首页 | 本学科首页   官方微博 | 高级检索  
     

云计算安全体系设计与实现综述
引用本文:杨松,刘洪善,程艳. 云计算安全体系设计与实现综述[J]. 重庆邮电大学学报(自然科学版), 2020, 32(5): 816-824
作者姓名:杨松  刘洪善  程艳
作者单位:华为技术有限公司,广东 深圳 518129
摘    要:云计算的安全性既要面对传统信息技术带来的安全威胁,又要面对云计算核心技术,如虚拟化带来的新风险。根据经典的以安全策略(policy)、保护(protection)、检测(detection)和响应(response)为核心的安全模型—PPDR模型,结合笔者在云服务商工作积累的多年安全实践,论述了云计算安全体系设计与实现的关键技术,包括网络、主机、应用、数据和运维运营5个层面的安全设计与实现,并对云计算安全相关的技术趋势进行了展望。提出一种经实战检验的云计算安全体系的设计与实现,特别是数据安全体系的设计与实现。该体系上线3年来,已消减针对云平台99.99%以上的安全攻击,经受住了现网大规模安全实战的考验。

关 键 词:云计算  云安全  数据安全  安全体系
收稿时间:2020-05-18
修稿时间:2020-08-03

Overview of design and implementation of cloud computing security system
YANG Song,LIU Hongshan,CHENG Yan. Overview of design and implementation of cloud computing security system[J]. Journal of Chongqing University of Posts and Telecommunications, 2020, 32(5): 816-824
Authors:YANG Song  LIU Hongshan  CHENG Yan
Affiliation:Huawei Technologies Co. Ltd., Shenzhen 518129, P. R. China
Abstract:The security of cloud computing is faced with both security threats brought by traditional information technologies and new risks brought by cloud computing technologies, such as virtualization. Based on the PPDR model, a typical security model centered on security policies, protection, detection, and response, and the security practices accumulated by the author in cloud service providers, the key technologies for the design and implementation of the cloud computing security system are described. This paper describes the security design and implementation of the network, host, application, data, and O&M, and forecasts the technical trends related to cloud computing security. This paper presents the design and implementation of a proven cloud computing security architecture, especially the design and implementation of data security architecture. In the past three years, the system has been able to mitigate over 99.99% of security attacks on the cloud platform and withstand large-scale security practices on the live network.
Keywords:cloud computing   cloud security   data security   security system
点击此处可从《重庆邮电大学学报(自然科学版)》浏览原始摘要信息
点击此处可从《重庆邮电大学学报(自然科学版)》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号