Research And Implementation Of Security Policy Based On User Identity Authentication Technology In Cloud-Environment

With the popularity of the Internet and the development of information network, cloud computing is becoming mature and its application fields are also growing. At the same time, the rapid developments of cloud computing makes users have doubts on its security, so it is imminent to improve the security mechanism.Apply Identity authentication to the cloud environment has certain limitation and particularity. Therefore, how to ensure the safety of the cloud computing by the identity authentication technology is a problem that the service providers should concern and it is also difficult. CPK technology is a technology with independent intellectual property rights in our country. The biggest advantage of CPK is to create a large scale key by a few resources.Identity authentication and access control is an indispensable part in cloud computing security. This thesis proposes a new access control scheme which combine the role-based access control scheme and the public key authentication scheme. It can enhance the security of the access control model so as to improve the security of cloud computing.It may occur forgery attacks due to the large number of users in the cloud computing environment. To solve this problem, this thesis proposes a two-way authentication schemes to resist different kinds of forgery attacks.The traditional authentication method is that every user authenticates with the server separately. However, it may cause waste of space resources of the server. To solve this problem, this thesis presents a kind of access to the server which divided the users into groups and introduced the idea of ring signature at the same time. By this way it realized the user anonymity and ensured the safety of the certification.This thesis designs an experiment for the CPK authentication system on the C loudSim platform. The results of the simulation show that t he user authentication can be effective in cloud computing environment. The experiment obtained the expected effect and this user authentication has been applied successfully in a technology company in Nanjing.