共查询到20条相似文献,搜索用时 46 毫秒
1.
Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance.However,this poses new challenges related to creating secure and reliable data storage over unreliable service providers.In this study,we address the problem of ensuring the integrity of data storage in cloud computing.In particular,we consider methods for reducing the burden of generating a constant amount of metadata at the client side.By exploiting some good attributes of the bilinear group,we can devise a simple and efficient audit service for public verification of untrusted and outsourced storage,which can be important for achieving widespread deployment of cloud computing.Whereas many prior studies on ensuring remote data integrity did not consider the burden of generating verification metadata at the client side,the objective of this study is to resolve this issue.Moreover,our scheme also supports data dynamics and public verifiability.Extensive security and performance analysis shows that the proposed scheme is highly efficient and provably secure. 相似文献
2.
Cloud storage is one of the main application of the cloud computing. With the data services in the cloud, users is able to outsource their data to the cloud, access and share their outsourced data from the cloud server anywhere and anytime. However, this new paradigm of data outsourcing services also introduces new security challenges, among which is how to ensure the integrity of the outsourced data. Although the cloud storage providers commit a reliable and secure environment to users, the integrity of data can still be damaged owing to the carelessness of humans and failures of hardwares/softwares or the attacks from external adversaries. Therefore, it is of great importance for users to audit the integrity of their data outsourced to the cloud. In this paper, we first design an auditing framework for cloud storage and proposed an algebraic signature based remote data possession checking protocol, which allows a third-party to auditing the integrity of the outsourced data on behalf of the users and supports unlimited number of verifications. Then we extends our auditing protocol to support data dynamic operations, including data update, data insertion and data deletion. The analysis and experiment results demonstrate that our proposed schemes are secure and efficient. 相似文献
3.
4.
5.
针对传统微处理器FPGA验证难以快速精确的定位错误的问题,提出了一种基于Simics虚拟机的高效原型验证方法,使用Simics辅助FPGA验证,快速定位错误来源.该方法已在龙腾R的FPGA验证平台中得到了应用.实践表明,该方法可以有效缩短问题查找时间,同时Simics仿真结果也能提供解决问题的思路. 相似文献
6.
Cloud computing is the latest major evolution in computing technology.The convergence between cloud computing and telecom networks could significantly reduce costs and bring new business opportunities for operators.Currently,traditional telecom operators are embarrassed by the fact that the increase in revenue cannot catch up with the quick growth of users and the expansion of networks.With the introduction of the cloud computing technology,operators can virtualize the network functions through low-cost COTS IT hardware.All kinds of existing services can be cloudified and thus obtain the benefits of statistical multiplexing among IT resources.With the Telco Cloud architecture,operators can manage both IT infrastructures and network resources intelligently in order to adapt to the dynamic demands from the application and to establish open platforms for developing new services. 相似文献
7.
8.
针对云计算的服务模式屏蔽了云租户的物理硬件视图,不可信的云服务提供商(cloud service provider,CSP)可能利用廉价的硬盘资源通过虚拟化技术,违背服务等级协议约定(service level agreement,SLA)按物理内存定价标准为云租户提供服务这一问题,为了审计CSP提供内存服务的SLA合约性,提出了由Xen层到物理硬件层的内存轻量级测量的SLA合约性审计方案.同时引入可信启动机制和HyperSentry用于保证审计系统的可信启动和完整性运行,提出了带云租户签名机制的Diffie-Hellman密钥交换协议支持策略安全和可信告警.实验结果表明,在虚拟机运行环境下该方法能高效地进行内存SLA合约性审计,同时具有较高的云租户自定义策略扩展性和较低的性能开销. 相似文献
9.
A dynamic nodes partition algorithm for the Ad Hoc network is proposed. Firstly, Roam cluster method is used to cluster 926 random nodes in a square region. Subsequently, the central moving model based on the simulated annealing algorithm and the least circle overlay model is constructed to remove the network redundancy of the circle number and circle radius respectively. Simulation results show that the algorithm can effectively maintain the stability of network structure and increase balancing capabilitie... 相似文献
10.
