Research Of Security Key Technology In Telecom's Cloud Computing Platform

With the development of the global economy and improvement of science technology, the domestic telecommunication industry affected by the following issues: the sudden increasing massive data tasks, the high demand of computing capability, the scalability of system platform, and the needs of safer communication. And the competition in the network operators becomes more and more intense. The rise of cloud computing gives a hope to the problems. This technology distribute the Telecom computing tasks according to needs in the computer clusters which ensuring the computing ability and memory space be used reasonable, efficient and convenient in the application systems. Therefore, this technology guarantees the data security and reduces the cost.Due to the flaws in the cloud computing flatworm, however, the cloud computing platform exist security threats. In this thesis, the analysis of virtualization, distributed databases, distributed file, the Web services facing security threats, in order to propose a cloud computing security architecture for telecommunication systems. This security architecture includes basic services, security, cloud services security and cloud application security.Then this thesis implements a cloud computing resource virtualization management and monitoring platform for the Telecom system based on the security architecture. This platform accomplished virtual machine image, key, cluster information and other management. And this platform can dynamic monitor the physical resources in the nodes and the virtual resources in the virtual nodes. Then the role based delegation authorization model of trusted cloud computing ( RTDC ) is presented to realize the authorization delegation of role and permission based on the RBDM. By keeping updating trust information, the model can identify different types of entities and defense bad entities'behaviors. Finally, this thesis presents a DDOS detection scheme by the analysis of DDOS what telecom's cloud computing platform faced. This detection scheme uses the wavelet analysis to monitor DDOS and uses flow cleaning to realize effective defense DDOS.