期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

云计算基础设施攻击及防范技术研究 被引量:1

Research on the Technology of Cloud Infrastructure
原文传递
导出
摘要 针对目前广泛应用的Amazon公有云和Ubuntu私有云,文中总结其共同采用的云基础管理软件Eucalyptus的安全特性,分析了针对Eucalyptus的控制接口攻击方法,如签名包裹和高级跨站攻击等,通过对这些攻击的研究加深了对目前主流云基础设施安全问题的理解,同时提出了一些可以采用的应对方法。 For the widely applied Amazon public cloud and Ubuntu private cloud security features of their commonly- used basic cloud management software Eucalyptus are summarized, and the control-interface attacks against Eucalyptus, such as signature wrapping attack and high-level eross-website attack, are analyzed. Through the study on these attacks and the deep understanding of the security of principal cloud infrastructure, some countermeasures in dealing with these security problems are proposed in this paper.
作者 张志明 王强
机构地区 海军驻广州 中国电子科技集团公司第三十研究所
出处 《信息安全与通信保密》 2012年第5期84-86,共3页 Information Security and Communications Privacy
关键词 云计算 AmazonEC2 EUCALYPTUS 签名包裹 cloud computing Amazon EC2 Eucalyptus signature wrapping
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献8

  • 1The Cloud Security Alliance. Security GuiDance for Critical Areas of Focus in Cloud Computing V3.0[EB/OL]. (2011-12- 09)[2012-02-22]. http: //www.cloudsecurityalliance.org.
  • 2CRAMPTON J, MARTIN K, WILD P. On Key Assignment for Hierarchical Access Control[C]//Proceedings of the 19'h IEEE Computer Security Foundations Workshop. USA: [s.n.], 2006: 5-7.
  • 3CHRIS G. Secure Web Browsing with the OP Web Browser[C]// Proceedings of the 2008 1EEE Symposium on Security and Privacy. USA: [s.n.], 2008: 402-416.
  • 4MALEK B, MIRI A. Combining Attribute-based and Access Systems[C]//Proceedings of the 12'h IEEE Int'l Conf. on Computational Science and Engineering. USA: [s.n.], 2009: 305-312.
  • 5杨勇,王强.云服务数据隔离技术[J].信息安全与通信保密,2012,10(2):57-59. 被引量:18
  • 6YAO A. How to Generate and Exchange Secrets[J]. Foundations of Computer Science. 1986(6) : 162-167.
  • 7李芳馨,刘嘉勇.网络数据流还原重组技术研究[J].通信技术,2011,44(7):113-114. 被引量:14
  • 8陈世林,王强,曾梦岐,卿昱.Web应用增强安全模型[J].信息安全与通信保密,2011,9(9):87-89. 被引量:6

二级参考文献25

  • 1侯新宇,王晟,骆光明.基于接收端的TCP流量控制及优化研究[J].通信技术,2007,40(10):21-22. 被引量:1
  • 2AdobeSystems. Hash Content Reaches 99% of Intemet Viewers[EB/OL]. (2010-11-2)[2011-7-12]. http: //www.adobe.com/products/ player_census/flashplayer/.
  • 3ADAM Barth, COLLIN Jackson. The Security Architecture of the Chromium Browser[EB/OL]. (2010-11-18)[2011-7-12]. http : // seclah.stanford.edu/websec/chromium/.
  • 4CHRIS Gary, BORDERS Kevin. Secure Web Browsing with the OP Web Browser[C]//Proceedings of the 2008 IEEE Symposium on Security and Privacy. [s.l.]: IEEE Computer Society, 2008: 402-416.
  • 5WANG Helen, COLLIN Jackson. The Multi-Principal OS Construction of the Gazelle Web Browser[C]//The 18th USENIX Security Symposium. Montreal, Canada: [s.n.], 2009: 62-86.
  • 6JAYARAMAN Kevin. Escudo: A Fine-grained Protection Model for Web Browsers[C]//The 30^th International Conference on Distributed Computing Systems. Genoa, Italy: [s.n.], 2010: 251-267.
  • 7ZALEWSKI Michal. Browser Security Handbook[EB/OL]. (2009-10-12)[2011-7-12]. http: //code.google.com/p/browsersec/.
  • 8RUDERMAN Jesse. Same Origin Policy for JavaScript[EB/OL]. (2008-11-2)[ 2011-7-12]. https : //developer.mozilla.org/En/ Same_origin_policy_for_JavaScript.
  • 9COLLIN Jackson. Protecting Browsers from DNS Rebinding Attacks[J]. ACM Transactions on the Web, 2009, 3: 1-26.
  • 10GARY R W,RICHARD STEVENS W.TCP/IP详解卷二:实现[M].北京:机械工业出版社,2010:636.

共引文献28

同被引文献2

引证文献1

二级引证文献21

信息安全与通信保密
2012年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部