서의 클라우드 도입 및 활성화를 위해서는 서비스 가용성 장애요인 및 인증 받지 않은 사용자의 무단 접근, 불분명한 출처로부터 다운로드 받은 데이터로 인한 클라우드 데이터센터의 신뢰성 저하 등의 보안 위협에 대한 해결방안을 모색할 필요성이 있다. 따라서 본 논문에서는 공공기관 클라우드 데이터센터에서 활용 가능한 공개키 기반의 안전한 데이터 관리 기법에 대해서 제안한다. 이를 통해 공공기관에 클라우드 컴퓨팅을 도입할 때 인증 받은 사용자만 데이터센터를 사용할 수 있고, 공공 데이터의 중요도와 난이도를 공용데이터, 개인데이터, 기밀데이터로 설정해주어 체계적이고 안전하며 효율적으로 데이터 관리를 가능하게 한다. 따라서 공공기관에서의 클라우드 서비스에 대해 전반적인 보안성과 편의성을 향상시킬 수 있을 것으로 기대된다.

• 정보과학회 논문지
• /
• 제42권11호
• /
• pp.1361-1371
• /
• 2015

클라우드 서비스가 증가하고 다양해짐에 따라 클라우드 서비스 사용자들의 요구사항을 만족하는 가장 적절한 서비스를 찾아주는 클라우드 서비스 브로커(CSB) 기술이 나타났다. CSB를 통해 클라우드 서비스가 사용되는 것을 촉진시키기 위해서는 서비스 수준 협약(SLA) 기반의 협상 과정을 통해 사용자들의 요구사항에 맞는 품질 수준을 보장하는 것이 중요하다. 그러나 클라우드 서비스 유형 별로 품질 수준을 표현하는 측정 기준과 척도, 계산 방식이 서로 상이하다. 따라서 클라우드 서비스의 품질에 대한 가변성을 분석하고, 분석된 품질 수준을 보장 및 개선하기 위한 SLA 모델이 필요하다. 본 논문에서는 cross-cutting 개념을 적용하여 클라우드 서비스의 유형 별 품질 메트릭을 분석하고 사용자와 제공자 간의 품질 수준에 대한 협상을 담당하는 VSLA(Variable SLA) 메타모델을 제안한다.

• 정보과학회 컴퓨팅의 실제 논문지
• /
• 제22권8호
• /
• pp.345-350
• /
• 2016

클라우드 컴퓨팅 서비스는 개별 사용자가 자원을 서로 공유하고 가상화 기술 등을 적용하여 기존의 컴퓨팅 환경과는 다른 특성을 가지고 있다. 이러한 특성으로 인해 클라우드 컴퓨팅 환경에 적합한 사용자 식별 접근제어 기술 및 보안 통제 사항 등이 요구된다. 최근 Yoo는 안전한 클라우드 컴퓨팅을 위한 속성기반 접근제어를 이용한 새로운 인증 기법을 제안하였다. 해당 기법은 속성이라는 개념을 이용하여 클라우드 자원에 대한 안전한 접근을 제공한다. 그러나 Yoo의 기법은 악의적인 서비스 제공자에 의해 인증서버의 비밀키 해시 값이 유출될 수 있는 취약점을 가지고 있으며 이를 이용한 서비스 제공자 공격을 통해 인증 요청 메시지 공격이 가능하다. 본 논문에서는 Yoo가 제안한 기법이 가진 취약점을 개선하여 클라우드 컴퓨팅을 위한 안전하고 효율적인 속성기반 인증 기법을 제안하고자 한다.

• 한국BIM학회 논문집
• /
• 제8권4호
• /
• pp.60-71
• /
• 2018

The port BIM technology has many problems such as lack of relevant system, high cost of BIM infrastructure construction, and process difference of existing domestic inter-industry. Since the port facilities as national key industries are managed and operated by public organizations, it is necessary to integrate IT resources and have a system that needs collective construction and joint utilization management. In this paper, we proposed the convergence of cloud computing technology and BIM as a way to reduce the infrastructure cost required for port BIM operation and to provide various BIM services for domestic process. To do this, we collected system requirements based on demand surveys of port staff and designed a BIM browser that provides IFC-based BIM server and customized services to reduce infrastructure cost in cloud computing environment. In terms of infrastructure, we designed cloud-based IaaS to support cost reduction, which is an essential component, and designed SaaS to support customized services in terms of services. We will perform performance verification with focus on whether port BIM servers and browsers have reached a level where they can manage four BIM models with different types and capacities.

