Journal of the Korea Academia-Industrial cooperation Society (한국산학기술학회논문지)

The Korea Academia-Industrial cooperation Society (한국산학기술학회)
권호 표지
DOI QR코드

DOI QR Code

A Design of Authority Management Protocol for Secure Storage Access Control in Cloud Environment

클라우드 환경에서 안전한 스토리지 접근 제어를 위한 권한 관리 프로토콜 설계

  • Received : 2016.08.26
  • Accepted : 2016.09.09
  • Published : 2016.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

With the enhancements in existing major industries, cloud computing-based converging services have been created, as well as value-added industries. A variety of converging services are now provided, from personalized services up to industrial services. In Korea, they have become the driving force behind existing industries throughout the whole economy, but mainly in finance, mobile systems, social computing, and home services, based on cloud services. However, not only denial of service (DOS) and distributed DOS (DDOS) attacks have occurred, but also attack techniques targeting core data in storage servers. Even security threats that are hardly detected, such as multiple attacks on a certain target, APT, and backdoor penetration have also occurred. To supplement defenses against these, in this article, a protocol for authority management is designed to provide users with safe storage services. This protocol was studied in cases of integration between a cloud environment and big data-based technology, security threats, and their requirements. Also studied were amalgamation examples and their requirements in technology-based cloud environments and big data. With the protocol suggested, based on this, security was analyzed for attack techniques that occur in the existing cloud environment, as well as big data-based techniques, in order to find improvements in session key development of approximately 55%.

기존의 주력산업의 고도화 및 고부가가치 산업이 창출되고 있는 가운데 클라우드 컴퓨팅 기반의 융합서비스가 등장하였다. 사용자 개인의 밀착서비스부터 산업용 서비스까지 다양한 융합서비스가 제공되고 있으며 국내에서는 클라우드 서비스 기반의 금융, 모바일, 소셜 컴퓨팅, 홈서비스를 중심으로 경제 전반에 걸쳐 기존 산업시장의 원동력이 되고 있다. 그러나 클라우드 스토리지 환경에서 Dos, DDos공격뿐만 아니라 스토리지 서버의 중요 데이터를 타깃으로 한 공격기법들이 발생하고 있으며, APT, 백도어 침투, 특정 대상에 대한 다단계 공격과 같은 감지하기 어려운 보안위협들이 발생하고 있다. 이를 보완하기 위해서 본 논문에서는 사용자들로 하여금 안전한 스토리지 서비스를 제공하는 권한 관리 프로토콜에 관하여 설계하였으며, 클라우드 환경과 빅데이터 기반 기술의 융합사례와 보안위협 및 요구사항에 대해서 연구하였고, 클라우드 컴퓨팅 환경과 빅 데이터 기술의 융합사례와 보안위협 및 보안 요구사항에 대해서 관련연구를 수행하였다. 이를 기반으로 제안된 프로토콜은 기존의 클라우드 환경과 빅데이터 기반 기술에서 발생하는 공격기법에 대해서 안전성을 분석하였고, 세션키 생성부분에서 대략 55%의 향상성을 확인 할 수 있었다.

Keywords

References

  1. T. H Shin, K. G. Seo, "The Convergence Services Cases on Cloud Computing", Cloud Computing Support Center, 2014.
  2. S. A. Shin, K. E. Kim, "Big Data technology classification and status", NIA, KBig Center, 2013.
  3. H, J, LEE, D. H Won, "An Analysis of Cloud System Security Functional Requirement", vol. 6, no. 9, 2012.
  4. FedRAMP, "FedRAMP Security Control Baseline v1.0" 2012.
  5. FedRAMP,"FedRAMP CONOPS", February. 2012.
  6. So-Yeon Min, Byung-Wook. Kwang-Hyoung Lee, "A Study for Key Generation and Access Control Protocol in BYOD Environments", KOCON, vol. 15, no. 5, pp. 27-36, 2015.
  7. S. H. Koo, M. S. Shin, "A Study on the Enhancement Process of the Telecommunication Network Management using Big Data Analysis", KAIS, vol. 13, no. 12, pp. 6060-6070, 2012. DOI: http://dx.doi.org/10.5762/kais.2012.13.12.6060
  8. Jong-Hun Park, Gang-Seong Lee, Sang-Hun Lee, "A Study on the Convergence Technique enhanced GrabCut Algorithm Using Color Histogram and modified Sharpening filter", Journal of the Korea Convergence Society, vol. 6, no. 6, pp. 1-8, 2015. DOI: http://dx.doi.org/10.21562/kjs.2015.04.49.2.1
  9. Byeong Ho Knag, Tai-hoon Kim, "Effective Optimization of Multi-Clouds using Software-as-a-Service," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, vol. 2, no. 2, pp. 85-92, Dec. 2012. DOI: http://dx.doi.org/10.14257/AJMAHS.2012.12.04
  10. Yvette E. Gelogo, H.-K. Kim, "Enterprise Resource Planning System Deployment on Mobile Cloud Computing," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, vol. 3, no. 1, pp.1-8, June 2013. DOI: http://dx.doi.org/10.14257/AJMAHS.2013.06.02
  11. C.-H. Park, J.-K. Kim, J.-G. Yoo, N.-Y. Lee, J.-B. Kim, "A Study on the Cloud Computing Service for Education Organization," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, vol. 6, no. 1, pp. 29-38, Jan. 2016. DOI: http://dx.doi.org/10.14257/AJMAHS.2016.01.32
  12. J. Y. Hwang, S. K, Jeong, "Big Data, Cloud Computing, and High-end Hybrid Storage Systems Technology Trend and Market", KIOS, Spring Conference, 2012.
  13. Hyun-Sook Chung, Jeong-Min Kim, "Design of Semantic Models for Teaching and Learning based on Convergence of Ontology Technology", Journal of the Korea Convergence Society, vol. 6, no. 3, pp. 127-134, 2015. DOI: http://dx.doi.org/10.15207/JKCS.2015.6.3.127
  14. Bo-Kyung Lee, "A Study on Security of Virtualization in Cloud Computing Environment for Convergence Services", Journal of the Korea Convergence Society, vol. 5, no. 4, pp. 93-99, 2014. DOI: http://dx.doi.org/10.15207/JKCS.2014.5.4.093
  15. Julie Kim, Hyokyung Bahn, "An Efficient Log Data Management Architecture for Big Data Processing in Cloud Computing Environments," The Journal of The Institute of Internet, Broadcasting and Communication vol. 13 no. 2, pp. 1-7, 2013. DOI: http://dx.doi.org/10.7236/JIIBC.2013.13.2.1