Computer Science

Computer Science ›› 2014, Vol. 41 ›› Issue (Z11): 284-287.

Previous Articles     Next Articles

On Demand Security Framework for Cloud Computing

DING Xian-hua,ZHAO Wei-dong,JU Ying,LI Jian-ping,WANG Xiao-ming and LIU Guo-ying   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

639

Abstract: Security has become an important factor restricting the development of cloud computing.This paper analyzed the cloud security objectives from 6 aspects:service constancy,service authenticity,data integrity,data confidentiality,data availability and non repudiation.It summed up the cloud computing risk in seven categories:physical security risk,computing security risk,trusted computing security risk,network security risk,management security risk,storage securi-ty risk and application security risk,and elaborated the corresponding security strategies for every security risk.The stronger the securityis,the greater the consumption of computing,memory,and bandwidth resourcesis.This paper provided on-demand security framework for cloud computing which uses different safety protection measurement according to service type,security level and access network risk.The advantage of the framework was analyzed and the application method was provided.

Key words: Cloud computing,Cloud model,Cloud security,Cloud security framework,Cloud security objective,Access control

[1] 俞能海,郝卓,徐甲甲,等.云安全研究进展综述[J].电子学报,2013,41(5):371-381
[2] Chen Z G,Liu L P,Liu A F.Trust-sensitive Web service composition strategy based on black and white board[J].Journal on Communications,2010,31(6):25-35
[3] 邓谦.基于Hadoop的云计算安全机制研究[D].南京:南京邮电大学,2013
[4] 杨凯.银联数据异地灾难备份架构设计探讨[J].中国金融电脑,2005,9(9):51-54
[5] Damiani E,Vimercati D C,Paraboschi S.A reputation based approach for choosing reliable resources in peer-to-peer net-works[C]∥Proceedings of the 9th ACM Conference on Computer and Communications Security.2002:18-22
[6] Jurca R,Faltingsi B.Eliciting truthful feed-back for binary reputation mechanisms [C]∥Proceedings of the 2004 IEEE/WIC/ACM International Conference on Web Intelligence.2004:214-220
[7] 陈志刚,刘莉平,刘安丰.基于黑白板的信任敏感服务组合策略[J].通信学报,2010,31(6):25-35
[8] 潘静,徐锋,吕建.面向可信服务选取的基于声誉的推荐者发现方法[J].软件学报,2010,21(2):388-400
[9] 胡春华,刘济波,刘建勋.云计算环境下基于信任深化及集合的服务选择[J].通信学报,2011,32(7):71-79
[10] 于洋洋,虞慧群,范贵生.一种云存储数据完整性验证方法[J].华东理工大学学报,2013,39(4):211-216
[11] 顔湘涛,李益发.基于消息认证函数的云端数据完整性检测方案[J].电子与信息学报,2013,35(2):310-313
[12] 安玉,蒋天发,吴有林.一种基于量子保密通信及信息隐藏协议方案[J].武汉大学学报,2012,45(3):394-398
[13] 李顺东,王道顺.基于同态加密的高效多方保密计算[J].电子学报,2013,41(4):798-803
[14] Pan J,Xu F,Lv J.Reputation-based recommender discovery ap-proach for service selection[J].Chinese Journal of Software,2010,21(2):388-400
[15] Ryan M D.Cloud computing security:The scientific challenge,and a survey of solutions[J].The Journal of Systems and Software,2013,86(5):2263-2268
[16] Van-Hau P,Dacier M.Honeypot Trace Forensics:The Observation Viewpoint Matters[J].Future Generation Computer System,2011,27(5):539-546
[17] Shpantzer G.Implementing Hardware Roots of Trust:TheTrusted Platform Module Comes of Age[J].SANS Analyst Program,2013,40(6):1-15
[18] Liu H.A new form of DOS attack in a cloud and its avoidance mechanism[C]∥Proceedings of the 2010 ACM Work-shop on Cloud Computing Security Workshop.New York,USA:ACM Press,2010
[19] 冯登国,张敏,张妍,等.云计算安全研究[J].软件学报,2011,22(1):71-83
[20] CSA.Security guidance for critical areas of focus in cloud computing v3.0.https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
[21] Thomas C.OW2 and the Open Cloud Industry Ecosystem.www.ciecloud.org/2013
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.