河北大学学报(自然科学版) ›› 2018, Vol. 38 ›› Issue (4): 432-436.DOI: 10.3969/j.issn.1000-1565.2018.04.014

• • 上一篇    下一篇

基于动态信任评估的政务数据云服务平台设计

张彬1,李继民2,张寿华2,陈学海3   

  • 收稿日期:2017-10-11 出版日期:2018-07-25 发布日期:2018-07-25
  • 通讯作者: 张寿华(1980—),男,河北广宗人,河北大学副教授,主要从事计算机系统方向研究.E-mail: zhangshouhua@hbu.edu.cn
  • 作者简介:张彬(1980—),男,河北涿州人,河北大学高级实验师,主要从事网络安全方向研究. E-mail: zb@hbu.edu.cn
  • 基金资助:
    教育部“云数融合科教创新”基金资助项目(2017A20004);国家科技支撑计划项目(2013BAK07B04)

A cloud service platform design based on dynamic trust evaluation

ZHANG Bin1, LI Jimin2, ZHANG Shouhua2,CHEN Xuehai3   

  1. 1. Information Technology Center, Hebei University, Baoding 071002, China; 2. School of Cyber Seurity and Computer, Hebei University, Baoding 071002, China; 3.The Technical Department, Baoding Peoples Broadcasting Station, Baoding 071000, China
  • Received:2017-10-11 Online:2018-07-25 Published:2018-07-25

摘要: 基于动态信任评估的政务数据云服务平台通过统一的云服务接口和数据标准能够有效促进政府各部门之间的互连互通、业务协同,避免产生信息孤岛,同时有利于推动政府大数据开发与再利用.平台采用层次化的系统结构,在云服务安全管理中将宿主机的可信状态、虚拟机的可信度、云服务的安全级别、云用户的行为记录纳入动态可信评估范畴,对外提供政务云数据中心服务和政务云业务应用.在安全管理中将TCM可信服务引入到传统云服务中进行云服务可信化管理,把信任关系从可信根传递到云主机及政务数据云服务;采用ANP行为矩阵对云用户行为证据进行信任值度量,建立云用户行为动态信任评估安全机制,为政务数据提供安全可信的云服务.

关键词: 可信计算, 云服务, 动态评估, 云安全

Abstract: The government data cloud service platform is based on dynamic trust assessment.It can effectively promote inter connection and business collaboration between various departments of the government.It avoid the generation of information island through a unified cloud service interface and data standard. It helps to promote the development and reuse of the governments large data. The category of dynamic trusted evaluation include the trusted state of the host in the cloud service security management, the credibility of the virtual machine, the security level of the cloud service, and the behavior records of the cloud users. The government cloud data center and the application of government cloud business are provided to the outside world. In the security management, TCM trusted service is built into the traditional cloud service to manage cloud services. Trust relationship is transferred from trusted root to cloud host and government data cloud service. The trust value of cloud user behavior evidence is measured by ANP behavior matrix, and cloud user is established as a security mechanism for dynamic trust evaluation, and a secure and credible cloud service is provided for government data.

Key words: trusted computing, cloud service, dynamic evaluation, cloud security

中图分类号: