At present,most providers of cloud computing mainly provide infrastructures and services of infrastructure as a service(IaaS).But there is a serious problem that is the lack of security standards and evaluation model ...At present,most providers of cloud computing mainly provide infrastructures and services of infrastructure as a service(IaaS).But there is a serious problem that is the lack of security standards and evaluation model of IaaS.After analyzing the vulnerabilities performance of IaaS cloud computing system,the mapping relationship was established between the vulnerabilities of IaaS and the nine threats of cloud computing which was released by cloud security alliance(CSA).According to the mapping relationship,a model for evaluating security of IaaS was proposed which verified the effectiveness of the model on OpenStack by the analytic hierarchy process(AHP) and the fuzzy evaluation method.展开更多
基金National Natural Science Foundation of China(No.61462070)the"ChunHui Plan"Project of Educational Department,China(No.Z2009-1-01062)the Research of Evaluation Technology of Security and Reliability of Cloud Computing and the Built of Testing Platform That is a Technology Plan Project of Inner Mongolia,China
文摘At present,most providers of cloud computing mainly provide infrastructures and services of infrastructure as a service(IaaS).But there is a serious problem that is the lack of security standards and evaluation model of IaaS.After analyzing the vulnerabilities performance of IaaS cloud computing system,the mapping relationship was established between the vulnerabilities of IaaS and the nine threats of cloud computing which was released by cloud security alliance(CSA).According to the mapping relationship,a model for evaluating security of IaaS was proposed which verified the effectiveness of the model on OpenStack by the analytic hierarchy process(AHP) and the fuzzy evaluation method.
