基于混合云的企业信息平台架构研究

本文基于混合云,探索企业信息平台的架构问题。由于私有云的处理能力有限,在遇到季节性的峰值需求时难以应对;此时,公有云是一种很好的选择,其处理能力远远超出私有云,由于其规模效应,短期而言,成本也低于私有云。然而,将敏感的数据存放到公有云上存在一定的安全隐患,而且,将应用系统部署到公有云上,跨云的负载均衡也存在一定的技术复杂度。本文结合私有云与公有云的优势,给出一种企业信息平台的参考架构,并进行应用系统的负载均衡、数据的安全和混合云互操作性的探讨。     

Addressing cloud computing security issues

The recent emergence of cloud computing has drastically altered everyone’s perception of infrastructure architectures, software delivery and development models. Projecting as an evolutionary step, following the transition from mainframe computers to client/server deployment models, cloud computing encompasses elements from grid computing, utility computing and autonomic computing, into an innovative deployment architecture. This rapid transition towards the clouds, has fuelled concerns on a critical issue for the success of information systems, communication and information security. From a security perspective, a number of unchartered risks and challenges have been introduced from this relocation to the clouds, deteriorating much of the effectiveness of traditional protection mechanisms. As a result the aim of this paper is twofold; firstly to evaluate cloud security by identifying unique security requirements and secondly to attempt to present a viable solution that eliminates these potential threats. This paper proposes introducing a Trusted Third Party, tasked with assuring specific security characteristics within a cloud environment. The proposed solution calls upon cryptography, specifically Public Key Infrastructure operating in concert with SSO and LDAP, to ensure the authentication, integrity and confidentiality of involved data and communications. The solution, presents a horizontal level of service, available to all implicated entities, that realizes a security mesh, within which essential trust is maintained.     

解读云立方体模型

作为一种新兴的技术,云计算的出现给IT界带来了很大的变革。但和所有新技术一样,云计算也将带来新的风险。面对云计算的各种风险,业务该怎样搬进什么样的云里,是所要面临的亟待解决的问题,也是文中研究的重点。首先分析了云计算带来的风险,给出了风险各要素之间的关系;接着,介绍了云立方体模型,对云立方体模型各个维度进行了详细的解读,在此基础上,介绍了COA技术;最后,结合电力系统,对电力云进行了思考,对未来的工作给出了建议。     

Decentralized certification scheme for secure admission in on-the-fly peer-to-peer systems

Several alternative schemes have been presented in the literature to try to solve the users’ admission problem in P2P systems when it is not possible to include a logically centralized authority (either online or offline) in the system. However, most of them are not suitable for on-the-fly P2P systems and the most typical ones (IP based, shared secret and threshold cryptography) have several security and performance drawbacks. From the deficiencies of the existing schemes, in this paper we present a new decentralized certification scheme for on-the-fly P2P systems which is based on the recently published Internet Attribute Certificate Profile for Authorization. Our proposal greatly improves the security and flexibility of IP based and shared secret schemes with no infrastructure cost and with a minimal performance charge. Also, it achieves a similar level of security than threshold cryptography while highly reducing its computational and communicational cost. All these facts position our certification proposal as a users’ admission alternative for on-the-fly P2P systems in non very hostile environments where performance and security are key factors.     

Protecting Data Mobility in Cloud Networks Using Metadata Security

At present, health care applications, government services, and banking applications use big data with cloud storage to process and implement data. Data mobility in cloud environments uses protection protocols and algorithms to secure sensitive user data. Sometimes, data may have highly sensitive information, leading users to consider using big data and cloud processing regardless of whether they are secured are not. Threats to sensitive data in cloud systems produce high risks, and existing security methods do not provide enough security to sensitive user data in cloud and big data environments. At present, several security solutions support cloud systems. Some of them include Hadoop Distributed File System (HDFS) baseline Kerberos security, socket layer-based HDFS security, and hybrid security systems, which have time complexity in providing security interactions. Thus, mobile data security algorithms are necessary in cloud environments to avoid time risks in providing security. In our study, we propose a data mobility and security (DMoS) algorithm to provide security of data mobility in cloud environments. By analyzing metadata, data are classified as secured and open data based on their importance. Secured data are sensitive user data, whereas open data are open to the public. On the basis of data classification, secured data are applied to the DMoS algorithm to achieve high security in HDFS. The proposed approach is compared with the time complexity of three existing algorithms, and results are evaluated.     

