计算机科学 ›› 2016, Vol. 43 ›› Issue (4): 140-144.doi: 10.11896/j.issn.1002-137X.2016.04.028
陈红松,王钢,傅忠传
CHEN Hong-song, WANG Gang and FU Zhong-chuan
摘要: 针对多个云服务之间的跨域认证问题,提出一种基于SAML协议的云服务安全认证方案。阐明了该方案的关键技术机制,建立了云服务安全认证协议抽象模型;采用Casper和FDR软件的组合,通过模型检测法对云服务认证协议进行了形式化分析与验证;通过对安全认证协议进行分段模型检测,解决了安全协议形式化分析验证导致的状态空间爆炸问题。模型检测软件的实验结果验证了云服务跨域认证方案的有效性及安全性。
| [1] Mishra A,Jain R,Durresi A.Cloud computing:networking and communication challenges[J].IEEE Communications Magazine,2012,0(9):24-25 [2] Grosse E,Howie J,Ransome J,et al.Cloud Computing Round-table[J].IEEE Security & Privacy,2010,8(6):17-23 [3] Feng Deng-guo,Zhang Min,Zhang Yan,et al.Study on CloudComputing Security [J].Journal of Software,2011,2(1):71-83(in Chinese) 冯登国,张敏,张妍,等.云计算安全研究[J].软件学报,2011,2(1):71-83 [4] Armbrust M,Fox A,Griffith R,et al.Above the Clouds:ABerkeley View of Cloud Computing[EB/OL].http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.pdf [5] Nordbotten N A.XML and Web Services Security Standards[J].IEEE Communications Surveys & Tutorials,2009,1(3):4-21 [6] Harding P,Johansson L,Klingenstein N.Dynamic Security Assertion Markup Language:Simplifying Single Sign-On[J].IEEE Security & Privacy,2008,6(2):83-85 [7] Marques Jr A P,Ravn A P,Srba J,et al.Model-checking web services business activity protocols[J].International Journal on Software Tools for Technology Transfer,2013,15(2):125-147 [8] Sheng Q Z,Maamar Z,Yahyaoui H,et al.Separating operational and control behaviors:A new approach to Web services mode-ling[J].IEEE Internet Computing,2010,14(3):68-76 [9] Zech P.Risk-based security testing in cloud computing environments[C]∥2011 IEEE Fourth International Conference on Software Testing,Verification and Validation (ICST).IEEE,2011:411-414 [10] Lin Chuang,Su Wen-bo,Meng Kun,et al.Cloud computing security:architecture,mechanism and model evaluation[J].Chinese Journal of Computers,2013,36(9):1765-1784(in Chinese) 林闯,苏文博,孟坤,等.云计算安全:架构,机制与模型评价[J].计算机学报,2013,36(9):1765-1784 [11] Chen Hong-song,Bhargava B,Fu Zhong-chuan.Multilabels-Based Scalable Access Control for Big Data Applications[J].IEEE Cloud Computing,2014,1(3):65-71 [12] Dalal A,Jeff K,Alessandra R,et al.Elaborating Requirements Using Model Checking and Inductive Learning[J].IEEE Transactions on Software Engineering,2012,9(3):361-383 [13] Gavin L.Breaking and fixing the Needham Schroeder public-key protocol using FDR[J].Software Concepts and Tools,1996,7:993-999 [14] Gavin L.Casper:a compiler for the analysis of security protocols[J].Journal of Computer Security,1998,6(1):53-58 |
| No related articles found! |
|
||
首页