Cloud computing provides services to users through Internet.This open mode not only facilitates the access by users,but also brings potential security risks.In cloud computing,the risk of data leakage exists between u...Cloud computing provides services to users through Internet.This open mode not only facilitates the access by users,but also brings potential security risks.In cloud computing,the risk of data leakage exists between users and virtual machines.Whether direct or indirect data leakage,it can be regarded as illegal information flow.Methods,such as access control models can control the information flow,but not the covert information flow.Therefore,it needs to use the noninterference models to detect the existence of illegal information flow in cloud computing architecture.Typical noninterference models are not suitable to certificate information flow in cloud computing architecture.In this paper,we propose several information flow models for cloud architecture.One model is for transitive cloud computing architecture.The others are for intransitive cloud computing architecture.When concurrent access actions execute in the cloud architecture,we want that security domain and security domain do not affect each other,that there is no information flow between security domains.But in fact,there will be more or less indirect information flow between security domains.Our models are concerned with how much information is allowed to flow.For example,in the CIP model,the other domain can learn the sequence of actions.But in the CTA model,the other domain can’t learn the information.Which security model will be used in an architecture depends on the security requirements for that architecture.展开更多
After a composite service is deployed, user privacy requirements and trust levels of component services are subject to variation. When the changes occur, it is critical to preserve privacy information flow security. W...After a composite service is deployed, user privacy requirements and trust levels of component services are subject to variation. When the changes occur, it is critical to preserve privacy information flow security. We propose an approach to preserve privacy information flow security in composite service evolution. First, a privacy data item dependency analysis method based on a Petri net model is presented. Then the set of privacy data items collected by each component service is derived through a privacy data item dependency graph, and the security scope of each component service is calculated. Finally, the evolution operations that preserve privacy information flow security are defined. By applying these evolution operations, the re-verification process is avoided and the evolution efficiency is improved. To illustrate the effectiveness of our approach, a case study is presented. The experimental results indicate that our approach has high evolution efficiency and can greatly reduce the cost of evolution compared with re-verifying the entire composite service.展开更多
Accelerate processor, efficient software and pervasive connections provide sensor nodes with more powerful computation and storage ability, which can offer various services to user. Based on these atomic services, dif...Accelerate processor, efficient software and pervasive connections provide sensor nodes with more powerful computation and storage ability, which can offer various services to user. Based on these atomic services, different sensor nodes can cooperate and compose with each other to complete more complicated tasks for user. However, because of the regional characteristic of sensor nodes, merging data with different sensitivities become a primary requirement to the composite services, and information flow security should be intensively considered during service composition. In order to mitigate the great cost caused by the complexity of modeling and the heavy load of single-node verification to the energy-limited sensor node, in this paper, we propose a new distributed verification framework to enforce information flow security on composite services of smart sensor network. We analyze the information flows in composite services and specify security constraints for each service participant. Then we propose an algorithm over the distributed verification framework involving each sensor node to participate in the composite service verification based on the security constraints. The experimental results indicate that our approach can reduce the cost of verification and provide a better load balance.展开更多
基金Natural Science Research Project of Jiangsu Province Universities and Colleges(No.17KJD520005,Congdong Lv).
文摘Cloud computing provides services to users through Internet.This open mode not only facilitates the access by users,but also brings potential security risks.In cloud computing,the risk of data leakage exists between users and virtual machines.Whether direct or indirect data leakage,it can be regarded as illegal information flow.Methods,such as access control models can control the information flow,but not the covert information flow.Therefore,it needs to use the noninterference models to detect the existence of illegal information flow in cloud computing architecture.Typical noninterference models are not suitable to certificate information flow in cloud computing architecture.In this paper,we propose several information flow models for cloud architecture.One model is for transitive cloud computing architecture.The others are for intransitive cloud computing architecture.When concurrent access actions execute in the cloud architecture,we want that security domain and security domain do not affect each other,that there is no information flow between security domains.But in fact,there will be more or less indirect information flow between security domains.Our models are concerned with how much information is allowed to flow.For example,in the CIP model,the other domain can learn the sequence of actions.But in the CTA model,the other domain can’t learn the information.Which security model will be used in an architecture depends on the security requirements for that architecture.
基金Project supported by the National Natural Science Foundation of China(Nos.61562087 and 61772270)the National High-Tech R&D Program(863)of China(No.2015AA015303)+2 种基金the Natural Science Foundation of Jiangsu Province,China(No.BK20130735)the Universities Natural Science Foundation of Jiangsu Province,China(No.13KJB520011)the Science Foundation of Nanjing Institute of Technology,China(No.YKJ201420)
文摘After a composite service is deployed, user privacy requirements and trust levels of component services are subject to variation. When the changes occur, it is critical to preserve privacy information flow security. We propose an approach to preserve privacy information flow security in composite service evolution. First, a privacy data item dependency analysis method based on a Petri net model is presented. Then the set of privacy data items collected by each component service is derived through a privacy data item dependency graph, and the security scope of each component service is calculated. Finally, the evolution operations that preserve privacy information flow security are defined. By applying these evolution operations, the re-verification process is avoided and the evolution efficiency is improved. To illustrate the effectiveness of our approach, a case study is presented. The experimental results indicate that our approach has high evolution efficiency and can greatly reduce the cost of evolution compared with re-verifying the entire composite service.
基金supported in part by National Natural Science Foundation of China(61502368,61303033,U1135002 and U1405255)the National High Technology Research and Development Program(863 Program)of China(No.2015AA017203)+1 种基金the Fundamental Research Funds for the Central Universities(XJS14072,JB150308)the Aviation Science Foundation of China(No.2013ZC31003,20141931001)
文摘Accelerate processor, efficient software and pervasive connections provide sensor nodes with more powerful computation and storage ability, which can offer various services to user. Based on these atomic services, different sensor nodes can cooperate and compose with each other to complete more complicated tasks for user. However, because of the regional characteristic of sensor nodes, merging data with different sensitivities become a primary requirement to the composite services, and information flow security should be intensively considered during service composition. In order to mitigate the great cost caused by the complexity of modeling and the heavy load of single-node verification to the energy-limited sensor node, in this paper, we propose a new distributed verification framework to enforce information flow security on composite services of smart sensor network. We analyze the information flows in composite services and specify security constraints for each service participant. Then we propose an algorithm over the distributed verification framework involving each sensor node to participate in the composite service verification based on the security constraints. The experimental results indicate that our approach can reduce the cost of verification and provide a better load balance.
