云计算环境下可信动态关系管理

发布时间：2018-07-02 12:22

本文选题：云计算 + 多要素　；参考：《北京工业大学》2014年硕士论文

【摘要】：云计算越来越来在企业和个人中广泛采用,而可靠性和安全性是云计算不可缺少部分。传统安全解决方案能解决部分云计算安全问题。但在云计算环境下,有云计算特有安全问题。云用户对云计算服务安全担忧,一直是制约云计算发展的瓶颈。因此建立云计算可信平台有实际意义。本文针对云计算的安全问题,采用可信平台计算建立可信链来保证云计算可信,同时使用可信第三方提供可信验证和评价,设计云计算服务可信系统,提供给用户可信云计算服务。首先,本文引入多要素身份认证和基于角色多租户访问控制,解决云计算下资源访问重放攻击,不安全接口及APIs等安全问题。其次,本文通过研究当前可信计算和云计算技术成果,采用了可信平台设计云计算可信机制。本文主要考虑云计算物理层,在云计算平台中不同物理扮演不同角色和承担不同功能。因此,本文主要考虑本地物理节点可信验证,不同节点之间交互验证,以到达整个云计算平台系统可信,同时提出一种用户态动态可信验证机制。最后分析云计算可信平台有效性和性能。总之,本文采用可信平台来设计云计算可信以及采用多要素动态身份认证解决云计算中信任问题和控制问题,对云计算推广有一定实际意义。
[Abstract]:Cloud computing is more and more widely used in enterprises and individuals, and reliability and security are indispensable parts of cloud computing. Traditional security solutions can solve some cloud computing security problems. However, in the cloud computing environment, there are specific security problems in cloud computing. Cloud users are worried about the security of cloud computing services, which has been a bottleneck restricting the development of cloud computing. Therefore, the establishment of cloud computing trusted platform has practical significance. Aiming at the security problem of cloud computing, this paper uses trusted platform computing to establish trusted chain to ensure cloud computing trustworthiness. At the same time, we use trusted third party to provide trusted verification and evaluation, and design cloud computing service trusted system. Provide users with trusted cloud computing services. Firstly, this paper introduces multi-element authentication and role-based multi-tenant access control to solve the security problems such as resource access replay attacks, insecure interfaces and APIs in cloud computing. Secondly, through the research of current trusted computing and cloud computing technology, the trusted platform is used to design the trusted mechanism of cloud computing. This paper mainly considers cloud computing physical layer, in cloud computing platform, different physics play different roles and assume different functions. Therefore, this paper mainly considers local physical node trusted verification, mutual verification between different nodes to achieve the whole cloud computing platform system trusted, and proposes a user-state dynamic trusted verification mechanism. Finally, the validity and performance of cloud computing trusted platform are analyzed. In a word, this paper uses trusted platform to design cloud computing trustworthiness and uses multi-element dynamic identity authentication to solve trust and control problems in cloud computing, which has some practical significance for cloud computing promotion.
【学位授予单位】：北京工业大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】