共查询到20条相似文献,搜索用时 0 毫秒
1.
2.
目前大多数企业已经部署了基于策略访问控制的信息安全防御体系,但是随着云计算环境部署和网络攻击技术的发展,安全正成为云计算环境下亟待解决的重要问题,诸如能轻而易举地绕过传统防火墙、突破基于黑/白名单与特征匹配的安全防御机制等高级持续性攻击,给传统安全体系带来了新的挑战.分析了传统紧耦合安全防御体系在虚实结合网络环境下面临的问题,提出了软件定义安全的模型及其框架下的关键技术,实现了虚拟的和物理的网络安全设备与它们的接入模式、部署位置解耦合,为企业云计算环境下自适应的主动安全防护提供了有益的探索. 相似文献
3.
随着云计算技术的普遍应用,云环境下云资源的安全性问题也受到了信息安全技术领域研究人员的普遍关注.传统的访问控制方法不能适应云计算环境下的数据存储和处理的安全需要,属性加密访问控制方法在云计算环境下的应用,可以有效的保证云环境下数据的安全性.本文对云安全进行了简单的分析,对基于属性的访问控制方法进行了研究,结合云计算环境数据处理的实际情况,提出了基于属性加密访问控制方法在云计算环境下应用的方案,并进行了研究. 相似文献
4.
5.
Integrating parallel computing and distributed computing together can be obtained by cloud computing (CC). One of the major problems faced by public CC is security regarding data access control. CC permits people to share data, documents, videos, and other types of data. Generally, the cloud data are considered as big data, because the volume of the data is huge and it has a greater number of varieties. In recent days, attribute‐based data sharing applied only for selected data is a crucial problem. One of the existing approaches encrypts data using various kinds of keys based on several types of cryptosystems. However, those kinds of methods have some weaknesses such as inability to handle the attributes effectively, storage of more unwanted copies of the same data, and policy changes. It needs a high amount of computational cost and reduces the efficiency of memory utilization and the computational speed. This paper motivated to design and implement an efficient approach for optimized access control (OAC) for data stored in the cloud to overcome these kinds of issues. The efficiency of the proposed method is proved through a simulation‐based experiment in Cloud Simulator. 相似文献
6.
一种可重构体系结构用于高速实现DES、3DES和AES 总被引:3,自引:2,他引:1
可重构密码芯片提高了密码芯片的安全性和灵活性,具有良好的应用前景.然而目前的可重构密码芯片吞吐率均大大低于专用芯片,因此,如何提高处理速度是可重构密码芯片设计的关键问题.本文分析了常用对称密码算法DES、3DES和AES的可重构性,利用流水线、并行处理和可重构技术,提出了一种可重构体系结构.基于该体系结构实现的DES、3DES和AES吞吐率在110MHz工作频率下分别可达到7Gbps、2.3Gbps和1.4Gbps.与其他同类设计相比,本文设计在处理速度上有较大优势,可以很好地应用到可重构密码芯片设计中. 相似文献
7.
针对现有的多级安全访问控制模型过于复杂而不利于实际部署以及在密钥管理中存在的漏洞,文章在改良密钥生成算法,紧密结合可信计算技术支持的信任验证机制,提出了一种新的多级安全访问控制方案。与传统的方案相比,新方案不仅更加简洁、灵活,便于与原有系统进行整合,同时,克服了密钥管理上的漏洞。 相似文献
8.
提出了一种基于云计算的数据存储和处理框架,支持用户对大规模数据集进行低成本、安全的共享和处理。该框架研究了基于矩阵的数据挖掘算法,重点是安全的Top-k特征向量算法。该算法采用了一种迭代处理模型,授权用户可以与云端展开交互以获得预期结果,交互过程中源矩阵和中间结果均处于保密状态。另外,基于Paillier加密算法和高效的随机向量扰动策略,实现了新算法的安全性。实验结果表明,提出的方法对大型矩阵具有可拓展性,且客户端成本较低。 相似文献
9.
To order to address the problem of cloud storage data security,the generic proxy-based data protection system was proposed,which could automatically and transparently secure sensitive data in browser-based cloud storage applications.A novel dynamic program analysis technique was adopted based on JavaScript API function hooking for automatically extending to various cloud applications.And a novel proxy executed searchable encryption solution was presented so that it could achieve data encryption while maintaining the original functions of cloud applications.Experimental results show that the system can support a variety of typical cloud services,effectively protect sensitive data,and bring a relatively low overhead. 相似文献
10.
