电信科学 ›› 2020, Vol. 36 ›› Issue (7): 163-167.doi: 10.11959/j.issn.1000-0801.2020185

• 运营技术广角 • 上一篇    下一篇

一种可量化的云计算平台安全评估模型

许剑,靳莉   

  1. 北京中电飞华通信有限公司,北京 100029
  • 修回日期:2020-06-27 出版日期:2020-07-20 发布日期:2020-07-28
  • 作者简介:许剑(1983- ),男,北京中电飞华通信有限公司分公司总经理、高级工程师,主要研究方向为系统信息化安全、电力需求侧管理等|靳莉(1981- ),女,现就职于北京中电飞华通信有限公司,主要研究方向为智能用电、智慧小区等

A quantifiable cloud computing platform security evaluation model

Jian XU,Li JIN   

  1. Beijing Fibrlink Corporation Company,Beijing 100029,China
  • Revised:2020-06-27 Online:2020-07-20 Published:2020-07-28

摘要:

提出一种基于一致的API访问不同云的可量化安全评估模型。评估系统包括安全扫描引擎模块、安全恢复引擎模块、安全量化评估模块、可视化显示模块等。介绍了安全评估过程及修复过程,并基于G-Cloud平台进行了仿真验证。结果显示,所提模型可以通过可视化图形显示一个或多个云的动态安全扫描评分,能够引导用电用户修改配置、改进操作、修复漏洞,提高云用电资源的安全性。

关键词: 云计算, 可视化, 可量化评估, 安全可视

Abstract:

A quantifiable security assessment model for accessing different clouds based on a consistent API was proposed.The evaluation system includes a security scan engine module,a security recovery engine module,a security quantitative evaluation module,and a visual display module.The progress of safety assessment and remediation was proposed,and simulation verification was carried out based on the G-Cloud platform.The results show that the proposed model can display the dynamic security scan scores of one or more clouds through visual graphics,which can guide electricity users to modify configurations,improve operations,repair vulnerabilities,and improve the security of cloud electricity resources.

Key words: cloud computing, visualization, quantifiable evaluation, security visualization

中图分类号: 

No Suggested Reading articles found!