云环境中数据安全及访问控制模型研究

发布时间：2018-05-14 02:18

本文选题：云计算 + 基于角色的访问控制模型　；参考：《华东理工大学》2014年硕士论文

【摘要】：随着时代的不断进步以及计算机科学技术的飞速发展,信息全球化的进程不断加快,云计算在人们的日常生活中得到了越来越多的应用。用户既不用了解“云”的具体细节,也不需要拥有相应的专业知识,便可以享有云计算提供的服务和便利。然而,云计算技术在现阶段存在着许多的风险问题,比如说特权用户的接入问题,是否可审查性,数据的地理和逻辑位置,数据的隔离和恢复,是否支持调查以及数据的长期生存性等。随着云计算的不断推广和应用,它的安全问题不断暴露出来,现如今,云计算的安全问题已成为制约其发展的首要原因,数据安全和隐私保护是云计算技术发展不能逃避的核心问题。有关云计算安全性问题的研究主要集中在身份认证,访问控制模型,虚拟安全技术,数据加密和隐私保护等方面。本文的主要工作和研究成果包括： (1)对当前几种传统的访问控制模型进行比较,总结和分析国内外对于云环境下数据保护和访问控制模型的研究成果,得出基于角色的访问控制(RBAC)模型比较适合云环境的虚拟化和可伸缩性的特点。 (2)在云环境下,对RBAC进行改进,引入网络环境和时态等约束条件对访问控制策略进行进一步限制,提出一种新的云环境下的访问控制(NT-RBAC)模型,在存储数据的时候,针对用户的敏感数据将利用加密算法进行加密之后存储,以便能适应云计算的特点,改进的NT-RBAC模型比之于普通的RBAC模型使权限的控制更加细粒度,进一步增强了云环境下数据和资源的安全性。 (3)利用Google提供的GAE云平台,将NT-RBAC模型应用于具体实例之中,通过对资源实行访问控制来保证资源的安全性。
[Abstract]:With the continuous progress of the times and the rapid development of computer science and technology, the process of information globalization continues to accelerate, cloud computing in people's daily life has been more and more applications. Users can enjoy the services and facilities provided by cloud computing without knowing the details of the cloud or having the corresponding expertise. However, cloud computing technology has many risks at this stage, such as access of privileged users, censability, geographical and logical location of data, isolation and recovery of data. Whether to support the survey and the long-term viability of the data. With the continuous promotion and application of cloud computing, its security problems have been exposed constantly. Nowadays, the security problems of cloud computing have become the primary reason restricting its development. Data security and privacy protection are the core problems of cloud computing technology development. The research on cloud computing security mainly focuses on identity authentication, access control model, virtual security technology, data encryption and privacy protection. The main work and research results of this paper include: 1) comparing several traditional access control models, summarizing and analyzing the research results of data protection and access control models in cloud environment at home and abroad. The role-based access control (RBAC) model is suitable for cloud virtualization and scalability. 2) in the cloud environment, the RBAC is improved, and the network environment and temporal constraints are introduced to further restrict the access control policy. A new access control NT-RBAC model is proposed to store data in the cloud environment. Sensitive data for users will be encrypted and stored in order to adapt to the characteristics of cloud computing. The improved NT-RBAC model makes the control of permissions finer granularity than that of the ordinary RBAC model. Further enhance the security of data and resources in the cloud environment. Using the GAE cloud platform provided by Google, the NT-RBAC model is applied to the concrete example, and the security of the resource is ensured by the access control of the resource.
【学位授予单位】：华东理工大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】