http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
Leveraged BMIS Model for Cloud Risk Control
( Youjin Song ),( Yasheng Pang ) 한국정보처리학회 2014 Journal of information processing systems Vol.10 No.2
Cloud computing has increasingly been drawing attention these days. Each big company in IT hurries to get a chunk of meat that promises to be a whopping market in the future. At the same time, information is always associated with security and risk problems. Nowadays, the handling of these risks is no longer just a technology problem, with a good deal of literature focusing on risk or security management and framework in the information system. In this paper, we find the specific business meaning of the BMIS model and try to apply and leverage this model to cloud risk. Through a previous study, we select and determine the causal risk factors in cloud service, which are also known as CSFs (Critical Success Factors) in information management. Subsequently, we distribute all selected CSFs into the BMIS model by mapping with ten principles in cloud risk. Finally, by using the leverage points, we try to leverage the model factors and aim to make a resource-optimized, dynamic, general risk control business model for cloud service providers.
How to Manage Cloud Risks Based on the BMIS Model
Song, Youjin,Pang, Yasheng Korea Information Processing Society 2014 Journal of information processing systems Vol.10 No.1
Information always comes with security and risk problems. There is the saying that, "The tall tree catches much wind," and the risks from cloud services will absolutely be more varied and more severe. Nowadays, handling these risks is no longer just a technology problem. So far, a good deal of literature that focuses on risk or security management and frameworks in information systems has already been submitted. This paper analyzes the causal risk factors in cloud environments through critical success factors, from a business perspective. We then integrated these critical success factors into a business model for information security by mapping out 10 principles related to cloud risks. Thus, we were able to figure out which aspects should be given more consideration in the actual transactions of cloud services, and were able to make a business-level and general-risk control model for cloud computing.
Leveraged BMIS Model for Cloud Risk Control
Song, YouJin,Pang, Yasheng Korea Information Processing Society 2014 Journal of information processing systems Vol.10 No.2
Cloud computing has increasingly been drawing attention these days. Each big company in IT hurries to get a chunk of meat that promises to be a whopping market in the future. At the same time, information is always associated with security and risk problems. Nowadays, the handling of these risks is no longer just a technology problem, with a good deal of literature focusing on risk or security management and framework in the information system. In this paper, we find the specific business meaning of the BMIS model and try to apply and leverage this model to cloud risk. Through a previous study, we select and determine the causal risk factors in cloud service, which are also known as CSFs (Critical Success Factors) in information management. Subsequently, we distribute all selected CSFs into the BMIS model by mapping with ten principles in cloud risk. Finally, by using the leverage points, we try to leverage the model factors and aim to make a resource-optimized, dynamic, general risk control business model for cloud service providers.
송유진(Youjin Song),도정민(Jeongmin Do) 한국인터넷전자상거래학회 2010 인터넷전자상거래연구 Vol.10 No.3
Recently, CP-ABTD(Ciphertext-Policy Attribute-Based Threshold Decryption with Flexible Delegation and Revocation of User Attributes) which extends CP-ABE(Ciphertext-Policy Attribute-Based Encryption) has been proposed for privacy preserving Personal Health Record(PHR) in ubiquitous healthcare environment. However, CP-ABTD need requirements for delegating decryption right and also the judgement for delegatee's privilege granted. From this point of view, CP-ABTD require the function that admits delegatee(secondary user)'s access for ubiquitous healthcare service. To resolve the above requirements, we propose CP-ABE with revocation and privilege management. In our scheme, proxys can grant the delegatee's privilege. Thus, delegator segments the attribute transformation key through dynamic threshold encryption and send attribute transformation key for sharing to each proxy. If proxys approve the delegatee's privilege, then delegatee gets right that decrypt delegator's data. In CP-ABTD scheme, if attribute transformation key is falsified or modified by malicious attacker, proxy's re-encryption cannot work due to attribute transformation key. Proposed scheme which use dynamic threshold encryption is secure against falsification or modification attack
의료데이터 공유 및 활용 서비스를 위한 보안/프라이버시 요구사항
송유진(Youjin Song),박광용(Kwangyong Park) 한국정보보호학회 2010 情報保護學會誌 Vol.20 No.3
최근 의료기술 발전에 따라 질병의 예방 및 관리에 대한 소비자의 요구사항이 증가하고 있다. 이러한 요구사항에 부응하기 위해 IT와 의료분야의 융합으로 u-헬스케어 서비스가 실현되고 있다. 언제 어디서나 의료서비스를 제공받을 수 있는 u-헬스케어 서비스의 활성화는 의료데이터의 공유 및 활용이 전제조건이 될 것이다. 그러나 의료데이터의 공유 및 활용으로 인해 의료정보에 포함된 개인정보, 병력정보 등의 프라이버시가 침해될 우려가 있다. 본 논문에서는 의료데이터의 공유 및 활용상에서 발생하는 보안 요구사항을 검토한다.
송유진(Youjin Song),박광용(Kwangyong Park) 한국정보보호학회 2009 情報保護學會誌 Vol.19 No.5
최근 대용량 데이터의 급속한 생성, 유통으로 인해 데이터 서비스 사용자가 증가하고 있다. 이때, 대용량 데이터를 분산 데이터베이스 시스템에 저장?관리하는 경우, 데이터에 대한 위협문제가 발생된다. 본 논문에서는 대용량 데이터를 암호화하여 관리할 때 복호권한을 위임함으로써 보다 안전하게 데이터를 관리하는 Proxy Re-encryption 기법에 대해 검토한다.