Automated ground-based cloud recognition

Recognition of naturally occurring objects is a challenging task. In particular, the recognition of clouds is particularly challenging as the texture of such objects is extremely variable under different atmospheric conditions. There are several benefits of a practical system that can detect and recognise clouds in natural images especially for applications such as air traffic control. In this paper, we test well-known texture feature extraction approaches for automatically training a classifier system to recognise cumulus, towering cumulus, cumulo-nimbus clouds, sky and other clouds. For cloud recognition, we use a total of five different feature extraction methods, namely autocorrelation, co-occurrence matrices, edge frequency, Law’s features and primitive length. We use the k-nearest neighbour and neural network classifiers for identifying cloud types in test images. This exhaustive testing gives us a better understanding of the strengths and limitations of different feature extraction methods and classification techniques on the given problem. In particular, we find that no single feature extraction method is best suited for recognising all classes. Each method has its own merits. We discuss these merits individually and suggest further improvements in this difficult area.     

A machine learning based intrusion detection scheme for data fusion in mobile clouds involving heterogeneous client networks

The combination of traditional cloud computing and mobile computing leads to the novel paradigm of mobile cloud computing. Due to the mobility of network nodes in mobile cloud computing, security has been a challenging problem of paramount importance. When a mobile cloud involves heterogeneous client networks, such as Wireless Sensor Networks and Vehicular Networks, the security problem becomes more challenging because the client networks often have different security requirements in terms of computational complexity, power consumption, and security levels. To securely collect and fuse the data from heterogeneous client networks in complex systems of this kind, novel security schemes need to be devised. Intrusion detection is one of the key security functions in mobile clouds involving heterogeneous client networks. A variety of different rule-based intrusion detection methods could be employed in this type of systems. However, the existing intrusion detection schemes lead to high computation complexity or require frequent rule updates, which seriously harms their effectiveness. In this paper, we propose a machine learning based intrusion detection scheme for mobile clouds involving heterogeneous client networks. The proposed scheme does not require rule updates and its complexity can be customized to suit the requirements of the client networks. Technically, the proposed scheme includes two steps: multi-layer traffic screening and decision-based Virtual Machine (VM) selection. Our experimental results indicate that the proposed scheme is highly effective in terms of intrusion detection.     

基于PKI技术的电子认证云平台研究

本文通过分析电子政务云建设中面临的安全威胁,提出了基于PKI技术的电子认证云平台,可以实现与电子政务云的有效整合,保障电子政务云的信息安全。     

A novel approach to manage cloud security SLA incidents

Cloud computing is increasingly playing an important role in the service provisioning domain given the economic and technological benefits it offers. The popularity of cloud services is increasing but so are their customers’ concerns about security assurance and transparency of the Cloud Service Providers (CSPs). This is especially relevant in the case of critical services that are progressively moving to the cloud. Examples include the integrated European air traffic control system or public administrations through the governmental clouds. Recent efforts aim to specify security in cloud by using security service level agreements (secSLAs). However, the paucity of approaches to actually control the fulfillment of secSLAs and to react in case of security breaches, often results in distrust in cloud services. In this paper, we present a solution to monitor and enforce the fulfillment of secSLAs. Our framework is able to (a) detect occurrences that lead to unfulfillment of commitments, and (b) also provide mitigation to the harmful events that may or do compromise the validity of secSLAs.     

