����Ŀ¼

01 October 2016, Volume 2 Issue 10

Previous Issue    Next Issue

Perspective

Research on continuous monitoring of cloud computing service

Xing-shu CHEN,Long GE,Yong-gang LUO,Xiang LI

2016, 2(10):  1-7.  doi:10.11959/j.issn.2096-109x.2016.00105

Asbtract ( 168 )   HTML ( 9)   PDF (937KB) ( 111 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The complexity and dynamism of cloud computing environment hardly lead to timely awareness of cloud computing service’s operating state and assessment of cloud computing service risk.In order to ensure that the security of cloud service abidingly conforms to relevant national standard,continuous monitoring of cloud computing service was researched,and the role of cloud service provider was defined,customer,and continuous monitoring,described their supervising responsibility,and assessed index system and interface specification,thus guaranteeing stable and secure employment of cloud computing service by government department and key industries.

Comprehensive Reviews

Research on the searchable encryption

Peng XU,Hai JIN

2016, 2(10):  8-16.  doi:10.11959/j.issn.2096-109x.2016.00101

Asbtract ( 221 )   HTML ( 17)   PDF (464KB) ( 200 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Searchable encryption has been recognized as a promising method to achieve the secure cloud search.According to the types of encryption keys,searchable encryption can be divided into searchable public-key and symmetric-key encryptions.The existing and well-known schemes of those two kinds of encryptions,their limitations,and the corresponding solutions were introduced.Specifically,two works under the condition of high security were introduced:one was to reduce the search complexity of searchable public-key encryption; the other one was to achieve the physical deletion of searchable symmetric-key ciphertexts.

Virtualization security:the good,the bad and the ugly

Yu-tao LIU,Hai-bo CHEN

2016, 2(10):  17-28.  doi:10.11959/j.issn.2096-109x.2016.00091

Asbtract ( 346 )   HTML ( 22)   PDF (679KB) ( 419 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The virtualization security has increasingly drawn widespread attention with the spread of cloud computing in recent years.Thanks to another level of indirection,virtualization can provide stronger isolation mechanisms,as well as bottom-up security services for upper-level software.On the other side,the extra indirection brings complexity and overhead as well,which poses huge challenges.A series of recent representative work done by the institute of parallel and distributed system shanghai jiaotong university,including providing security services of trusted execution environment,virtual machine monitoring,intra-domain isolation,as well as optimizing trusted computing base and cross-world calls in the virtualization environment.Finally the problems and directions in the space of virtualization security were summarized.

Papers

Research on cyberspace security situation awareness

Gan-sen ZHAO,Jie-chao WU,Zi-hao CHEN,Xue-qi REN,Hao-xiang TAN,Zhao-hui MA

2016, 2(10):  29-35.  doi:10.11959/j.issn.2096-109x.2016.00090

Asbtract ( 219 )   HTML ( 15)   PDF (1400KB) ( 376 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Cyberspace is the fifth sovereignty space after the sea,land,sky and space.The security of cyberspace is closely relative to national security.How to discover threat in time,how to defense network attack,how to trace attackers were the problems to be selved.Facing the polyphyletic,isomeric,disconnected properties in the cyberspace,bases on a credible IaaS,a cyberspace security situation awareness was constructed by ontology,semantic Web and linked data theory.While guarantee the access security of integrating data,the model could make a comprehensive analysis on the properties in the cyberspace,which contributes to cyberspace governance.

Cloud Trustworthiness Evaluation as a cloud service:architecture,key technologies and implementations

Chuan-yi LIU,He-zhong PAN,Lu-lu LIANG,Guo-feng WANG,Bin-xing FANG

2016, 2(10):  36-47.  doi:10.11959/j.issn.2096-109x.2016.00102

Asbtract ( 161 )   HTML ( 20)   PDF (1131KB) ( 438 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

A ＂big clouds audited by a small cloud＂ scheme was proposed,by introducing an independent trusted third party (TTP) dealing with run-time data collection,verification,audit and evaluation remotely,in a continuous and data-driven model,compared with traditionally certification based audit.The TTP mainly adopts data flow visualization,data monitoring and encryption to protect the rights of users.It provides the basis for users to choose a trusted cloud platform and for cloud platform to prove own trusted credentials.In-depth study,the following key technologies were broken through:1) the introduction of an independent trusted third party as an intermediate layer between cloud platform and users as well as administrators; 2) continuous,real-time remote data collection and data analysis; 3) strong non-intrusive evidence gathering.

Research on consistency protection mechanism for secure states of virtual domain in cloud environment

Wei-qi DAI,De-qing ZOU,Hai JIN,Yan XIA

2016, 2(10):  48-57.  doi:10.11959/j.issn.2096-109x.2016.00103

Asbtract ( 156 )   HTML ( 3)   PDF (1014KB) ( 395 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The traditional trusted computing architecture was suffering from the cloud uncertainty and dynamics caused by VM rollback or migration,which was a fatal threat to the cloud security.following investigations were conducted.Secure cloud virtual domain basic architecture; Time state consistence and collection mechanism.Cyber state consistence and collection mechanism.This study guaranteed security state consistence of virtual domain and improved the security and efficiency of the online service platform for both government institutions and companies.