Security is a key problem for the development of Cloud Computing. A common service security architecture is a basic abstract to support security research work. The authorization ability in the service security faces more complex and variable users and environment. Based on the multidimensional views , the service security architecture is described on three dimensions of service security requirement integrating security attributes and service layers . An attribute-based dynamic access control model is presented to detail the relationships among subjects , objects , roles , attributes , context and extra factors further. The model uses dynamic control policies to support the multiple roles and flexible authority. At last, access control and policies execution mechanism were studied as the implementation suggestion. 相似文献
11.
12.
结合三种云服务模式和云安全体系架构,分析了云计算中存在的数据安全、虚拟化安全及平台安全等主要安全问题.梳理了ISO/ICE JTC1 SC27、ITU-T、NIST等当前主要标准化组织在云计算安全领域的标准研究情况,最后,针对当前云计算实施情况提出了我国云计算安全标准化工作思路. 相似文献
13.
颜斌 《信息安全与通信保密》2012,(11):66-68
云计算带来了广阔的应用前景,但也对传统的信息安全技术在云计算模式下的应用提出了新的挑战,安全和标准化是云计算所面临的众多问题中的关键所在。目前,各国政府机构和研究组织正在积极着手研究相关问题,文中围绕云计算安全标准研究展开,介绍当前主要的云安全标准组织情况,并就各自在云计算安全领域的标准研究情况进行概述,对其主要研究成果进行扼要分析,希望为国内云计算安全标准的研究提供部分借鉴。 相似文献
14.
15.
The researchers are using the various variations of re‐encryption schemes, which migrate the computational intensive re‐encryption jobs of mobile devices to the trusted entity/cloud. However, the messages are still encrypted and decrypted using the limited computational power of mobile devices. Our contribution in this paper is to propose a workload distribution model for re‐encryption schemes, which offloads the computational intensive operations, such as encryption and decryption on a trusted entity. Moreover, the proposed workload distribution model is compared with existing re‐encryption schemes of resource utilization on trusted entity and mobile device. The experimental results show substantial improvement in performance compared to the existing schemes. 相似文献
16.
17.
Despite the multifaceted advantages of cloud computing,concerns about data leakage or abuse impedes its adoption for security-sensi tive tasks.Recent investigations have revealed that the risk of unauthorized data access is one of the biggest concerns of users of cloud-based services.Transparency and accountability for data managed in the cloud is necessary.Specifically,when using a cloudhost service,a user typically has to trust both the cloud service provider and cloud infrastructure provider to properly handling private data.This is a multi-party system.Three particular trust models can be used according to the credibility of these providers.This pa per describes techniques for preventing data leakage that can be used with these different models. 相似文献
18.
电子商务是互联网应用发展的必然趋势,也是国际金融贸易中越来越重要的经营模式。安全是保证电子商务健康有序发展的关键因素。论文对目前电子商务中存在的安全隐患进行了简要分析,在此基础上,介绍了解决网络安全问题的主要技术(防火墙、数据加密、数字认证、身份认证,访问控制等)并从实际应用出发提出了一些具体的安全措施。 相似文献
19.
云存储环境下的密文安全共享机制 总被引:1,自引:0,他引:1
With the convenient of storing and sharing data in cloud storage environment,the concerns about data security arised as well.To achieve data security on untrusted servers,user usually stored the encrypted data on the cloud storage environment.How to build a cipertext-based access control scheme became a pot issue.For the access control problems of ciphertext in cloud storage environment,a CP-ABE based data sharing scheme was proposed.Novel key generation and distribution strategies were proposed to reduce the reliance on a trusted third party.Personal information was added in decryption key to resistant conclusion attacks at the same time.Moreover,key revocation scheme was proposed to provide the data backward secrecy.The security and implement analysis proves that proposed scheme is suit for the real application environment. 相似文献
20.
文章针对云计算的安全问题,提出了一种全同态加密方案和基于此方案的数据检索算法,既保证了用户数据的安全性,又保证了服务器能够对存储的用户密文直接检索,为云系统中的信息安全和数据处理提供了良好的解决方案。 相似文献