面向IaaS架构安全的行为基访问控制技术研究

发布时间：2018-05-07 02:17

  本文选题：云计算 + 云安全　； 参考：《北京科技大学》2017年博士论文

【摘要】：云计算是一种基于因特网的新一代计算模型,不仅可提供海量计算和数据资源访问,也是一种可根据用户需求配置的按需访问模型。然而,云计算的开放性和动态可配置性也使得云计算安全问题日趋严重,已成为威胁云计算环境并影响其广泛应用的重要挑战。为了解决这一问题,访问控制技术已经被引入到云计算中,但是现有访问控制系统对于云计算所特有的由租户主导的动态资源按需分配、大用户行为分析和授权管理等方面仍然具有较大不足,因此,构造一种满足云计算平台安全需求的访问控制模型在理论研究和应用实践中都还有待于进一步深化和完善。近年来,属性基访问控制(ABAC)已经引起了学者们相当大的兴趣,这源于它能够利用相关实体(如主体、客体、环境、操作等)的属性作为授权的基础,将数据拥有者的访问许可通过访问策略方式授权给系统,且访问策略依赖于属性之间的相互信任关系。目前,ABAC被认为是新一代访问控制系统的基石,也被认为是解决云计算安全问题的理想技术之一。本篇论文的目标是通过引进一些用户行为的概念改善现有的ABAC,使之满足大用户群下根据客户端行为可信性度量对系统资源按需配置的安全需求。针对上述现实需求,本文致力于研究在云计算环境中基于客户动态行为进行可信授权的问题,并根据对现有访问控制模型的分析和与云计算访问控制模型相关的比较,提出了三种新的适用于云计算环境的访问控制方案。我们所提出的访问控制方案具有如下性质:Ⅰ.提出一个基于属性规则的访问控制(AR-ABAC)方案,通过引入一个新的概念,称为属性规则(AR),定义了一个关于应该使用哪种属性和应该考虑多少属性来进行访问判定的协议;并且,给出了这些属性规则的验证机制.可以足够灵活地在云访问控制模型中执行特权的分配和解除。上述机制可确保在潜在非信任租户中的安全资源共享,并且支持在相同会话中同一用户的不同的访问许可。实验结果表明,AR-ABAC适用于云架构IaaS,并且根据被考虑的属性以及并发请求的数目,AR-ABAC中策略引擎通信中令牌生成的平均时间是小的和可接受的。Ⅱ.提出一个多因素信任基访问控制(TB-AC)方案,在该方案中为了实现这样的动态用户行为的授权,基于三种不同的因素:属性、观察和推荐,以及它们之间的语义关系,引入了一种新的"信任关系"定义。并以此为基础,通过在一个特定的时间内将恶意用户列入共享黑名单,提出了一种奖励/惩罚用户的新型激励机制。上述机制能有效处理动态用户的行为,因为它的授权判定基于用户的信任层次。实验结果表明,所提TB-AC方案能在合理的和可接受的运行时间内有效的评估不同场景中不同用户行为的访问请求,并且该方案被证明是可用的和可扩展的。Ⅲ.提出一个密码学的自适应多权威机构云访问控制(AC-MAC)方案,在方案中引入了基于多权威机构的"信任属性"的概念,可将不同数目用户属性的访问策略集成在密文策略属性基加密(CP-ABE)中;并在此基础上给出了一个实际的密码学构造,它允许用户多次以不同的属性集合向多权威的机构请求访问,但只有得到权威机构认可,才能进行解密和访问资源,从而使得上述机制能在信任层次上更安全、有效地抵抗恶意攻击者。本文不仅对上述构造提供了安全性证明,还进行了足够的实验,实验表明加解密的平均时间对于拥有者和用户来说都是可接受的。本文通过在私有云环境(基于OpenStack构建的IaaS平台)中对上述方案进行集成和测试,并对每个方案的性能和安全性进行了分析,将其与相同条件下现有的访问控制模型进行了对比,实验结果表明提出模型具有较好的可扩展性和安全性,展示了所提出的三种访问控制模型的优势。
[Abstract]:Cloud computing is a new generation of computing model based on the Internet, which not only provides massive computing and data access, but also an on-demand access model that can be configured according to user requirements. However, the openness and dynamic configurability of the cloud computing also make the cloud computing security increasingly serious. It has become a threat to cloud computing environment and has been affected. In order to solve this problem, access control technology has been introduced into the cloud computing, but the existing access control system is allocated to the dynamic resource dominated by the tenant, and the large user behavior analysis and authorization management are still very inadequate. The access control model for the security requirements of the foot cloud computing platform has yet to be further deepened and perfected in both theoretical and practical applications. In recent years, the attribute based access control (ABAC) has attracted considerable interest from scholars, which is derived from its ability to use the attributes of the related entities, such as the subject, object, environment, and operation, as authorization. ABAC is considered to be the cornerstone of the new generation access control system and is considered to be one of the rationale technologies for solving the problem of cloud computing security. The goal of this paper is to be introduced through introduction. The concept of some user behavior improves the existing ABAC to meet the security requirements of the system resource according to the client's behavior credibility measurement under the large user group. The analysis of the model and the comparison with the cloud computing access control model, three new access control schemes for cloud computing environment are proposed. The access control schemes we propose have the following properties: 1. An access control (AR-ABAC) scheme based on attribute rules is proposed, which is called attribute by introducing a new concept. AR, defines an agreement on which attributes should be used and how many attributes should be considered; and the verification mechanism of these property rules is given. It can be flexible enough to perform the allocation and release of privileges in the cloud access control model. The mechanism ensures the security of the potential untrusted tenants. Full resource sharing and support for different access licenses for the same user in the same session. Experimental results show that AR-ABAC is suitable for Cloud Architecture IaaS, and based on the attributes considered and the number of concurrent requests, the average time of token generation in policy engine communication in AR-ABAC is small and acceptable. The trust based access control (TB-AC) scheme, based on three different factors, attributes, observations and recommendations, and the semantic relationships between them, introduces a new "trust relationship" definition in this scheme to implement such dynamic user behavior, based on which a malicious user is included in a specific time. A new incentive mechanism for rewarding / punishing users is proposed. The above mechanism can effectively handle dynamic user behavior, because its authorization decision is based on the user's trust level. The experimental results show that the proposed TB-AC scheme can effectively evaluate different user lines in different scenarios within a reasonable and acceptable runtime. The scheme is proved to be available and extensible. Thirdly, an adaptive and multi authority mechanism of cloud access control (AC-MAC) is proposed. In the scheme, the concept of "trust attribute" based on multi authority mechanism is introduced in the scheme, and the access strategy of different number of user attributes can be integrated into the attribute base of the ciphertext policy. In encryption (CP-ABE), an actual cryptographic structure is given on this basis, which allows users to request access to multiple authoritative institutions many times with different sets of attributes, but only by authoritative institutions can they be decipher and access resources, thus making the mechanism more secure and effectively resistant to malice on the level of trust. An attacker. This article not only provides security proof for the above construction, but also carries out sufficient experiments. The experiment shows that the average time for encryption and decryption is acceptable for both the owner and the user. This paper integrates and tests the above schemes in the private cloud environment (based on the IaaS platform based on OpenStack), and for each scheme The performance and security are analyzed and compared with the existing access control models under the same conditions. The experimental results show that the proposed model has good scalability and security, and shows the advantages of the proposed three access control models.

【学位授予单位】：北京科技大学
【学位级别】：博士
【学位授予年份】：2017
【分类号】：TP309
，

本文编号：1854956