云图书馆虚拟环境可信验证过程的设计与实现

doi:10.11925/infotech.1003-3513.2014.03.06

摘要
参考文献
相关文章
Metrics

全文: PDF(732 KB) HTML
输出: BibTeX | EndNote (RIS)

摘要

[目的] 通过对云图书馆虚拟环境进行可信验证保证用户资源与服务所在的虚拟环境的可信。[方法] 建立基于可信第三方的验证模型，通过可信第三方分别对用户和云图书馆平台进行可信验证的方法，设计并实现云图书馆虚拟环境的可信验证过程。[结果] 能够以较小的系统开销确保虚拟机请求过程、分配过程以及启动过程的可信，保证云图书馆平台分配给用户的虚拟机是可信的。[局限] 虚拟机使用、虚拟机迁移等过程的可信验证所带来的系统开销，有待进一步实验和验证。[结论] 本研究能够向用户保证其所请求的虚拟机的可信，建立用户与云图书馆平台的信任关系。

	服务

	把本文推荐给朋友
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	吴旭
	吴坤
	颉夏青

关键词 ：云图书馆, 虚拟环境, 可信验证

Abstract：

[Objective] To ensure the trustworthiness of cloud library virtualized environment which contains users' resources and services by trustworthiness validation. [Methods] By establishing a validation model in which the Third Trusted Party respectively validates the cloud library platform providers and users, this paper designs and implements the trustworthiness validation process of cloud library virtualized environment. [Results] This paper can ensure the trustworthiness in process of request, allocation and startup of virtual machine with little overhead, and ensure that the virtual machine assigned to users is trusted. [Limitations] The overhead of validation in virtual machine's usage and migration needs to be verified. [Conclusions] The research can ensure trustworthiness of virtual machine to build the trustworthiness between cloud library users and platform providers.

Key words： Cloud library Virtualized environment Trustworthiness validation

收稿日期: 2013-11-10

:	G250.76
	TP338.8

基金资助:

本文系国家高技术研究发展计划（863计划）“基于eID的典型示范应用”（项目编号：2012AA01A404）和北京邮电大学教育教学改革项目“立体互动式‘经典阅读’教学体系创新平台的构建”的研究成果之一。

通讯作者: 吴坤 E-mail：wukun3928@sohu.com E-mail: wukun3928@sohu.com

作者简介: 作者贡献声明：吴坤，吴旭: 提出研究思路，设计研究方案；颉夏青: 进行实验、数据采集和分析；吴坤，颉夏青: 论文起草；吴旭: 论文最终版本修订。

引用本文:

吴坤, 颉夏青, 吴旭. 云图书馆虚拟环境可信验证过程的设计与实现[J]. 现代图书情报技术, 2014, 30(3): 35-41.
Wu Kun, Xie Xiaqing, Wu Xu. Design and Implementation of Trustworthiness Validation in Cloud Library Virtualized Environment. New Technology of Library and Information Service, DOI：10.11925/infotech.1003-3513.2014.03.06.

链接本文:

http://manu44.magtech.com.cn/Jwk_infotech_wk3/CN/10.11925/infotech.1003-3513.2014.03.06

[1] 陈臣, 高军. 云计算环境下数字图书馆虚拟机安全部署策略研究 [J]. 现代情报, 2013, 33(7): 64-66.(Chen Chen, Gao Jun. Study for Virtual Machine Security Deployment Policy for Digital Library in Cloud Computing [J]. Modern Information,2013,33(7):64-66.)

[2] 陈臣, 马晓亭. 云计算环境下数字图书馆虚拟机资源分配及部署策略研究 [J]. 图书馆工作与研究, 2013(6): 46-48. (Chen Chen, Ma Xiaoting. Study on Virtual Resources' Allocation and Deployment Strategies of Digital Library in Cloud Computing Environment [J]. Library Work and Study, 2013(6): 46-48.)

[3] 袁援, 凌卉. 云计算技术驱动下构建数字图书馆虚拟化环境的探讨 [J]. 情报理论与实践, 2010, 33(12): 119-123, 128.(Yuan Yuan, Ling Hui. Exploration of Constructing the Virtualized Environment of Digital Library Driven by the Cloud Computing Technology [J]. Information Studies: Theory & Application, 2010,33(12): 119-123, 128.)

