| Cloud computing is a new computing model after distributed computing that overcomes thetraditional computing environment’s static, closed characteristics, creating a open and dynamiccomputing environments, which is more practical in complex network environments. Byintegrating multiple computational entities, get virtual cloud resource pools, the user can storeresources in the cloud, also lease from the resources that required, and gradually evolved into acommercial computing model. But security problems which exist are severely restricting thedevelopment of cloud computing, security problems can be resolved well, it is essential fordevelopment and the long-term nature. Traditional access control model in addressing securityissues and provides some policies, but there are still many shortcomings, it is not a good way toverify the user’s identity and credibility so as to resist the entity’s malicious attacks, and can’tauthorize reasonably, so how to judge credibility of trading entities become an important aspectsof addressing security issues. On this point, combining with the credibility of the concept andcloud security, and introduce credible mechanism to traditional access control model, which hasbecome an important way to solve cloud security issues. Therefore, this paper focuses on cloudcomputing credibility and access control issues in the environment, it mainly has followingseveral points:First, achieve a combination of cloud computing concepts and credibleThis paper combines the concept of cloud computing with trust to help cloud servicerequester to verify the credibility, using the two-level authentication policy and judging thecredibility of user transactions to achieve a more flexible role mapping and access control.Second, propose a new reverse cloud generation algorithmBased on reverse the original one-dimensional cloud generation algorithm, we propose anew backward cloud generation algorithm, combined with expectation Ex, entropy En, hyperentropy He, for the user to evaluate the credibility choose to meet high, strong stability as theobject of the transaction object, the cloud services can provide a credible basis for thetransaction.Third, propose a role and trust-based access control modelTraditional role-based access control model, based on the credibility of the mechanism androle proposed by combining a role-based access control model T-RBAC, while the identity of theuser to verify the credibility of the information made, enhanced access control modelanti-jamming capability and throughput, reduce network latency.Fourth, present a credible value update methodTo reduce the possibility of a malicious attack to make improvements, calculate the value ofthe user’s direct credible recommended credible value, comprehensive credible value, andaccording to the user’s behavior, the value of trusted users updated in real time, to avoidmalicious entity through and the implementation of a long accumulation of credible valuemalicious attacks on cloud resources danger. Fifth, design simulation experiments to verify the effectiveness of experimentDesign simulation experiments to verify the accuracy, efficiency, network latency,throughput and immunity of the proposed algorithm, the evaluation criteria of the accuracy is thechanging rate of credibility, the evaluation standard of efficiency is the time overhead of trustedvalue calculating. |
PDF Full Text Request