Font Size: a A A

Research On The Security Issues Of Multi-Tenancy Syustems

Posted on:2012-03-12Degree:MasterType:Thesis
Country:ChinaCandidate:K F LiFull Text:PDF
GTID:2178330332488290Subject:Information Science
Abstract/Summary:PDF Full Text Request
With the maturity of Internet application technology, tremendous changes are taking place in the traditional software industry. Various concepts, such as SaaS, cloud, etc, are constantly emerging and receiving increasing attention and recognition. All these new concepts and techniques are used multi-tenancy mode as their core framework. Compared with the traditional software, multi-tenancy applications, especially within single instance mode, can significantly reduce software costs and realize scale profits. With many obvious advantages and broad developing prospect, it also puts out new demand for system security.Based on the analysis of and research on traditional security technology and multi-tenancy framework, how to construct a multi-tenancy application from the perspective of security is mainly discussed in this paper, focusing on three major safety problems: storage security, transmission security and access control.Storage security within multi-tenancy mode is first discussed in this paper with emphasis on data isolation design of multi-tenancy application. With the combination of field isolation and storage encryption technology, the solution for further safeguard of data storage security is also studied. Then this paper pays attention to the transmission security within multi-tenancy mode. WS-Security standard is introduced and how to ensure the security of service calling in multi-tenancy mode is explained by examples based on XML encryption and XML signature, so that data can be transferred safely between enterprises and service providers. Meanwhile, based on the characteristics of multi-tenancy framework, a multi-tenancy suitable key system is proposed combined with the feature of both PKI and IBC. At last, access control of multi-tenancy applications is researched. Considering the special demand for access control in multi-tenancy mode, RBAC based solution is chosen based on the analysis of the classical access control model. It provides customizable access control strategies for enterprises through layered management of role models.
Keywords/Search Tags:Multi-tenancy, Storage Security, Transmission Security, Access Control
PDF Full Text Request
Related items