云计算是一种新兴的资源整合与服务提供方式,软硬件都是资源并能够根据需要进行动态扩展和配置,在物理上以分布式的共享方式存在并可以按需取用,能有效提高资源利用效率,转变应用和业务提供的方式。新的结构需要新型的数据中心作支撑,本文拟采用虚拟化技术设计新型云数据中心详细架构并进行典型功能验证。 相似文献
11.
This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model, this paper implements a mandatory access control (MAC) framework applicable to multi-level security (MLS) in Xen. The Virt-BLP model is the theoretical basis of this MAC framework, and this MAC framework is the implementation of Virt-BLP model. Our last paper focuses on
Virt-BLP model, while this paper concentrates on the design and implementation of MAC framework. For there is no MAC framework applicable to MLS in virtual machine system at present, our MAC framework fills the blank by applying Virt-BLP model to Xen, which is better than current researches to guarantee the security of communication between virtual machines (VMs). The experimental results show that our MAC framework is effective to manage the communication between VMs. 相似文献
12.
13.
针对现有的图像完整性验证水印技术,提出了一种小波域的图像完整性验证水印算法,该算法对小波系数块进行均值量化来实现二值水印信息的嵌入,在鲁棒性和脆弱性方面达到很好的平衡。仿真实验结果证明,该算法能抗常规的非恶意攻击,对于恶意攻击具有很强的识别和定位能力。 相似文献
14.
In this paper,we propose a novel spatial data index based on Hadoop:HQ-Tree.In HQ-Tree,we use PR QuadTrec to solve the problem of poor efficiency in parallel processing,which is caused by data insertion order and space overlapping.For the problem that HDFS cannot support random write,we propose an updating mechanism,called Copy Write,to support the index update.Additionally,HQ-Tree employs a two-level index caching mechanism to reduce the cost of network transferring and I/O operations.Finally,we develop MapReduce-based algorithms,which are able to significantly enhance the efficiency of index creation and query.Experimental results demonstrate the effectiveness of our methods. 相似文献
15.
16.
协议规范、验证及测试的新发展(英文) 总被引:2,自引:0,他引:2
有次序的引入新的通信协议,例如开放系统互连的标准化,需要细致地分析所提出的协议,并对协议实现的发展和测试工作。最近在形式描述技术(FDT)领域及其用于协议设计验证、实现开发和测试方面已做了大量的研究工作。本文是这些问题的引论,并且对这些领域的最新研究作了评论。本文试图阐明形式协议规范,它们的验证和协议实现一致性测试等工作的总的趋向。形式规范用于协议的实现也作了讨论。 相似文献
17.
18.
It is a challenge to verify integrity of dynamic control flows due to their dynamic and volatile nature.To meet the challenge,existing solutions usually implant an "attachment" in each control transfer.However,the attachment introduces additional cost except performance penalty.For example,the attachment must be unique or restrictedly modified.In this paper,we propose a novel approach to detect integrity of dynamic control flows by counting executed branch instructions without involving any attachment.Our solution is based on the following observation.If a control flow is compromised,the number of executed branch instructions will be abnormally increased.The cause is that intruders usually hijack control flows for malicious execution which absolutely introduces additional branch instructions.Inspired by the above observation,in this paper,we devise a novel system named DCFIChecker,which detect integrity corruption of dynamic control flows with the support of Performance Monitoring Counter(PMC).We have developed a proof-of-concept prototype system of DCFI-Checker on Linux fedora 5.Our experiments with existing kernel rootkits and buffer overflow attack show that DCFIChecker is effective to detect compromised dynamic control transfer,and performance evaluations indicate that performance penalty induced by DCFI-Checker is acceptable. 相似文献
19.
本文介绍了一种形成钛金属硅化物(TiSi_2)的新方法(离子注入法),给出其形成条件与钛注入剂量和能量的关系。实验结果表明,TiSi_2膜的薄层电阻为0.95Ω/□,相应的体电阻率为26μΩ-cm约比通常重掺杂LPCVD多晶硅的小一个数量级。文中还利用X-射线衍射、TEM电子衍射、AES和SIMS等分析方法对TiSi_2的微观结构、离子分布以及其组分进行了研究。 相似文献