摘要
随着云计算技术的蓬勃发展,越来越多的终端用户在云端使用计算资源、存储资源和其他网络资源,产生了大量的云服务访问认证请求.通过对用户及终端的可信认证保障云接入安全,已成为解决云计算安全问题的重要途径.文章综述了云计算环境下的主要安全问题,以及终端用户认证和可信接入方法、机制和安全协议等,展望了未来在云接入和认证安全方面的主要研究方向.
Along with the prosperous developments of cloud computing technology,more and more terminal users would use the computing,storage and network resources in cloud,thus bringing forth a lot of access authentication requests for cloud services.Since almost all of the attacks are launched from the terminal,Trust Network Connection(TNC)is to extend trust chain to the network on the guarantee that terminal's hardware security is well protected,so the entire network can be secure and credible.Protecting the cloud admission security through the trusted authentication of terminal users and their terminals has already become an important way to solve cloud computing security problems.A research review for the main security problems was made in the paper,as well as the terminal user authentication and trusted admission methods,mechanisms and security protocols in the cloud computing environment.The combination of trusted computing technology and cloud computing will be a highlighted research topic of cloud computing security in the future.Finally,the future research directions including both cloud admission and authentication security were forecasted,which could be summarized into three aspects.(1)Remote attestation mechanism with trusted computing,platform authentication and related protocols concerning typical cloud media,and requirements to protect privacy in cloud media.Trusted computing strengthens the function of platform trusted authentication and enhances the security in the cloud.However,trusted authentication requires the trusted measurement of the platform from both sides of communication,which increases the expenses of the system.How to design more efficient light-weight security protocol of admission authentication is a burning issue that needs to be effectively addressed.(2)The construction of usage control model with payable services with the users and the providers in cloud computing.Usage control model with payable services is crucial for cloud service providers to develop and deploy cloud applications with high safety and efficiency.Here,profit is the major factor in the choice of the pricing plans for the providers while how to make an optimal choice from multiple pricing schemes is more important for theconsumers.(3)When the end users access cloud computing,the analysis of their location information is left out,which brings about the issue of location information insecurity.Such issue is a key element that leads to cloud computing security.Further research can focus on dynamic admission mechanism for mobile cloud and accurate positioning of uncertain security location information.In the case where the unsafe location is detected,location detection admission policy can realize the dynamic admission mechanism to ensure the users' location security.
出处
《河南大学学报(自然科学版)》
CAS
2017年第1期62-72,共11页
Journal of Henan University:Natural Science
基金
河南省高校科技创新团队支持计划项目(15IRTSTHN010)
河南省科技攻关项目(142102210425)
河南省教育厅科学技术研究重点项目基础研究计划(13A520240
14A520048)
河南科技大学标志性科技成果培育基金项目(2015BZCG01)
关键词
云计算
可信接入
认证
安全协议
cloud computing
trusted admission
authentication
security protocol
