| 面向可信云计算的资源安全管理机制研究 |
| |
| 引用本文: | 李保珲,李斌,任望,杨光,王永涛,杜宇鸽,张鹏. 面向可信云计算的资源安全管理机制研究[J]. 信息安全学报, 2018, 3(2): 76-86 |
| |
| 作者姓名: | 李保珲 李斌 任望 杨光 王永涛 杜宇鸽 张鹏 |
| |
| 作者单位: | 中国信息安全测评中心 系统评估处 北京 中国 100085,中国信息安全测评中心 系统评估处 北京 中国 100085,中国信息安全测评中心 系统评估处 北京 中国 100085,中国信息安全测评中心 系统评估处 北京 中国 100085,中国信息安全测评中心 系统评估处 北京 中国 100085,中国信息安全测评中心 系统评估处 北京 中国 100085,中国科学院信息工程研究所 信息内容安全国家工程实验室 北京 中国 100093 |
| |
| 基金项目: | 本课题得到国家自然科学青年基金(NO.61702552)、国家重点研发计划(NO.YFB0801300)、国家自然科学青年基金(NO.61402464)、国家高技术研究发展计划863项目"面向可信第三方的云平台可信评测技术及系统"(NO.2015AA016001)资助。 |
| |
| 摘 要: | 数据所有权和控制权的分离对云中的程序和数据构成了严重的安全威胁,因此,云计算的可信性是决定其推广和普及程度的关键。本文认为,云计算资源管理机制对云计算可信性具有关键的影响作用;在此认识基础上,本文首先从资源安全管理机制本身及其实现的脆弱性两大方面分析了国内外的相关研究现状;然后,经分析得出,与普通网络环境相比,"共享与隔离"及"安全和性能"这两个矛盾在云计算环境中更为突出,且这两者的完美解决更加依赖于计算体系结构和计算模式的创新;最后,为有效提升云计算可信性,提出了云计算资源安全管理机制应优先着重关注的五个方面问题,并给出了相应思考。
|
| 关 键 词: | 可信云 资源管理 脆弱性 计算体系结构 计算模式 |
| 收稿时间: | 2017-09-19 |
| 修稿时间: | 2018-01-13 |
Research On the Resource Security Management Mechanism for Trusted Cloud Computing |
| |
| LI Baohui,LI Bin,REN Wang,YANG Guang,WANG Yongtao,DU Yuge and ZHANG Peng. Research On the Resource Security Management Mechanism for Trusted Cloud Computing[J]. Journal of Cyber Security, 2018, 3(2): 76-86 |
| |
| Authors: | LI Baohui LI Bin REN Wang YANG Guang WANG Yongtao DU Yuge ZHANG Peng |
| |
| Affiliation: | Chinese Information Technology Securiry Evaluation Center, Department of System Evaluation, Beijing 100085, China,Chinese Information Technology Securiry Evaluation Center, Department of System Evaluation, Beijing 100085, China,Chinese Information Technology Securiry Evaluation Center, Department of System Evaluation, Beijing 100085, China,Chinese Information Technology Securiry Evaluation Center, Department of System Evaluation, Beijing 100085, China,Chinese Information Technology Securiry Evaluation Center, Department of System Evaluation, Beijing 100085, China,Chinese Information Technology Securiry Evaluation Center, Department of System Evaluation, Beijing 100085, China and National Engineering Laboratory Of Information Security Technologies, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China |
| |
| Abstract: | The separation of data ownership and control constitutes a serious security threat to programs and data in cloud. Therefore, the credibility of cloud computing determines its spread and popularity. For the major impact on the trustworthiness of cloud computing influenced by resource management mechanisms, this paper firstly analyses the research status at home and abroad from the from the two aspects of the resource management mechanism itself and its realization vulnerabilities. Then, we come to conclusion that the two contradictions, "sharing and isloating" and "security and performance", are more prominent in cloud computing environment, comparing with common network environment. And, the perfect solution for the contradictions depends more on the innovation of the computing architecture and computing model. Finally, in order to effectively enhance the credibility of cloud computing, we proposed that five aspects of virtualization resource security management mechanism should be paid more attention to. |
| |
| Keywords: | trusted cloud computing resource management mechanism vulnerability computing architecture computing model |
|
| 点击此处可从《信息安全学报》浏览原始摘要信息 |
|
点击此处可从《信息安全学报》下载免费的PDF全文 |
|
