| 一种基于容器的安全云计算平台设计 |
| |
| 作者姓名: | 孔同 王利明 徐震 欧悯洁 马多贺 |
| |
| 作者单位: | 中国科学院信息工程研究所, 北京 100093 |
| |
| 摘 要: | 平台即服务是云计算中极为重要的一种服务模式,近年来,容器技术作为一种操作系统级的虚拟化技术,逐渐融入到云计算领域中,为 PaaS 的构建提供了良好的支持。容器技术在云计算领域具有诸多优势的同时也面临着非常多的安全问题,如权限突破和信息泄露等问题时刻威胁着系统的安全性和稳定性,其重要性和紧迫性不容忽视。本文阐述了容器的概念和特点,介绍了容器面临的安全问题和国内外研究现状。为了解决公共云平台中由容器向系统进行攻击的相关安全问题,提出了一种基于容器的安全云计算平台安全,实现了租户的安全隔离和行为监控分析,并对其架构和关键技术进行了介绍。
|
| 关 键 词: | 容器 云计算 安全防护 |
| 收稿时间: | 2016-10-10 |
Design of a Container-Based Security Cloud Computing Platform |
| |
| Authors: | Kong Tong Wang Liming Xu Zhen Ou Minjie Ma Duohe |
| |
| Affiliation: | State Key Laboratory of Information Security,Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China |
| |
| Abstract: | Platform-as-a-Service is a very important service model in cloud computing. Container, as an operating system-level virtualization technology, has integrated into the field of cloud computing, which provides good support for the construction of PaaS. Container technology has many advantages while also facing a lot of security issues, such as the breakthrough of the authority and information disclosure. These problems threaten the security and stability of the system, and its importance and urgency could not be ignored. In this paper, we expound the concept and characteristics of the container, introduce the safety problems faced by the container. To solve the security problem in the public cloud platform, wepropose a container-based secure cloud computing platform. Ourgoalisto realize the security isolation and behavior monitoring of the tenant.The proposed design has the advantages of less systemresource occupancy and rapid analysis. |
| |
| Keywords: | container cloud computing security defence |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
|
