Shigeaki Tanimoto

A Cloud Trust Model in a Security Aware Cloud

Faced with today’s innovative blow-up of cloud technologies, we are forced to rebuild services in terms of cloud. In the rebuilding, considering the facet of cloud as a social infrastructure, security is a critical problem of clouds. Most of insecurity against clouds can be summarized as social insecurity, which is classified into the multiple stakeholder problem, the open space security problem, and the mission critical data handling problem. As a solution of those problems, we propose a new cloud trust model. In our cloud trust model, in addition to conventional trust models, we consider both internal trust that is the TPM of this model, and contracted trust that controls cloud service providers under contracts and related documents. We call the cloud platform that meets the cloud trust model as “Security Aware Cloud.” In a security aware cloud, internal trust must be established as the firm base of trust. By implementing TPM of security such as Id management and key management on internal trust, we obtain a firm trust model. Moreover, by controlling levels of quality of service and security by contract, we can optimize ROI on service and security delegated to a cloud.

Risk Management on the Security Problem in Cloud Computing

ICT systems have been investigated for flexible systems configuration, systems operation cost reduction, environmental impact reduction, etc. Cloud computing has attracted attention as technology that solves these. In the U.S., business Cloud services, such as Amazon EC2/S3, Google Apps, Force.com, and Windows Azure, are gaining more and more users. Additionally, study of Cloud computing, such as a governmental i-Japan strategy and a start of the smart Cloud study group of the Ministry of Internal Affairs and Communications, is progressing rapidly in Japan. However, the investigation on the present Cloud computing is mainly focused on the service side, while the security side has not been sufficiently looked at. The security perception by the social viewpoints of a users vague uneasiness has especially been insufficiently investigated. This paper looks into the various risks when a company uses Cloud computing. That is, the security from a users viewpoint in Cloud computing is investigated. Concretely, the risk factor from a users viewpoint in such Cloud computing is comprehensively extracted with the risk breakdown structure (RBS) method. Furthermore, the risk factors that were extracted are analyzed and evaluated. A detailed countermeasure and proposal are produced on the basis of these results. These in turn will be used to promote public Cloud use, strengthen competitiveness by cost reduction, and increase the efficiency of corporate management.

Approaches to analyze requirements of billing management for cloud computing services

Business management using information-communication (info-communication) infrastructures such as broadband networks and data centres will become more and more important these days. Moreover, cloud computing service induces a lot of corporate alliances and it makes customer-service management complicated. Especially, billing management is very critical for both providers and customers. It is expected to establish the billing management method adjusting environment change quickly. Therefore, this paper proposes the methodology of acquiring required functions for billing management in complicated future cloud computing services. The approaches are based on the Soft Systems Methodology (SSM) with Unified Modeling Language (UML). Then the requirement functions of billing management are expressed by Use Case Diagram for future cloud computing services.

Quantifying Cost Structure of Campus PKI

A ubiquitous ICT environment has rapidly developed through cloud computing, and it has become very convenient to use. However, the threats of computer viruses, unauthorized access, attacks on servers, etc. have emerged. These threats also occur in the scientific environment. Thus, a public key infrastructure (PKI) construction for achieving safe and secure use of a university ICT environment is desired. The University PKI project is underway at the National Institute of Informatics, and common specifications, such as supply specifications for a campus PKI and certificate policy/certification practice statement guidelines, have been proposed. However, PKI is still rarely deployed. It is generally a high cost structure, and this has become one of the issues in the spread and promotion of PKI. This study quantitatively clarifies the cost structure of PKI through a work simulation. This clarification will contribute to the spread and promotion of a campus PKI.

Consideration of Billing Management Method for Cloud Computing Services

Business management using information-communication (info-communication) infrastructures such as broadband networks and data centers will become more and more important in the near future. Moreover, cloud computing services induce a lot of corporate alliances and this complicates customer-service management. In particular, billing management is very critical for both providers and customers. The creation of a billing management method that can quickly adjust to any business environment change is expected. Therefore, this paper first focuses on a customer-service management modelling method for info-communication services in terms of three view models, the service, cash-flow, and settlement. Then, the functions required to accomplish this are obtained for the billing management for future cloud computing services by combining these three view models. This methodology can contribute to the quick and exact provision of new info-communication services.

A method for service and billing management using connection paths

Information and communication technology (ICT) including cloud computing, point-card systems, “virtual coin” induces complicated situations concerning customer management. Especially, billing management is very critical. It is thus necessary to establish a billing-management method that can adjust to changes in environments quickly. The requirement is firstly stated that managing relationship between services, payment, and settlement so as to assure payment method, service provision routes, and payment routes. Therefore, service design method from the viewpoint of service, cash-flow, and settlement is established in order to adjust the changes in environments strategically. Then a method for managing the connection paths is proposed in order to construct relationship between services, payment, and settlement.

An Approach to Selecting Cloud Services for Data Storage in Heterogneous-Multicloud Environment with High Availability and Confidentiality

Cloud services are becoming more popular and as their price has been decreasing, the opportunity to use them has been increasing. However, it has become difficult to select optimal cloud services from many services. This paper proposes an approach to dynamically selecting optimal cloud services to store data in heterogeneous-multi-cloud environments, which we evaluated by using a secret sharing scheme. The results indicated that it is possible to select the best services from the proposed model in heterogeneous multi-cloud environments.

Data Management Approach for Multiple Clouds Using Secret Sharing Scheme

It is widely recognized that clouds have advantages in initial installation cost and availability. However, with the popularity of public cloud services, the concern of confidentiality is recognized as the largest problem. We propose a secret distribution data management approach for multiple clouds to maintain confidentiality that involves a secret sharing scheme. With our proposed approach, secret information is encrypted, and both the encrypted data and key information are distributed using a secret sharing scheme and shared among multiple clouds and clients. Our approach resists eavesdropping, falsification or collusion of cloud service providers.

A Study of Data Management in Hybrid Cloud Configuration

Cloud computing is currently spreading with the further implementation of IT infrastructure. Clouds involve certain negative factors, however, which must be addressed to promote further cloud utilization. As a means of addressing some of these negative factors, a hybrid cloud configuration combining public and private clouds has attracted attention. This configuration stores personal and confidential information in a private cloud and other data in a public cloud. Unfortunately, no detailed classification of where various kinds of data should be stored has yet been fully established. Hence, this paper proposes an enterprise data management method for a hybrid cloud configuration. Specifically, enterprise data was subdivided into 28 categories through a work breakdown structure (WBS) method. Then, the subdivided data was classified in terms of whether it did or did not consist of personal or confidential information. The resulting data portfolio required storing only about 18% of data in a private cloud, with the remaining 82% in a public cloud. In accordance with this basic guideline, a fundamental data management proposal is developed for the hybrid cloud configuration.

Risk assessment of BYOD: Bring your own device

More and more companies are introducing Bring Your Own Device (BYOD), in which employees utilize their own smart phones and tablets for business. However, using private terminals for business presents risks, such as leakage of business information or an employees personal information. This paper discusses a risk assessment of BYOD in an enterprise. Specifically, it analyzes and evaluates with the method of risk management, such as Risk Breakdown Structure (RBS) and risk matrix. This will contribute to the safe and secure spread and promotion of BYOD in an enterprise.