Study On The Model Of Security Evaluation Of Iaas Layer Of Cloud Computing System

Cloud computing brings advantages of low cost, high performance, configuration rapidly and mass computing service to public and customers. Although those conveniences, another significant consideration while users select cloud computing is security. The improvement of the effectiveness, stability, sustainability and efficiency of cloud computing services is highly relied on the guarantee of the cloud security as it has become one of the key factors of industrial development. At present, providers of cloud computing both at home and abroad commonly provide service of IaaS (Infrastructure as a Service). This thesis is focusing on the question that lacking of related standard and evaluation model for security of IaaS layer, putting forward the evaluation model of the security of IaaS. It also does the experiments to verify on OpenStack platform and Eucalyptus platform. The following are the specific work:(1) The paper summarize the status quo at home and abroad of cloud computing security service, technical support, and cloud computing standards, study the details of key techniques on IaaS layer. What’s more, we compare two open-source cloud platform that exist, and find out their shortages.(2) A detailed analysis that focusing on the nine threats presented by CSA is done. At the same time, the specific threats to IaaS layer are investigated carefully and the mapping relationship is worked out according to the correlation. It summarizes and classifies the related technique of the IaaS security and protection measures through research and analysis the security of the data center and virtual network. Finally, forming a security evaluation model of IaaS layer.(3) The paper analyses and verifies the effectiveness of the proposed model. The establishment of index hierarchy tree based on the evaluation model, the judgment matrix is established according to expert method, and ANC (sum and product method) to determine matrix. The weight of each index is worked out after consistency checking. The assessment data of single index of the two open source platform is obtained by statistics in a form of questionnaire. We judge the platform vaguely from low to high, using the fuzzy comprehensive evaluation method. Finally, we determine the security of the platform based on the maximum membership degree principle, and verify the validity of the evaluation model.