期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

开放式Web平台可信性:问题与对策 被引量:1

Trustworthiness of the Open Web Platform:Challenges and Countermeasures
原文传递
导出
摘要 对近期出现的开放式Web平台共性特征进行了分析,提出了开放式Web平台由于其系统架构,在可用性、安全性及隐私性等方面存在的问题,并通过实验证明了上述问题的存在.对于增强此类系统可信性,本文认为应重视由RESTfulWebServices远程调用所带来的时间开销,在第三方服务器暂存请求副本并增加DDoS攻击检测功能;开放式Web平台应对其与第三方应用服务器之间的通信进行加密.提出了一种基于任意测试位置的第三方应用评测算法,该算法仅使用较少的测试数据.实验表明,该算法能有效检测存在安全性及隐私性漏洞的第三方应用. The Open Web Platform,which emerged recently,is attracting increasing attention in industry. In this paper,the common characteristics of the Open Web Platform are investigated. We show that the Open Web Platform’s availability,privacy and security can be exploited easily due to its architectural design. Thus,the trustworthiness of such platform can be undermined easily. Experiments are taken to support the preceding hypothesis. Several suggestions aiming to improve the trustworthiness of such Platform are proposed. This paper presents a new evaluating approach to test third party applications in the Open Web Platform. This approach is only based on simple testing records. Experiments show that this approach can discover the vulnerable third party applications effectively.
作者 屈宇 管晓宏 郑庆华 何岚 吕复强 王志文
机构地区 西安交通大学智能网络与网络安全教育部重点实验室 机械制造系统工程国家重点实验室 清华大学自动化系 清华大学清华信息科学与技术国家实验室
出处 《武汉大学学报(理学版)》 CAS CSCD 北大核心 2010年第4期451-456,共6页 Journal of Wuhan University:Natural Science Edition
基金 国家自然科学基金委员会创新研究群体科学基金(60921003) 国家自然科学基金(60574087 60970121) 国家杰出青年基金资助项目(60825202) 国家"十一五"科技支撑计划重点课题(2006BAK11B02) 国家高技术研究发展计划(863)项目(2007AA01Z475 2007AA01Z480 2007AA01Z464 2008AA01Z415)
关键词 WEB平台 可信性 开放平台 测试 Web platform trustworthiness open platform testing
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献21

  • 1Oreilly T. What is Web 2.0:Design patterns and business models for the next generation of software [J]. Communications & Strategies, 2007,3 (1) : 17.
  • 2陈康,郑纬民.云计算:系统实例与研究现状[J].软件学报,2009,20(5):1337-1348. 被引量:1312
  • 3Boyd D M, Ellison N B. Social network sites:Definition, history, and scholarship [J]. Journal of Computer-Mediated Communication, 2007,13(1) : 210-230.
  • 4Greschler D, Mangan T. Networking lessons in delivering "software as a service "[J]. International Journal of Network Management, 2002,12(5) : 317-321.
  • 5IEEE Computer Society's Technical Committee on Security and Privacy. W2SP 2009:Web 2.0 security privacy 2009 [ EB/OL ]. [ 2009-12-02 ]. http:// w2spconf . com/2009.
  • 6Felt A, Evans D. Privacy protection for social networking platforms [EB/OL]. [ 2009-12-02 ]. http:// w2spcon f. com/2OO8/ papers/s3pl, pdf .
  • 7Grandison T, Maximilien E M. Towards privacy propagation in the social Web[C/OL]. [2009-12-02]. http ://w2spconf. com/2008/ papers/sp5, pdf.
  • 8Becker J,Chen H. Measuring privacy risk in online so- cial networks [ EB/OL ]. [2009-12-02 ]. http:// w2spcon f . com/2OO9/ papers/s2 p2. pdf .
  • 9Maximilien E M, Grandison T, Sun T, et al. Privacyas-a-service.. Models, algorithms, and results on the Facebook platform [EB/OL]. [2009-12-02]. http:// w2spcon f . com/2009 / papers/s4 p2. pdf .
  • 10Singh K, Bhola S, Lee W. xBook: Redesigning privacy control in social networking platforms [C]//Proceedings of the USENIX Security Symposium. Montreal : USENIX, 2009 : 249-266.

二级参考文献29

  • 1Sims K. IBM introduces ready-to-use cloud computing collaboration services get clients started with cloud computing. 2007. http://www-03.ibm.com/press/us/en/pressrelease/22613.wss
  • 2Boss G, Malladi P, Quan D, Legregni L, Hall H. Cloud computing. IBM White Paper, 2007. http://download.boulder.ibm.com/ ibmdl/pub/software/dw/wes/hipods/Cloud_computing_wp_final_8Oct.pdf
  • 3Zhang YX, Zhou YZ. 4VP+: A novel meta OS approach for streaming programs in ubiquitous computing. In: Proc. of IEEE the 21st Int'l Conf. on Advanced Information Networking and Applications (AINA 2007). Los Alamitos: IEEE Computer Society, 2007. 394-403.
  • 4Zhang YX, Zhou YZ. Transparent Computing: A new paradigm for pervasive computing. In: Ma JH, Jin H, Yang LT, Tsai JJP, eds. Proc. of the 3rd Int'l Conf. on Ubiquitous Intelligence and Computing (UIC 2006). Berlin, Heidelberg: Springer-Verlag, 2006. 1-11.
  • 5Barroso LA, Dean J, Holzle U. Web search for a planet: The Google cluster architecture. IEEE Micro, 2003,23(2):22-28.
  • 6Brin S, Page L. The anatomy of a large-scale hypertextual Web search engine. Computer Networks, 1998,30(1-7): 107-117.
  • 7Ghemawat S, Gobioff H, Leung ST. The Google file system. In: Proc. of the 19th ACM Symp. on Operating Systems Principles. New York: ACM Press, 2003.29-43.
  • 8Dean J, Ghemawat S. MapReduce: Simplified data processing on large clusters. In: Proc. of the 6th Symp. on Operating System Design and Implementation. Berkeley: USENIX Association, 2004. 137-150.
  • 9Burrows M. The chubby lock service for loosely-coupled distributed systems. In: Proc. of the 7th USENIX Symp. on Operating Systems Design and Implementation. Berkeley: USENIX Association, 2006. 335-350.
  • 10Chang F, Dean J, Ghemawat S, Hsieh WC, Wallach DA, Burrows M, Chandra T, Fikes A, Gruber RE. Bigtable: A distributed storage system for structured data. In: Proc. of the 7th USENIX Symp. on Operating Systems Design and Implementation. Berkeley: USENIX Association, 2006. 205-218.

共引文献1312

同被引文献6

引证文献1

二级引证文献2

武汉大学学报(理学版)
2010年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部