Research Of Security Assessment For Cloud Service Based On Data Flow

In the early80’s the Sun Microsystem Company has put forward the thought of“Network is computer”, it’s the earliest cloud computing ideas. Until2006, Google’sCEO Eric Schmidt formally put forward the concept of “cloud computing” in thesearch engine conference (SES Sans Jose2006), making it quickly became a mostpopular keywords in the field of computer industry. Cloud computing thoroughlychanged the electronic information industry in business model and the direction ofdevelopment, it is the largest change after the change of computer to the client/serverin the80s turnaround after another kind of change, open up the calculation model ofthe new era. Cloud computing use large server cluster making a resource pool to offerusers of an unlimited amount of computing power, it is not only make the developerswith a great economic benefits, and a thoroughly change for the small andmedium-sized enterprise in the business model, at the same time the characteristics ofenergy saving and environmental protection is also correspond well in line with theneeds of the development of the current economy.In the meantime cloud computing bringing people convenient services andeconomic benefit, the new security threats with it are deeply troubled users andenterprises. There is survey shows, the cloud security concerns of users has beengreatly exceed the economic benefit of the cloud computing. Because there is a worldof difference in organization structure and service mode of cloud computing fromtraditional host and service, so the traditional security measures and risk managementtechnology in the cloud platform has limitations in all directions, and the securitytools from each big IT company for cloud computing usually only develop for acertain “cloud” of the specific problems, so there is no universal and effective solution.And the existing risk assessment for the cloud computing only can be aimed at thewhole cloud platform, but can’t estimate the security state of a single service.Therefore this paper proposes a risk assessment methods for the service on the cloud,and quantitative evaluate the possibility of threat through the history behavior ofservice.Through the tracking and monitoring of service behavior, we can extract the dataflow which used to indicate the service behavior, and though the contrast of thenormal behavior and service, identify the hidden threats and risks, and thenquantitative evaluate the degree of the threat using the probability of threat. Themethod based on the data flow monitor data between different service and process, soit can evaluate threats both in and outside the cloud platform, including the threatsfrom the managers of the platform and the service providers, so the risk assessmentmethod is suitable for the cloud computing. It put forward a new idea of riskassessment in cloud computing, and provides a general method and reference for thesecurity management of cloud computing.