[4] 马晓亭, 陈臣. 云安全 2.0 技术体系下数字图书馆信息资源安全威胁与对策研究 [J]. 现代情报, 2011,31(3): 62-66.(Ma Xiaoting, Chen Chen. Research on Information Security Threats and Security Strategy of Digital Library under the Cloud Security 2.0 System Environment [J]. Modern Information, 2011,31(3):62-66.)

[5] 马晓亭, 陈臣. 云计算环境下数字图书馆信息资源安全威胁与对策研究 [J]. 情报资料工作, 2011(2): 55-59.(Ma Xiaoting, Chen Chen. On the Threat to the Security of Digital Library Information Resource and Its Tactics: Under the Environment of Cloud Computing [J]. Information and Documentation Services, 2011(2): 55-59.)

[6] 张叶红. 数字图书馆云计算安全架构及其管理策略 [J]. 图书馆学研究, 2010(11): 30-34. (Zhang Yehong. Cloud Computing Security Architecture and Policies of Digital Library [J]. Research on Library Science, 2010 (11): 30-34.)

[7] 林晓群. 可信技术在图书馆信息安全防护体系的应用研究 [J]. 农业图书情报学刊, 2010, 22(10): 62-64.(Lin Xiaoqun. Study on the Application of Trusted Computing in Library's Security Architecture [J].Jounal of Library and Information Sciences in Agriculture, 2010, 22(10): 62-64.)

[8] 王长全, 艾雰, 姚建文.云计算环境下数字图书馆信息资源安全策略研究 [J].情报杂志,2010,29(3):184-186,161.(Wang Changquan, Ai Fen, Yao Jianwen. Research on Information Security Strategy of Digital Library under the Cloud Computing Environment [J]. Journal of Intelligence, 2010, 29(3):184-186,161.)

[9] Tang K. Research on Security Strategies of Digital Library Based on Cloud Computing Platform [J]. Advanced Materials Research, 2013, 734-737: 3171-3174.

[10] McCune J M, Parno B, Perrig A, et al. How Low Can You Go? Recommendations for Hardware-supported Minimal TCB Code Execution [C]. In: Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems, Seattle, USA. New York: ACM, 2008: 14-25.

[11] McCune J M, Parno B J, Perrig A, et al. Flicker: An Execution Infrastructure for TCB Minimization [C].In: Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008, Glasgow. New York: ACM,2008: 315-328.

[12] McCune J M, Li Y, Qu N, et al. TrustVisor: Efficient TCB Reduction and Attestation [C]. In: Proceedings of the 2010 IEEE Symposium on Security and Privacy. Washington D C: IEEE Computer Society, 2010:143-158.

[13] Schiffman J, Moyer T, Vijayakumar H, et al. Seeding Clouds with Trust Anchors [C]. In: Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop (CCSW'10), Chicago,USA. New York: ACM,2010: 43-46.

[14] Bertholon B, Varrette S, Bouvry P. CertiCloud: A Novel TPM-based Approach to Ensure Cloud IaaS Security [C]. In: Proceedings of the 4th International Conference on Cloud Computing(CLOUD 2011). Washington D C: IEEE Computer Society, 2011: 121-130.

[15] Eucalyptus Systems,Inc. Eucalyptus-Open Source AWS Compatible Private Clouds [EB/OL]. [2013-11-20]. http:// www.eucalyptus.com/.

[16] Trusted Computing Group. Trusted Platform Module [EB/OL]. [2013-11-20]. http://www.trustedcomputinggroup. org/developers/trusted_platform_module/.

[17] Berger S, Caceres R, Goldman K A, et al. vTPM: Virtualizing the Trusted Platform Module [C]. In: Proceedings of the 15th Conference on USENIX Security Symposium. USENIX Association Berkeley, 2006: Article No. 21.

[1]	顾立平. 数字图书馆的社会模拟技术研究[J]. 现代图书情报技术, 2011, 27(2): 8-15.

Viewed

Full text

Abstract

Cited

Shared

Discussed