信息网络安全
信息網絡安全
신식망락안전
Netinfo Security
2015年
11期
21-26
,共6页
云计算安全%租户虚拟机%可信计算%主动可信机制
雲計算安全%租戶虛擬機%可信計算%主動可信機製
운계산안전%조호허의궤%가신계산%주동가신궤제
cloud computing security%tenanct virtual machine%trusted computing%active trusted computing mechanism
近年来随着云计算的迅速发展,其安全问题也成为当前研究的热点,但是大多数研究采用被动调用机制和较为固化的策略定义的可信计算思想,很难适应云环境复杂的信任关系和需求。文章提出一种基于主动可信计算思想的云环境虚拟机主动可信验证机制,通过主动监控机制,各组件独立运行,便于设置复杂的信任关系,也可以适应动态、分布式的云环境。该机制针对云环境中运营商和租户的信任关系,由用户和运营商的SLA协议来制定基准可信库,由可信第三方来为租户提供可信报告。与传统技术相比,该机制使租户对自身拥有的虚拟机安全可以查阅和验证,保证了云环境中虚拟机的可信。
近年來隨著雲計算的迅速髮展,其安全問題也成為噹前研究的熱點,但是大多數研究採用被動調用機製和較為固化的策略定義的可信計算思想,很難適應雲環境複雜的信任關繫和需求。文章提齣一種基于主動可信計算思想的雲環境虛擬機主動可信驗證機製,通過主動鑑控機製,各組件獨立運行,便于設置複雜的信任關繫,也可以適應動態、分佈式的雲環境。該機製針對雲環境中運營商和租戶的信任關繫,由用戶和運營商的SLA協議來製定基準可信庫,由可信第三方來為租戶提供可信報告。與傳統技術相比,該機製使租戶對自身擁有的虛擬機安全可以查閱和驗證,保證瞭雲環境中虛擬機的可信。
근년래수착운계산적신속발전,기안전문제야성위당전연구적열점,단시대다수연구채용피동조용궤제화교위고화적책략정의적가신계산사상,흔난괄응운배경복잡적신임관계화수구。문장제출일충기우주동가신계산사상적운배경허의궤주동가신험증궤제,통과주동감공궤제,각조건독립운행,편우설치복잡적신임관계,야가이괄응동태、분포식적운배경。해궤제침대운배경중운영상화조호적신임관계,유용호화운영상적SLA협의래제정기준가신고,유가신제삼방래위조호제공가신보고。여전통기술상비,해궤제사조호대자신옹유적허의궤안전가이사열화험증,보증료운배경중허의궤적가신。
Recent years,cloud computing developed rapidly,and it’s security become the current research focus.But a lot of the researches about trusted computing are passive called by applications and use fixed format policies.It’s difficult to adapt the complicated relations.This paper presents a verify mechanism for virtual machines in cloud computing environment,this mechanism based on active trusted computing thought,through the acitive monitor,all components runs independently.It can works with complicated relations and adapt to dynamic distributed system.With this mechanism,users and facilitator make conifrm the standard trusted lib through SLA protocol,third-party veriifer provide report for users.Compared with conventional way,users can look up the report to know and ensured current security status of virtual machines in cloud computing environment.