• 한국군사과학기술학회지
• /
• 제27권3호
• /
• pp.375-386
• /
• 2024

Autonomous weapon systems act according to artificial intelligence-based judgement based on recognition through various sensors. Test and evaluation for various scenarios is required depending on the characteristics that artificial intelligence-based judgement is made. As a part of this approach, this paper proposed a LiDAR point cloud augmentation method for mixed-reality based test and evaluation. The augmentation process is achieved by mixing real and virtual LiDAR signals based on the virtual LiDAR synchronized with the pose of the autonomous weapon system. For realistic augmentation of test and evaluation purposes, appropriate intensity values were inserted when generating a point cloud of a virtual object and its validity was verified. In addition, when mixing the generated point cloud of the virtual object with the real point cloud, the proposed method enhances realism by considering the occlusion phenomenon caused by the insertion of the virtual object.

• 디지털융복합연구
• /
• 제11권11호
• /
• pp.53-58
• /
• 2013

최근 클라우드에 대한 인식이 널리 확산되면서 세계적으로 클라우드 이용이 점점 더 증가하고 있다. 클라우드는 ICT를 기반으로 하는 다양한 산업에 융 복합이 가능하고, 비용 절감 등 장점이 많아 경기 침체기인 요즘 더욱더 각광받고 있다. 그러나 클라우드 서비스의 잠재력을 더욱 더 발휘하기 위해서는 서비스 제공자와 소비자관점에서 서비스의 보안, 성능, 가용성 등 핵심 이슈들에 대한 명확한 이해가 필요하며 사용자의 주된 관심은 어떻게 안전하고 신뢰할 수 있는 클라우드 서비스를 제공받아 사용할 것인가에 맞추어지게 된다. 이러한 문제점에 대응하기 위하여 한국에서는 클라우드 서비스 인증제도가 시행되고 있으며 일본에서는 ASP-SaaS-Cloud 인증제도가 시행되고 있다. 본 연구에서는 양국의 두 인증제도의 비교분석을 수행하고 두 인증제도간의 차이점에 대하여 기술한다. 궁극적으로는 두 인증제도간의 비교연구 결과를 토대로 한국의 클라우드 서비스 인증제도의 발전방안을 제안하기로 한다.

• 대한원격탐사학회지
• /
• 제38권1호
• /
• pp.103-110
• /
• 2022

Since satellite images generally include clouds in the atmosphere, it is essential to detect or mask clouds before satellite image processing. Clouds were detected using physical characteristics of clouds in previous research. Cloud detection methods using deep learning techniques such as CNN or the modified U-Net in image segmentation field have been studied recently. Since image segmentation is the process of assigning a label to every pixel in an image, precise pixel-based dataset is required for cloud detection. Obtaining accurate training datasets is more important than a network configuration in image segmentation for cloud detection. Existing deep learning techniques used different training datasets. And test datasets were extracted from intra-dataset which were acquired by same sensor and procedure as training dataset. Different datasets make it difficult to determine which network shows a better overall performance. To verify the effectiveness of the cloud detection network such as Cloud-Net, two types of networks were trained using the cloud dataset from KOMPSAT-3 images provided by the AIHUB site and the L8-Cloud dataset from Landsat8 images which was publicly opened by a Cloud-Net author. Test data from intra-dataset of KOMPSAT-3 cloud dataset were used for validating the network. The simulation results show that the network trained with KOMPSAT-3 cloud dataset shows good performance on the network trained with L8-Cloud dataset. Because Landsat8 and KOMPSAT-3 satellite images have different GSDs, making it difficult to achieve good results from cross-sensor validation. The network could be superior for intra-dataset, but it could be inferior for cross-sensor data. It is necessary to study techniques that show good results in cross-senor validation dataset in the future.