Towards the design of secure and privacy-oriented information systems in the cloud: Identifying the major concepts

One of the major research challenges for the successful deployment of cloud services is a clear understanding of security and privacy issues on a cloud environment, since cloud architecture has dissimilarities compared to traditional distributed systems. Such differences might introduce new threats and require a different treatment of security and privacy issues. It is therefore important to understand security and privacy within the context of cloud computing and identify relevant security and privacy properties and threats that will support techniques and methodologies aimed to analyze and design secure cloud based systems.     

Malicious origami in PDF

People have now come to understand the risks associated with MS Office documents: whether those risks are caused by macros or associated breaches. PDF documents on the contrary seem to be much more secure and reliable. This false sense of security mainly comes from the fact that these documents appear to be static. The widespread use of Acrobat Reader is most likely also accountable for this phenomenon to the detriment of software that modifies PDFs. As a consequence, PDF documents are perceived as images rather than active documents. And as everyone knows, images are not dangerous, so PDFs aren’t either. In this article we present the PDF language and its security model, and then the market leader of PDF software, Acrobat Reader. Finally, we will show how this format can be used for malicious purposes.     

Strategic roles of IT modernization and cloud migration in reducing cybersecurity risks of organizations: The case of U.S. federal government

Many organizations run their core business operations on decades-old legacy IT systems. Some security professionals argue that legacy IT systems significantly increase security risks because they are not designed to address contemporary cybersecurity risks. Others counter that the legacy systems might be “secure by antiquity” and argue that due to lack of adequate documentation on the systems, it is very difficult for potential attackers to discover and exploit security vulnerabilities. There is a shortage of empirical evidence on either argument. Routine activity theory (RAT) argues that an organization’s guardianship is critical for reducing security incidents. However, RAT does not well explain how organizations might guard against security risks of legacy IT systems. We theorize that organizations can enhance their guardianship by either modernizing their legacy IT systems in-house or by outsourcing them to cloud vendors. With datasets from the U.S. federal agencies, we find that agencies that have more legacy IT systems experience more frequent security incidents than others with more modern IT systems. A 1%-point increase in the proportion of IT budgets spent on IT modernization is associated with a 5.6% decrease in the number of security incidents. Furthermore, migration of the legacy systems to the cloud is negatively associated with the number of security incidents. The findings advance the literature on strategic information systems by extending RAT to explain why the “security by antiquity” argument is not valid and how organizations can reduce the security risks of legacy IT systems through modernization and migration to the cloud.     

Scheduling in distributed systems: A cloud computing perspective

Scheduling is essentially a decision-making process that enables resource sharing among a number of activities by determining their execution order on the set of available resources. The emergence of distributed systems brought new challenges on scheduling in computer systems, including clusters, grids, and more recently clouds. On the other hand, the plethora of research makes it hard for both newcomers researchers to understand the relationship among different scheduling problems and strategies proposed in the literature, which hampers the identification of new and relevant research avenues. In this paper we introduce a classification of the scheduling problem in distributed systems by presenting a taxonomy that incorporates recent developments, especially those in cloud computing. We review the scheduling literature to corroborate the taxonomy and analyze the interest in different branches of the proposed taxonomy. Finally, we identify relevant future directions in scheduling for distributed systems.     

Security analysis of two recently proposed RFID authentication protocols

Radio frequency identification (RFID) systems suffer many security risks because they use an insecure wireless communication channel between tag and reader. In this paper, we analyze two recently proposed RFID authentication protocols. Both protocols are vulnerable to tag information leakage and untraceability attacks. For the attack on the first protocol, the adversary only needs to eavesdrop on the messages between reader and tag, and then perform an XOR operation. To attack the second protocol successfully, the adversary may execute a series of carefully designed challenges to determine the tag’s identification.     

