| Cloud computing is a new type of computing mode, by which computing resources may be stored in a shared configurable pool and visited via an available convenient and on-demand network. Due to the strong position of cloud computing service providers in the provision of services and weak position of users in receiving services, it may cause serious information asymmetry. On the one hand, when information is transferred to the cloud computing service provider under the mode of cloud computing, it would be impossible for enterprises themselves to comprehensively control information and cloud computing details of the service provider. On the other hand, as cloud computing is designed for multi-party users, the service provider will not show the key information in cloud computing to users in consideration of security. In conclusion, security has become a key problem that constrains the development of cloud computing.In order to solve the problems concerning hybrid multi-level cloud data protection, this dissertation makes research on data access authorization, access control model and security of data storage and access.Firstly, in response to unclear division of management scope and of management authority, a multi-domain and multi-level access management model was proposed based on the concept of multi-domain and multi-level access management. Besides, management authority was divided into dominance and management, which were allocated to different management roles so as to ensure clear power and responsibilities between the administrator and the user. Also, according to the problems of domain shuttling and hidden improvement, we put forward the idea of one-way role mapping, classified the post role into internal role and mapping role and then the mapping role into outlet and inlet so as to ensure one-way flow of inter-domain authority and mutual safe operation. Furthermore, we analyzed and discussed the possible unsafe status in the privilege management model, made a reasoning analysis on the model through the given security violation formula and demonstrated the fact that authority could be made safe and uncontrollable when the model is subject to inter-domain management, cross-domain management and distributed privilege.Secondly, in response to the security problems of access violation, direction violation and passing violation encountered in hybrid multi-level cloud, a multi-level access control model based on data flow chart was proposed. This model uses data flow chart to record access behaviors and data flow direction caused. Then, the security features of data flow chart were given to lay a solid foundation for effectively testing all types of access violations. This model also improves BLP(Bell-LaPadula) model by incorporating specific elements of hybrid multi-level cloud such as multi-level interconnection mode, server, virtual machine (subsystem) and so on. It also divides users and resources into two categories, redefines the status, rules, automatic machine, system and security theorem based on the status machine theory, and uses safety entropy to prove the security theorem. Furthermore, we studied the control methods of all types of access violations, designed state transition rules for typical operations such as read, write and copy, and proved the security of these rules. Finally, we achieved a complete set of access control rules in hybrid multi-level cloud by combing different interconnection modes. The set can effectively solve the problems of access violation, direction violation and passing violation in both internal and external clouds at different levels.Thirdly, according to the security problems behind the data sharing of hybrid multi-level cloud such as data security and privacy protection, we studied attribute encryption technique and designed solutions regarding safe access to hybrid multi-level cloud and user privacy protection based on the technique. In order to solve the practical demand regarding hybrid multi-level cloud data access, data security and privacy protection, we introduced root privilege center CA(Property Management Center), regional privilege centers CA, and sub-license center SA(Sub Property Management Center) and other multi-level privilege centers, and graded key distribution and property privilege. The root CA privilege center is used for signature so as to guarantee the passing of the graded trust chain. Then, the Property Management Center (PMC) was built to maintain the global attribute list and respond to the access control within the management scope at the current level; and finally, we set the management control strategy involving data transmitter, privilege center and management mechanism, designed a secure fine-grained BSP-HABE model and solution based on control restraints, detailed the process of system initialization, data release, data access and user deletion. Compared with the original attribute encryption solution, this solution improves the security access policy control of environment and policy restraints. That is to say, before attributes are matched, PEP(Policy Execution point) and PDP(Policy Decision point) must evaluate and judge the security access control policy. Therefore, the security and flexibility of cloud storage cipher text access are improved. On the basis security, cipher text re-encryption and policy update work could be shifted to the cloud service end for implementation, thus reducing the computing costs of data transmitter and satisfying the demands for multi-cloud and multi-level data access and security policy.
|
PDF Full Text Request