基于Eucalyptus的基础设施即服务云框架协议设计
doi: 10.3724/SP.J.1146.2011.01150
The Protocol Design of a Eucalyptus-based Infrastructure-as-a-Service (IaaS) Cloud Framework
-
摘要: 云计算中的基础设施即服务(IaaS)免去用户自主管理计算机硬件的麻烦,随时随地按需向用户提供计算和存储资源。Eucalyptus是一个被学术研究关注的开源IaaS实现,然而没有文献描述完整的利用Eucalyptus的所有模块来提供安全的基础设施服务。该文针对IaaS的安全需求,提出一个可信的IaaS框架。框架将基础设施服务提供过程细化为5个环节,并基于可信平台模块(TPM)设计相应安全协议实现这些环节。协议的设计过程严格遵守TPM的操作规范,并加入可信第三方以制约服务提供商的权力。协议的安全性均通过Scyther自动化分析工具的检测,从而保证整个框架满足IaaS的安全需求。
-
关键词:
- 云计算 /
- 基础设施即服务(IaaS) /
- Eucalyptus /
- 可信计算
Abstract: Infrastructure-as-a-Service (IaaS) frees users from the trouble of self-management of computer hardware, and provides users with anytime, anywhere on demand computing and storage resources. Eucalyptus is an open source IaaS framework implementation which is used for research. However, there is no paper describes how to use all the modules of Eucalyptus to supply security infrastructure service. In accordance with the security requirements of IaaS, a trusted IaaS framework is provided. The framework provides infrastructure service in five steps, and designs protocols which based on Trusted Platform Module (TPM) to achieve these steps. During the designing process, the use of TPM is strictly standardized and trusted third party is concerned in order to restrict the power of service operator. All the protocols pass the security examination of automatic analysis tool-Scyther, so the conclusion that the framework meets the requirements of IaaS is generalized.-
Key words:
- Cloud computing /
- Infrastructure-as-a-Service (IaaS) /
- Eucalyptus /
- Trusted computing
计量
- 文章访问数: 2825
- HTML全文浏览量: 96
- PDF下载量: 746
- 被引次数: 0