• International Journal of Computer Science & Network Security
• /
• 제23권5호
• /
• pp.89-94
• /
• 2023

Cloud-based technology is used in different organizations around the world for various purposes. Using this technology, the service providers provide the service mainly SaaS, PaaS and while the cloud service consumer consumes the services by paying for the service they used or accessed by the principle of "pay per use". The customer of the services can get any services being at different places or locations using different machines or electronic devices. Under the conditions of being well organized and having all necessary infrastructures, the services can be accessed suitably. The identified problem in this study is that cloud providers control and monitor the system or tools by ignoring the calculation and consideration of various faults made from the cloud provider side during service delivery. There are currently problems with ignoring the consumer or client during the monitoring and mentoring system for cloud services consumed at the customer or client level by SLA provisions. The new framework was developed to address the above-mentioned problems. The framework was developed as a unified modeling language. Eight basic components are used to develop the framework. For this research, the researcher developed a prototype by using a selected cloud tool to simulate and java programming language to write a code as well as MySQL to store data during SLA. The researcher used different criteria to validate the developed framework i.e. to validate SLA that is concerned with a cloud service provider, validate what happened when the request from the client-side is less than what is specified in SLA and above what is specified in SLA as well as implementing the monitoring mechanism using the developed Monitoring component. The researcher observed that with the 1st and 3rd criteria the service level agreement was violated and this indicated that if the Service level agreement is monitored or managed only by cloud service prover, there is a violation of LSA. Therefore, the researcher recommended that the service level agreement be managed by both cloud service providers and service consumers in the cloud computing environment.

• International Journal of Computer Science & Network Security
• /
• 제21권12호
• /
• pp.235-247
• /
• 2021

Today, the cloud computing has become a major demand of many organizations. The major reason behind this expansion is due to its cloud's sharing infrastructure with higher computing efficiency, lower cost and higher fle3xibility. But, still the security is being a hurdle that blocks the success of the cloud computing platform. Therefore, a novel Multi-tenant Decentralized Information Flow Control (MT-DIFC) model is introduced in this research work. The proposed system will encapsulate four types of entities: (1) The central authority (CA), (2) The encryption proxy (EP), (3) Cloud server CS and (4) Multi-tenant Cloud virtual machines. Our contribution resides within the encryption proxy (EP). Initially, the trust level of all the users within each of the cloud is computed using the proposed two-stage trust computational model, wherein the user is categorized bas primary and secondary users. The primary and secondary users vary based on the application and data owner's preference. Based on the computed trust level, the access privilege is provided to the cloud users. In EP, the cipher text information flow security strategy is implemented using the blowfish encryption model. For the data encryption as well as decryption, the key generation is the crucial as well as the challenging part. In this research work, a new optimal key generation is carried out within the blowfish encryption Algorithm. In the blowfish encryption Algorithm, both the data encryption as well as decryption is accomplishment using the newly proposed optimal key. The proposed optimal key has been selected using a new Self Improved Cat and Mouse Based Optimizer (SI-CMBO), which has been an advanced version of the standard Cat and Mouse Based Optimizer. The proposed model is validated in terms of encryption time, decryption time, KPA attacks as well.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권1호
• /
• pp.406-434
• /
• 2019

In general, an information security approach estimates the risk, where the risk is to occur due to an unusual event, and the associated consequences for cloud organization. Information Security and Risk Management (ISRA) practices vary among cloud organizations and disciplines. There are several approaches to compare existing risk management methods for cloud organizations but their scope is limited considering stereo type criteria, rather than developing an agent based task that considers all aspects of the associated risk. It is the lack of considering all existing renowned risk management frameworks, their proper comparison, and agent techniques that motivates this research. This paper proposes Agent Based Information Security Framework for Hybrid Cloud Computing as an all-inclusive method including cloud related methods to review and compare existing different renowned methods for cloud computing risk issues and by adding new tasks from surveyed methods. The concepts of software agent and intelligent agent have been introduced that fetch/collect accurate information used in framework and to develop a decision system that facilitates the organization to take decision against threat agent on the basis of information provided by the security agents. The scope of this research primarily considers risk assessment methods that focus on assets, potential threats, vulnerabilities and their associated measures to calculate consequences. After in-depth comparison of renowned ISRA methods with ABISF, we have found that ISO/IEC 27005:2011 is the most appropriate approach among existing ISRA methods. The proposed framework was implemented using fuzzy inference system based upon fuzzy set theory, and MATLAB(R) fuzzy logic rules were used to test the framework. The fuzzy results confirm that proposed framework could be used for information security in cloud computing environment.