| 云安全研究进展综述 |
| |
| 引用本文: | 俞能海,郝卓,徐甲甲,张卫明,张驰.云安全研究进展综述[J].电子学报,2013,41(2):371-381. |
| |
| 作者姓名: | 俞能海 郝卓 徐甲甲 张卫明 张驰 |
| |
| 作者单位: | 中国科学技术大学信息科学与技术学院,安徽合肥,230027 |
| |
| 基金项目: | 国家自然基金,中国科学院"面向感知中国的新一代信息技术研究"战略性先导科技专项子课题 |
| |
| 摘 要: | 随着云计算在学术界和工业界的兴起,云计算也不可避免的带来了一些安全问题.本文对云计算的安全需求进行了总结,指出云计算不仅在机密性、数据完整性、访问控制和身份认证等传统安全性上存在需求,而且在可信性、配置安全性、虚拟机安全性等方面具有新的安全需求.我们对云计算的两个典型产品Amazon Web Services和Windows Azure的安全状况进行了总结,并阐述了针对云计算的拒绝服务攻击和旁通道攻击.基于云计算的安全需求和面临的攻击,对现有安全机制进行了优缺点分析,系统的总结了现有的安全机制.
|
| 关 键 词: | 云计算 机密性 数据完整性 访问控制 公开认证 可信性 虚拟机安全性 |
| 收稿时间: | 2012-04-16 |
Review of Cloud Computing Security |
| |
| YU Neng-hai
,
HAO Zhuo
,
XU Jia-jia
,
ZHANG Wei-ming
,
ZHANG Chi.Review of Cloud Computing Security[J].Acta Electronica Sinica,2013,41(2):371-381. |
| |
| Authors: | YU Neng-hai HAO Zhuo XU Jia-jia ZHANG Wei-ming ZHANG Chi |
| |
| Affiliation: | School of Science and Technology, University of Science and Technology of China, Hefei, Anhui 230027, China |
| |
| Abstract: | With the development of cloud computing in the academia and industry,it is inevitable that many security problems arise.This paper summarizes the security requirements of cloud computing,which not only cover the traditional security requirements like confidentiality,data integrity,access control and identity authentication,but also introduce new security requirements in the credibility,configuration and virtual machinery.We make conclusions about the security situations on two typical cloud computing products:Amazon Web Services and Windows Azure and elaborate two attack mechanisms against cloud computing:Denial of service attack and Side channel attack.Based on the security requirements and attacks against cloud computing,we systematically summarize the current security protection mechanisms and further make a comparison among them. |
| |
| Keywords: | cloud computing confidentiality data integrity access control public verifiability credibility security of virtual machine |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《电子学报》浏览原始摘要信息 |
|
点击此处可从《电子学报》下载全文 |
|