Optimizing the execution of XSLT stylesheets for querying transformed XML data

We have to deal with different data formats whenever data formats evolve or data must be integrated from heterogeneous systems. These data when implemented in XML for data exchange cannot be shared freely among applications without data transformation. A common approach to solve this problem is to convert the entire XML data from their source format to the applications’ target formats using the transformations rules specified in XSLT stylesheets. However, in many cases, not all XML data are required to be transformed except for a smaller part described by a user’s query (application). In this paper, we present an approach that optimizes the execution time of an XSLT stylesheet for answering a given XPath query by modifying the XSLT stylesheet in such a way that it would (a) capture only the parts in the XML data that are relevant to the query and (b) process only those XSLT instructions that are relevant to the query. We prove the correctness of our optimization approach, analyze its complexity and present experimental results. The experimental results show that our approach performs the best in terms of execution time, especially when many cost-intensive XSLT instructions can be excluded in the XSLT stylesheet.     

云计算环境下的信息安全问题及策略

本文介绍了云计算的概念、体系架构,分析了云计算环境下可能存在的信息安全风险和隐患,着重探讨了应对安全风险的一系列策略。     

混合云服务中的跨云际认证机制

随着云计算的蓬勃发展,越来越多的企业和个人将他们的存储和计算需求付诸于云端,但由于安全问题得不到有效解决限制了企业跨云际数据访问的应用和发展。提出了一种基于 Kerberos 的混合云服务中跨云际认证的机制,在这种机制中,云终端采取基于身份认证的方式直接和私有云进行认证,凭借企业私有云发放的票据访问企业存放在公有云中的数据。该机制具有不需要管理和发放证书、密钥管理简单、易于存取控制等优点;模拟实现了这种认证系统,为跨云际访问数据的身份认证和访问控制奠定了安全基础。     

A design for cloud-assisted Fair-Play Management System of online contests with provable security

Contest hosting faces more fairness challenges and security risks from real to virtual. Malicious competitors are easier to perform false starts without preventing unfairness. Eavesdroppers have higher possibility to obtain any contest file without the intended right. The leakage of competitors’ identities is with higher probability. However online contest is popular for the convenience. It performs with diverse forms such as auctions, games and exams.With incremental requirements on fair-play, we build a new security model and propose the generally designed framework of Fair-Play Management System (FPMS) over clouds. Involving “cloud” as public storage will release much burden of real-time transmissions in networks, though it may double the security risks from outside. Moreover it is harder to guarantee to all competitors the synchronical start of a contest under inside attacks such as false starts. Facing challenges on confidentiality, anonymity and fairness simultaneously, we find that public-key encryption is more effective than symmetric-key encryption to support multiple data owners in a cloud. By leveraging a Randomness-reused Identity-Based Encryption (RIBE) scheme, FPMS can resist all mentioned attacks within a cloud-assisted environment, and support security towards multiple data owners that respectively host multiple contests. As a complement, the analysis on the provable security of FPMS is given finally, as well as a further analysis on the fair-play performance. Though transmission delay is hardly avoided under provable security requirements, the FPMP performs quasi synchronical with ignorable delay differences to deliver the start order.     

A Truthful Mechanism for Value-Based Scheduling in Cloud Computing

We introduce a novel pricing and resource allocation approach for batch jobs on cloud systems. In our economic model, users submit jobs with a value function that specifies willingness to pay as a function of job due dates. The cloud provider in response allocates a subset of these jobs, taking into advantage the flexibility of allocating resources to jobs in the cloud environment. Focusing on social-welfare as the system objective (especially relevant for private or in-house clouds), we construct a resource allocation algorithm which provides a small approximation factor that approaches 2 as the number of servers increases. An appealing property of our scheme is that jobs are allocated non-preemptively, i.e., jobs run in one shot without interruption. This property has practical significance, as it avoids significant network and storage resources for checkpointing. Based on this algorithm, we then design an efficient truthful-in-expectation mechanism, which significantly improves the running complexity of black-box reduction mechanisms that can be applied to the problem, thereby facilitating its implementation in real systems.