Design And Implement A Tenant-Oriented And Self-Service Cloud Storage Security Detection System

Today, Cloud Computing and Big Data are the two most popular research areas in IT industry. They are closely related and inseparable. With the high-speed development of cloud computing, related technologies including virtualization, dynamic resource scheduling, etc. have matured. However, there are still some obstacles blocking IT enterprises to migrate their applications into cloud. Among them, security is the most important issue.In current cloud environment, tenants’applications run on remote cloud servers rather than their own data center. Tenants have to transfer a part of authority to cloud service providers (CSP), which leave a security threat for tenants’ data. Moreover, tenants are worry about their private data. The invisibility of cloud service raise tenants’ suspiciousness about the cloud service provides, which affects the further implement of cloud computing service. An investigation shows that the data backup and recovery ability is the top concern of tenants, so storage security is significant for cloud computing. However, current Service-Level Agreement (SLA) lacks the ability of monitoring storage devices in detail. It is not enough to meet the data security requirements. Some other methods such as security inspection, auditing, etc. are needed to fill the gap and improve data security.Based on above analysis, a new visible cloud storage security model is proposed first in this thesis. This model combines storage management model and security standards to define a set of security attributes. Drove by this model, a tenant-oriented, self-serve storage security evaluation system is designed and implemented. By using this system, tenants can get the abstract storage model from cloud service providers, apply specific security requirements according to user needs, verify the realization of security schemas declared in SLA from configuration view, then get detail evaluation reports. This system can improve tenants’ data security while enhance the transparency of cloud storage service. Detail functional and performance tests are done at the end of this paper to prove feasibility of the model and system proposed.