摘要
本研究旨在探讨云测试的安全问题。虽然越来越多的企业开始向云环境迈进并共享信息,但他们同样十分关注云环境的安全问题和可能存在的风险。综述测试过程中安全保障方法的现有概念,在此基础上重点归纳和分析公共云测试中的信任、治理、承诺、认证与访问管理、可用性、数据安全、隔离及失败、架构这8类安全问题的风险程度,并对典型的公共云服务提供商在这8类安全问题上所采取的安全策略进行实证分析。
The objective of this study is to evaluate security issues of cloud testing. Organizations are increasingly mov ing to the cloud and sharing their information, but there are concerns about security issues and risks that may arise due to security breaches. This paper extends the concept of security approach during testing. It makes use of a literature review to evaluate the risk of eight security issues when testing in public clouds. The security issues including trust, governance, compliance, identity and access management, availability, data security, instance isolation and its failures, and architecture in testing on a public cloud. The paper also includes an empirical survey to evaluate the current security strategies of different public cloud providers on the eight security issues.
出处
《现代图书情报技术》
CSSCI
北大核心
2012年第11期22-33,共12页
New Technology of Library and Information Service
基金
湖北省自然科学基金项目“基于云计算的知识集成与服务研究”(项目编号:2011CDA116)
芬兰科技创新基金项目“云计算环境下面向质量预期的软件测试及开发研究”(项目编号:TEKES 344/31/2011)的研究成果之一
