期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

针对内部威胁的可控云计算关键技术研究与实现 被引量:5

Key Technology Research and Implement on Insider Threat for Controlled Cloud Computing
下载PDF
导出
摘要 云计算在学术界和工业界获得了广泛关注,但是云计算中的数据安全和隐私保护问题阻碍了云计算的发展。文章从开源云计算框架OpenStack出发,分析其运维方式,提出使用API代理及访问控制的方法实现对云平台的内部管控,防止用户数据受到来自云平台内部的威胁。实验结果表明,文章提出的方法在满足云平台正常运维需求的基础上,实现了对云管理员的权限划分,并且能够拦截恶意和非法的访问请求。 Cloud computing has generated significant interest in both academia and industry,but the data security and privacy problem is hindering the development of cloud computing.Originated from the OpenStack open source cloud computing framework,this paper analyzes its operation and maintenance mode,and proposes using API proxy and access control to achieve internal controls of cloud platform and protect user data from insider threat in cloud platform.Experiment results show that the method in this article,which can achieve the basic need of cloud platform operation maintenance,implements the division of authority to the cloud administrator and can block malicious and illegal access requests.
作者 向林波 刘川意
机构地区 北京邮电大学可信分布式计算与服务教育部重点实验室
出处 《信息网络安全》 2016年第3期53-58,共6页 Netinfo Security
基金 国家高技术研究发展计划(国家863计划)[2015AA016001]
关键词 云计算 可控云 内部威胁 API代理 访问控制 cloud computing controlled cloud insider threat API proxy access control
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献4

二级参考文献64

  • 1罗武庭.DJ—2可变矩形电子束曝光机的DMA驱动程序[J].LSI制造与测试,1989,10(4):20-26. 被引量:373
  • 2Organization for the Advancement of Structured Information Standards (OASIS) http://www.oasis-open.org/.
  • 3Distributed Management Task Force (DMTF) http://www.dmtf.org/home.
  • 4Cloud Security Alliance http://www.cloudsecurityalliance.org.
  • 5Crampton J, Martin K, Wild P. On key assignment for hierarchical access control. In: Guttan J, ed, Proc. of the 19th IEEE Computer Security Foundations Workshop--CSFW 2006. Venice: IEEE Computer Society Press, 2006. 5-7.
  • 6Damiani E, De S, Vimercati C, Foresti S, Jajodia S, Paraboschi S, Samarati P. An experimental evaluation of multi-key strategies for data outsourcing. In: Venter HS, Eloff MM, Labuschagne L, Eloff JHP, Solms RV, eds. New Approaches for Security, Privacy and Trust in Complex Environments, Proc. of the IFIP TC-11 22nd Int'l Information Security Conf. Sandton: Springer-Verlag, 2007. 395-396.
  • 7Bethencourt J, Sahai A, Waters B. Ciphertext-Policy attribute-based encryption. In: Shands D, ed. Proc. of the 2007 IEEE Symp. on Security and Privacy. Oakland: IEEE Computer Society, 2007. 321-334. [doi: 10.1109/SP.2007.11].
  • 8Yu S, Ren K, Lou W, Li J. Defending against key abuse attacks in KP-ABE enabled broadcast systems. In: Bao F, ed. Proc. of the 5th Int'l Conf. on Security and Privacy in Communication Networks. Singapore: Springer-Verlag, http://www.linkpdf.com/ ebook-viewer.php?url=http://www.ualr.edu/sxyul/file/SecureCommO9_AFKP_ABE.pdf.
  • 9Ibraimi L, Petkovic M, Nikova S, Hartel P, Jonker W. Ciphertext-Policy attribute-based threshold decryption with flexible delegation and revocation of user attributes. Technical Report, Centre for Telematics and Information Technology, University of Twente, 2009.
  • 10Roy S, Chuah M. Secure data retrieval based on ciphertext policy attribute-based encryption (CP-ABE) system for the DTNs. Technical Report, 2009.

共引文献1111

同被引文献24

引证文献5

二级引证文献23

信息网络安全
2016年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部