基于动态信任评估的政务数据云服务平台设计

doi:10.3969/j.issn.1000-1565.2018.04.014

河北大学学报(自然科学版) ›› 2018, Vol. 38 ›› Issue (4): 432-436.DOI: 10.3969/j.issn.1000-1565.2018.04.014

基于动态信任评估的政务数据云服务平台设计

张彬¹,李继民²,张寿华²,陈学海³

收稿日期:2017-10-11 出版日期:2018-07-25 发布日期:2018-07-25
通讯作者: 张寿华(1980—),男,河北广宗人,河北大学副教授,主要从事计算机系统方向研究.E-mail: zhangshouhua@hbu.edu.cn
作者简介:张彬(1980—),男,河北涿州人,河北大学高级实验师,主要从事网络安全方向研究. E-mail: zb@hbu.edu.cn
基金资助:
教育部“云数融合科教创新”基金资助项目(2017A20004);国家科技支撑计划项目(2013BAK07B04)

A cloud service platform design based on dynamic trust evaluation

ZHANG Bin¹, LI Jimin², ZHANG Shouhua²,CHEN Xuehai³

1. Information Technology Center, Hebei University, Baoding 071002, China; 2. School of Cyber Seurity and Computer, Hebei University, Baoding 071002, China; 3.The Technical Department, Baoding Peoples Broadcasting Station, Baoding 071000, China

Received:2017-10-11 Online:2018-07-25 Published:2018-07-25

摘要/Abstract

摘要： 基于动态信任评估的政务数据云服务平台通过统一的云服务接口和数据标准能够有效促进政府各部门之间的互连互通、业务协同,避免产生信息孤岛,同时有利于推动政府大数据开发与再利用.平台采用层次化的系统结构,在云服务安全管理中将宿主机的可信状态、虚拟机的可信度、云服务的安全级别、云用户的行为记录纳入动态可信评估范畴,对外提供政务云数据中心服务和政务云业务应用.在安全管理中将TCM可信服务引入到传统云服务中进行云服务可信化管理,把信任关系从可信根传递到云主机及政务数据云服务;采用ANP行为矩阵对云用户行为证据进行信任值度量,建立云用户行为动态信任评估安全机制,为政务数据提供安全可信的云服务.

关键词: 可信计算, 云服务, 动态评估, 云安全

Abstract: The government data cloud service platform is based on dynamic trust assessment.It can effectively promote inter connection and business collaboration between various departments of the government.It avoid the generation of information island through a unified cloud service interface and data standard. It helps to promote the development and reuse of the governments large data. The category of dynamic trusted evaluation include the trusted state of the host in the cloud service security management, the credibility of the virtual machine, the security level of the cloud service, and the behavior records of the cloud users. The government cloud data center and the application of government cloud business are provided to the outside world. In the security management, TCM trusted service is built into the traditional cloud service to manage cloud services. Trust relationship is transferred from trusted root to cloud host and government data cloud service. The trust value of cloud user behavior evidence is measured by ANP behavior matrix, and cloud user is established as a security mechanism for dynamic trust evaluation, and a secure and credible cloud service is provided for government data.

Key words: trusted computing, cloud service, dynamic evaluation, cloud security

中图分类号:

TP311

张彬,李继民,张寿华,陈学海. 基于动态信任评估的政务数据云服务平台设计[J]. 河北大学学报(自然科学版), 2018, 38(4): 432-436.

ZHANG Bin, LI Jimin, ZHANG Shouhua,CHEN Xuehai. A cloud service platform design based on dynamic trust evaluation[J]. Journal of Hebei University (Natural Science Edition), 2018, 38(4): 432-436.

