| Cloud computing integrates Distributed Computing,Grid Computing,Parallel Computing,Utility Computing,Network Storage Technologies,Virtualization,Load Balance etc. It results from the development and integration of traditional computer technology and network technology. The base theory of cloud computing is to dispose the demand of computing or resource to a large number of distributed computers, not local computers or remote servers, then access computers,storage system and all sorts of resource according to the demand. With the help of these advanced models such as SaaS,PaaS,IaaS, cloud computing transport computing ability to terminal users.The core idea of cloud computing is to decrease user's terminal working quantity as to simplify user terminal into a mere inputting/outputting equipment as well as use the computing ability of cloud computing on-demand. The thought of cloud computing is to administrate and dispatch all kinds of computing resource which are connected to the network, form a computing resource pool and distribute resources dynamically for the end users to use on-demand. The access security control of resource is the necessary condition to attain the aim of sharing resource efficiently. The proper configuring of security policy is the precondition to access safely and control resource. When establishing the security policy, it may occur policies conflicting to each other, which can't be foreseen in establishing and using process due to the reason of the policy administrator or others. When the conflictions of condition parts of policies happen, the actions of policies contradict each other or have completely opposite action effects therefore the administration system of policy can't perform the actions accurately and the system running efficiency will be affected and security vulnerabilities will occur. Therefore to detect the conflictions in security policies accurately and efficiently, as will as resolute is the key of cloud computing security.This thesis first introduces the relative concepts and present development of cloud computing and cloud computing security policy; next it compares several algorithms such as: Rule-based and Ontology-based automatic algorithm; Ponder language and Role-based algorithm; Description Logic-based algorithm; Finite state machine-based algorithm. Following this, the thesis puts forward integer space-based algorithm. Then it experiments on this algorithm many times, records and analyses the running time of CPU, and finally tests and verifies the accuracy and effectiveness. |
PDF Full Text Request