1. Field of the Invention
The present invention relates to a security-enhanced cloud system and a security management method thereof, and more specifically, to a cloud system for enhancing security of a private virtualized cloud server and a security management method thereof.
2. Background of the Related Art
Recently, construction of a cloud computing system based on a virtualization technique tends to be increases in order to effectively manage IT resources of an enterprise and save cost thereof. Such a cloud computing system refers to a distributed computing system which provides a plurality of users with an independent virtual machine on a supercomputer or a same hardware platform in which a plurality of computers is connected to operate like one computer.
A variety of devices such as a PC, a tablet PC, a notebook computer, a mobile terminal (cellular phone) and the like may be connected to the cloud computing system as a client, and thus each of the client devices may use IT resources provided by the cloud computing system. Such a cloud computing system and the client devices connected thereto are generally referred to as a ‘cloud system’.
However, although such a cloud computing system provides efficiency in using resources by using hardware resources divided to meet requirements of users, it is worried that when a virtual machine is infected by a malicious code or a bot, the other virtual machines existing on the same hardware platform may also be infected.
The infected virtual machines are in the risk of being used for a Distributed DoS (DDoS) attack which can lead to a large scale of damage. The DDoS attack, which is a kind of DoS attack, is an attack which concentrates traffics on a target network or server in an integrated form by a plurality of distributed attack programs, and the DDoS attack is difficult to detect compared with a general DoS attack and has a further potent destructive power.
In addition, a conventional cloud computing system maintains a state always exposed to security issues since a plurality of client devices is connected through an open wireless communication network. Accordingly, a cloud system of a new type with enhanced security is required.