参考文献

[1] 章谦骅,章坚武.基于云安全技术的智慧政务云解决方案[J].电信科学,2017,33(3):107-111.DOI: 10.11959/j.issn.1000-0801.2017063. ZHANG Q H, ZHANG J W. System structure of trusted cloud service platform for government data.[J].Telecommunications Science,2017,33(3):107-111.DOI: 10.11959/j.issn.1000-0801.2017063.
[2] SHIN D H. User centric cloud service model in public sectors:policy implications of cloud services[J]. Government Information Quarterly, 2014, 30(2): 194-203.DOI:10.1016/j.giq.2012.06.012.
[3] MARSTON S, LI Z,BANDYOPADHYAY S. Cloud computing-the business perspective[J]. Decision Support Systems, 2011, 51(1):176-189.DOI:10.1109/HICSS.2011.102.
[4] DISHA M, PAREKH H. An analysis of security challenges in cloud computing[J]. International Journal of Advanced Computer Sciences and Applications, 2013, 4(1): 39-46. DOI:10.14569/IJACSA.2013.040106.
[5] TAMARA A, YOUSEF K. Cloud computing of e-government[J]. Communications and Network, 2016,01(8):1-8.DOI: 10.4236/cn.2016.81001
[6] 翟翔, 贺也平. 基于可信计算的使用控制实施方案[J]. 计算机科学与探索, 2015,9(8):954-962. DOI: 10.3778/j.issn.1673-9418.1409077. ZHAI X,HE Y P. Approach of usage control enforcement based on trusted computing[J]. Journal of Frontiers of Computer Science and Technology, 2015,9(8):954-962. DOI: 10.3778/j.issn.1673-9418.1409077.
[7] GONZALES D, KAPLAN J, SALTZMAN E, et al. Cloud-trust a security assessment model for infrastructure as a service(IaaS)clouds[J]. IEEE Transactions on Cloud Computing, 2017, 5(3):523-536. DOI: 10.1109/TCC.2015.2415794.
[8] MADNI S H H, LATIFF M S A, COULIBALY Y, et al. Resource scheduling for infrastructure as a service(IaaS)in cloud computing:challenges and opportunities[J]. Journal of Network & Computer Applications, 2016, 68:173-200. DOI:10.1016/j.jnca.2016.04.016.
[9] HAO W, RUI Z S, RUI Z, et al. Application feature based elastic resource management mechanism on paaS[J]. Chinese journal of computers, 2016(2):223-236. DOI:10.11879/SP.J.1016.2016.00223.
[10] 成茂才, 徐开勇. 基于可信计算平台的审计日志安全存储系统[J]. 计算机科学, 2016,43(6):146-151. DOI:10.11896.j.issn.1002-137X.2016.6.030. CHENG M C, XU K Y. Audit log secure storage system based on trusted computing platform[J]. Computer Science,2016,43(6):146-151. DOI:10.11896.j.issn.1002-137X.2016.6.030.
[11] 刘振鹏, 蕳志贤, 胡倩茹,等. 改进的基于身份的数据完整性验证方案[J]. 河北大学学报(自然科学版), 2017, 37(1):86-91. DOI:1000-1565(2017)01-0086-06. LIU Z P, MAN Z X, HU Q R, et al. Improved identity-based data integrity verification scheme[J]. Journal of Hebei University(Natural Science Edition), 2017, 37(1):86-91. DOI:1000-1565(2017)01-0086-06.
[12] 程思嘉, 张昌宏, 潘帅卿. 基于CP-ABE算法的云存储数据访问控制方案设计[J]. 信息网络安全, 2016(2):1-6. DOI:10.3969/j.issn.1671-1122.2016.02.001. CHENG S J,ZHANG C H,PAN S Q.Design on data access control scheme for cloud storage based on CP-ABE Algorithm[J].Netinfo Security,2016(2):1-6.DOI:10.3969/j.issn.1671-1122.2016.02.001.
[13] 王佳慧, 刘川意, 王国峰,等. 基于可验证计算的可信云计算研究[J]. 计算机学报, 2016, 39(2):286-304. DOI:10.11897/SP.J.1016.2016.00286. WANG J H, LIU C Y, WANG G F, et al. Review of trusted cloud computing based on proof-based verifiable computation[J]. Chinese Journal of Computers, 2016, 39(2):286-304. DOI:10.11897/SP.J.1016.2016.00286.
[14] 田俊峰, 曹迅. 基于多部图的云用户行为认定模型[J]. 计算机研究与发展, 2014,51(10): 2308-2317. DOI:10.7544/issn1000-1239.2014.20130619. TIAN J F, CAO X. A cloud user behavior authentication model based on Multi-Partite graphs[J]. Journal of Computer Research and Development, 2014,51(10): 2308-2317. DOI:10.7544/issn1000-1239.2014.20130619.

基于动态信任评估的政务数据云服务平台设计

A cloud service platform design based on dynamic trust evaluation

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 1

编辑推荐

Metrics

本文评价