| With the continuous development of Internet,Cloud Compute has became popular.Cloud Compute has many advantages compared with traditional stand-along in large scale compute and storage.But it also brings out several security problems.On the one hand,the data on the Cloud is not crypted.Though Cloud provider emphasize their credibility,data on Cloud without cryption is still not safe.On the other hand,the access control which has been used widely cannot meet the need of complict access.These problems need to be sovled.OpenStack has become the mainstream of Open-Source Cloud Compute platform with a mature framework.However,there are still kinds of security problems.For example,the access control of Openstack is not flexible enough,the data on OpenStack is not crypted.It is necessary to perfect the OpenStack.This thesis extends the authentication and authorization of OpenStack by adding attribute based access control.Attribute based cryption is used to ensure the implemention of attribute based access control.This extention of OpenStack is a service which will not change the architecture of OpenStack.This thesis firstly introduces the necessary of extending the access control service of OpenStack.Secondly the design of the service ensure the fine grain of access control and the encryption of the cloud data.The Implementation of the service make a pluggable module for OpenStack which can enhance the efficiency of the development of OpenStack.Above all,the service is better than the updates and extension of service on market. |
PDF Full Text Request