摘要
如何使得用户信任云服务提供商及其云平台,是云计算普及的关键因素之一.针对目前云平台可信性所包含的内容与分析评价依据尚不完善的现状,且缺乏从理论层次对于云平台的部分可信属性进行分析与评估方法的问题,首先对云平台的可信性进行定义,并结合国内外相关云安全标准与可信性规范以及作者的理解,明确了云平台可信性的子属性与具体分析内容,从而明确了所提出模型的适用范围、分析目的以及依据.在此基础上,提出模型建立方法.该方法以标记变迁系统作为操作语义描述工具,从云平台内部组件交互过程出发,将平台对外提供服务过程刻画为用户与云的交互以及云平台内部实体间的交互,并利用模型分析检测工具Kronos从可用、可靠、安全等多个角度对平台内部状态变化过程进行分析.分析结果不但能够发现已知的可信性问题,还发现了一些未知的隐患,说明了模型建立方法的有效性,并为如何评价云平台的可信性,进而构建可信云提供了理论支撑.
Trust is one of the key factors that affect people's preferences in choosing cloud computing. However, the content and the evaluation basis of cloud trust are still not perfect, and there are lack of strict theoretical analysis and evaluation methods on its dynamic properties. For the status quo, this paper first defines cloud trust, and describes in details its sub-properties according to related international cloud security standards and trust specifications. Then, the basis, purpose, and scope of a model for analyzing cloud trust is presented. Next, to the process for building this model is described. Using LTS as an operational semantics profiling tool, starting from the interactive process of internal components in cloud, the cloud service is depicted as the interactions between users and cloud, and interactions among entities inside cloud. Finally, the model analysis tool, Kronos is used to analyze system state variations in service provision from multiple perspectives including availability, reliability and security. The analysis results demonstrate that the presented model can find not only known trusty problems but also unknown risks, which indicates the model is effective, and can provide theoretical support for trusted cloud construction.
出处
《软件学报》
EI
CSCD
北大核心
2016年第6期1349-1365,共17页
Journal of Software
基金
国家重点基础研究发展计划(973)(2014CB340600)
国家高技术研究发展计划(863)(2015AA016002)
国家自然科学基金(91118003
61173138
61272452
61332019)~~