Research On Mobile Terminal Based Cloud Security

As the development of Cloud Computing and the popularization of Intelligent Mobile Terminal,providing cloud service has become one of the most important applications of Cloud Computing.Because of the distributed and dynamic characteristics, resource sharing between different domainsfaces new security challenges. This paper researches resource access control under mobile and cloudenvironment. The model uses access control to achieve cross-domain resource protection.From the security requirements on cross-domain resource, combining with the current situationof the access control model in existed system, the paper proposes a new cross-domain access controlmodel with risk mechanism. This model imports risk management to RBAC model. The model notonly uses cursor in the required domain, but also extends it to the domain which starts the requirement.This risk cursor mechanism enhances the security of cross domain requirement. In addition, the modelalso imports timeline in each domain which involved in the requirement. The timeline binds with therisk level in order to realize the granule of the cross-domain access control. It is determined by thehuman beings according to the experience. The nodes which require longer time may involve higherrisk. With risk and timeline mechanism, a fine-grained authorization mechanism is enabled. This newmodel also set threshold of visiting time to limit the frequency of the requirement, in order to restrictthe frequency of the requirement. It will avoid the happening of the centralized malicious behavior.Use0or1to mark which resource the management node can see. Through the method of restrictionson history records management node visit, this model realizes privacy protection on the historicalrecords.Considering the frequent migration characteristic of mobile terminal and the research actuality ofexisting delegation based RBAC access control, the delegation based cross-domain access controlmodel in cloud computing of the mobile terminal is presented. By introducing the delegationmechanism, this model can effectively solve the problems which due to the frequent migration ofmobile terminal. When the mobile terminal moves to another domain which is not the start domain ofthe cross-domain requirement, it will bring new problems to the interaction. This model makes themanagement node of each domain maintain a dynamic routing table. When the node leaves thedomain, the management node will add a new record to the routing table. This dynamic routing tablesolves the localization of nodes. The model defines two kinds of mapping roles which named localmapping role and role based requirement. Also, we propose a synthetic method to obtain syntheticmapping role. Combining the quantified-role method, the delegated node obtains the final mapping role of this cross-domain requirement. This model can effectively solve the problem of permissionhidden ascension in the process of the mapping. The requirement frequency threshold will avoid therisk which is caused by the malicious node’s excessive operation. Analysis shows that the model hasbetter security.