Research On Cloud Platform Authentication And Access Control Based On CPK

Since 2006 the concept of cloud computing has been put proposed.Cloud computing has been rapid development that is a technology product by blending parallel computing,grid computing,utility computing and distributed storage technology,which brings unparalleled experience to users: low cost,pay-per-use,on-demand resources,rapid deployment and application and so on.At the same time,these characteristics of cloud computing also bring many security risks.There are quite a few features in cloud computing.At first,types of services are diversified.Secondly,behaviors of the subjects are complicated.Then,cloud resources come from different service providers and services can run on different system platforms.Authentication and access control are fundamental protection barrier of security for cloud computing,the traditional access control technology cannot meet the needs of the cloud environment.To achieve safe and effective authentication and access control management is essential for cloud computing,but also is the key to establishing a trust environment and coping with security issues in cloud.The CPK certification technology can generate a large number of composite keys from small-scale matrices to solve difficulties of the large-scale production and storage keys,overcome the problem of a large network of large-scale key management.The CPK certification technology can be applied to complicated cloud environments.In this thesis,the access control model is improved in the cloud,the cloud platform authentication and access control scheme are put forward based on the analysis of the cloud computing and the access control system of CPK.The main researches in this thesis include the following aspects:1.Based on the characteristics of cloud computing.The rationality and advantages of CPK applied to cloud environment are analyzed,by analysing and comparing of PKI,IBE and CPK.2.This thesis introduces and studies the technologies of cloud computing,and chooses OpenStack as the cloud platform environment for the final simulation test on the basis of deep analysis of various cloud platforms.3.The access control model is improved and the mapping relation and CPK achievement of user-role-authority in cloud platform are proposed.In combination of development status of cloud platform,the access control scheme is given.4.In the OpenStack cloud environment has been established,the proposed access control program simulation test.This thesis mainly studies the authentication and access control in the cloud platform.This paper analyzes the relationship between users,roles,permissions and resources in the cloud environment,improves the access control model in the cloud environment,applies the CPK authentication technology to the access control of the current cloud platform,and proposes an access control scheme to achieve large-scale key distribution for the copious participators in cloud,at the same time improves the security of the cloud platform.