Journal of the Korea Society of Computer and Information (한국컴퓨터정보학회논문지)

Korean Society of Computer Information (한국컴퓨터정보학회)
권호 표지
DOI QR코드

DOI QR Code

System Access Control Technique for Secure Cloud Computing

  • Received : 2019.05.21
  • Accepted : 2019.07.31
  • Published : 2019.08.30
Download PDF
⟨ Previous Next ⟩

Abstract

Along with the diversification of digital content services using wired/wireless networks, the market for the construction of base systems is growing rapidly. Cloud computing services are recognized for a reasonable cost of service and superior system operations. Cloud computing is convenient as far as system construction and maintenance are concerned; however, owing to the security risks associated with the system construction of actual cloud computing service, the ICT(Information and Communications Technologies) market is lacking regardless of its many advantages. In this paper, we conducted an experiment on a cloud computing security enhancement model to strengthen the security aspect of cloud computing and provide convenient services to the users. The objective of this study is to provide secure services for system operation and management while providing convenient services to the users. For secure and convenient cloud computing, a single sign-on (SSO) technique and a system access control technique are proposed. For user authentication using SSO, a security level is established for each user to facilitate the access to the system, thereby designing the system in such a manner that the rights to access resources of the accessed system are not abused. Furthermore, using a user authentication ticket, various systems can be accessed without a reauthorization process. Applying the security technique to protect the entire process of requesting, issuing, and using a ticket against external security threats, the proposed technique facilitates secure cloud computing service.

Keywords

References

  1. Hyundong Lee, Mokdong Chung, "Context-Aware Security System for Cloud Computing Environment," Journal of IEIE 6 (2010) 19-27 DOI: 10.5573/ieie.2014.51.6.143
  2. Brian Hayes, "Cloud computing," Communication of the ACM 7 (2008) 9-11 DOI: 10.1145/1364782.1364786
  3. Erdal Cayirci1, Anderson Santana de Oliveira, "Modelling trust and risk for cloud services", Journal of Cloud Computing, Advances, Systems and Applications 7 (2018) DOI: https://doi.org/10.1186/s13677-018-0114-7
  4. Souhwan Jung, "Cloud-based IAM technology trends," Journal of KICS 10 (2015)
  5. Saurabh Dey, Srinivas Sampalli1, Qiang Ye, "MDA: message digest-based authentication for mobile cloud computing", Journal of Cloud Computing, Advances, Systems and Applications 5(2016) DOI: 10.1186/s13677-016-0068-6
  6. Gi Hong Park, Si Young No, "Cloud Service for the forensic aspects of the investigative methods," Journal of KSIIS 1 (2012) 39-46
  7. Sima Soltani, Patrick Martin, Khalid Elgazzar, "A hybrid approach to automatic IaaS service selection", Journal of Cloud Computing, Advances, Systems and Applications 7 (2018) DOI: https://doi.org/10.1186/s13677-018-0113-8
  8. Bosung Lee, Beomsoo Kim, "Protection of Personal Information on Cloud Service Models," Journal of the Korea Institute of Information Security & Cryptology 5(2015) 1245-1255 DOI : 10.13089/JKIISC.2015.25.5.1245
  9. Choi Jin Tak, "A Study on The Efficient Authentication Management Technique of SSO Foundation," Journal of the Korean Society for Industrial and Applied Mathematics 1 (2006) 61-69
  10. Hyun-Jin Kim, Im-Yeong Lee, "A Study on Secure and Improved Single Sign-On Authentication System against Replay Attack," Journal of the Korea Institute of Information Security & Cryptology 5 (2014) DOI : 10.13089/JKIISC.2014.24.5.769
  11. Min-Hee Cho, Eun-Gyeom Jang, Yong-Rak Choi, "User Authentication Technology using Multiple SSO in the Cloud Computing Environment," Journal of the Korea Society of Computer and Information 4 (2016) 31-38 DOI : 10.9708/jksci.2016.21.4.031
  12. Hyun-mi Jung, Jae-In Sin, Gang-Soo Lee, "SSO Security Requirements Analysis in Cloud Computing," Journal of Korea Multimedia Society 1 (2010) 433-437