计算机系统应用
計算機繫統應用
계산궤계통응용
APPLICATIONS OF THE COMPUTER SYSTEMS
2015年
4期
118-122
,共5页
认证%Kerberos%跨云际
認證%Kerberos%跨雲際
인증%Kerberos%과운제
authentication%Kerberos%across clouds
随着云计算的蓬勃发展,越来越多的企业和个人将他们的存储和计算需求付诸于云端,但由于安全问题得不到有效解决限制了企业跨云际数据访问的应用和发展。提出了一种基于 Kerberos 的混合云服务中跨云际认证的机制,在这种机制中,云终端采取基于身份认证的方式直接和私有云进行认证,凭借企业私有云发放的票据访问企业存放在公有云中的数据。该机制具有不需要管理和发放证书、密钥管理简单、易于存取控制等优点;模拟实现了这种认证系统,为跨云际访问数据的身份认证和访问控制奠定了安全基础。
隨著雲計算的蓬勃髮展,越來越多的企業和箇人將他們的存儲和計算需求付諸于雲耑,但由于安全問題得不到有效解決限製瞭企業跨雲際數據訪問的應用和髮展。提齣瞭一種基于 Kerberos 的混閤雲服務中跨雲際認證的機製,在這種機製中,雲終耑採取基于身份認證的方式直接和私有雲進行認證,憑藉企業私有雲髮放的票據訪問企業存放在公有雲中的數據。該機製具有不需要管理和髮放證書、密鑰管理簡單、易于存取控製等優點;模擬實現瞭這種認證繫統,為跨雲際訪問數據的身份認證和訪問控製奠定瞭安全基礎。
수착운계산적봉발발전,월래월다적기업화개인장타문적존저화계산수구부제우운단,단유우안전문제득불도유효해결한제료기업과운제수거방문적응용화발전。제출료일충기우 Kerberos 적혼합운복무중과운제인증적궤제,재저충궤제중,운종단채취기우신빈인증적방식직접화사유운진행인증,빙차기업사유운발방적표거방문기업존방재공유운중적수거。해궤제구유불수요관리화발방증서、밀약관리간단、역우존취공제등우점;모의실현료저충인증계통,위과운제방문수거적신빈인증화방문공제전정료안전기출。
With the rapid development of cloud computing, more and more businesses and individuals put there storage and computing needs into clouds. But as people have no more effective solutions for the security problems, the use and development are limited when getting data across the clouds. In this paper, we present a Kerberos-based authentication mechanism of crossing the clouds in hybrid cloud services. In this mechanism the Cloudterminal get to the certification with the Private-clouds directly. Issued by the tickets of enterprise Private-clouds Cloudterminal can get the access to the data in the Public clouds in a way based on authentication. In this mechanism there’s no need to manage and issue certificates and the key management is simple and easy to control. This paper achieved this certification system, laid the foundation for secure authentication and access controlling when getting data across clouds.
