摘要
云数据库作为一种新兴的云计算应用,得到了广泛关注,而数据安全问题也成为云数据库进一步发展的难点。针对大型数据中心多租户云数据库的数据保护和业务QoS问题,文章提出了一种基于属性加密的多租户云数据库安全隔离和数据保护方案。首先,设计并实现了多租户云数据库管理系统,保证租户间的数据隔离;其次,提出了一个基于属性加密的中间件为租户数据进行加密和细粒度的权限控制,保证数据的安全性;最后,设计并实现了一套基于SDN网络架构的QoS系统,对云数据库服务的业务带宽进行保障。实验结果表明,文章设计的云数据库能够满足多租户的安全要求,当网络出现拥塞时,基于SDN的QoS系统可以保障加密数据库系统的业务带宽,确保租户的服务体验。
As a new cloud computing application,cloud database has been widely concerned,but data security has become the difficulty of further development of cloud database.Targeting the problem of data protection and Qo S of muitl-tanant cloud database in large data center,a multi-tenant cloud database security isolation and data protection based on attribute based encryption scheme is proposed.Firstly,the multi-tenant cloud database management system is designed and implemented to guarantee the data isolation between tenants.Secondly,a middleware based on attribute based encryption is proposed to encrypt the tenant data to ensure the security of the data and realize the fine grainen rank control.Finally,a Qo S system based on SDN is designed and implemented to ensure the service bandwidth of the cloud database service.The experimental results show that the proposed system can meet the security requirements of multi-tenant.When the network is congested,the Qo S system can protect the business bandwidth of the encrypted database system and ensure the service experience of the tenant.
作者
董庆贺
何倩
江炳城
刘鹏
DONG Qinghe;HE Qian;JIANG Bingcheng;LIU Peng(1.Guangxi Key Laboratory of Cryptography and Information Security,Guilin University of Electronic Technology;Guangxi Collaborative Innovation Center of Cloud Computing and Big Data,Guilin University of Electronic Technology,Guilin Guangxi 541004,China)
出处
《信息网络安全》
CSCD
北大核心
2018年第7期60-68,共9页
Netinfo Security
基金
国家自然科学基金[61661015]
认知无线电与信息处理教育部重点实验室基金[CRKL160101]
广西云计算与大数据协同创新基金[YD16801
C77KYS02SX18]
广西密码学与信息安全重点实验室基金[GCIS201701]
