Cloud computing and network security research
开篇:润墨网以专业的文秘视角,为您筛选了一篇Cloud computing and network security research范文,如需获取更多写作素材,在线客服老师一对一协助。欢迎您的阅读与分享!
Abstract. As a new technology, cloud computing brings a change to business models and ways of working and provides convenience to the way that people work, study and life. User data of cloud computing are stored in the "cloud". The loss of data and the disclosure of privacy will give users a significant loss, so that people are increasingly concerned about its security. The industry of cloud computing has a huge market growth prospects, but compared to other security products, cloud computing access risks exist in the data integrity, data recovery, and privacy, and risks of safety assessment in electronic services, business compatibility and third-party audit regulations.
Key words: cloud computing; network security; Information
Introductions
Due to an imbalance in the demand and use of state of network information, the integration and optimization of resources become the inevitable trend of network development, then cloud computing as IT technology and services combined with the new model appears. Cloud computing has been recognized by many carriers and enterprises, and some users are trying to use cloud services. However, compared to the rapid application of cloud computing, security link slightly behind. For example, in 2011, Sony hacking incident highlighted the weaknesses of cloud services. Experts in Web sense Security Labs said, in 2012, social networking and cloud computing technology will be further widely adopted and make an explosive development, "we will soon see the malicious people take advantage of this change. According to reports, the recent survey by the third-party research institutions showed that 51% of small and medium-sized enterprises refused to use cloud services, because of the security. In addition, worldwide, CIO from more than 90% Germanic and French enterprises claimed that the security protection are the premise for them to use cloud computing. In addition, there is an authoritative survey report pointed out that security was ranked the highest in the top three market challenges of the cloud computing services. It is not difficult to see that cloud computing security issues have become the biggest impediment to its development. Therefore, in 2012, cloud computing security market will be subject to the attention of the majority of enterprises. Cooperation with enterprises, security vendors and government parties becomes an important model for 2012 to solve the problem. Therefore, under the cloud computing environment, network security seems very important.
1. Concept and characteristics of cloud computing
1.1 Concept of cloud computing
Concept of cloud computing is proposed by Google. It is a very beautiful network application model. Strict cloud computing refers to the resources which acquired by means of expanding network easily. It is the mode of delivery and use of IT infrastructure. Generalized cloud computing network refers to the services. It is easy scalable way to get the desired service delivery and usage patterns. Such services may relate to Internet and software, or any other service. It has some unique efficacies, like virtualization, security, reliability, ultra-large-scale.
1.2 Characteristics of cloud computing
1.2.1 Cloud computing provides the most secure and reliable data storage center
When using a computer, situations are usually encountered as follows: virus attacks resulting in the loss of data in the hard disk or hard drive damage; games account or bank card information stolen by hackers and so on. If the data is saved on the network service which is similar to Google Docs, then you no longer have to worry about data loss or damage. Because at the other end of the "Cloud", there are the most professional team in the world helping you to manage information, and the world's most state-of-the-art data center to help you to save the data.
1.2.2 Low requirements to cloud computing user terminal equipment
It is sometimes easy to use. In order to use one of the latest operating system or version of the software, users must continually upgrade their computer hardware. In order to open the document a friend sent in some kind of format, the user has to find and download an internet application. Cloud computing will be your best choice. Users simply type the address of the network services company providing cloud computing in the browser and find the function menu providing appropriate services, then they can experience a whole new operating system, the latest popular software, as well as the appropriate software to open document in unknown format. The client's operating system does not have any restrictions. The only condition is the access to the Internet. Because at the other end of the "cloud", there are professional IT staffs helping you maintain hardware, helping you install and upgrade software, helping you to prevent viruses and all kinds of network attacks, helping you to do everything you've done on the PC.
2. Affects of cloud computing to the field of
information security
2.1 Services security of cloud computing
Cloud computing network provided by service providers is secure? Is there someone broke in to theft account? The storage they provide is safe? Will it cause data leaks? These all need to be solved and promised by the cloud computing service providers. Just like water production in accordance with the state regulations of relevant departments, it needs the appropriate laws and regulations promulgated by the state to constraint cloud computing service providers’ behavior and technology.
2.2 Transfer methods of network security data cloud computing
With the rapid development of computer network technology, higher requirements are put forward on the transfer of massive data on network. Cloud computing technology, as a hot research technology, shows a growing advantage in solving this problem. Therefore, it receives much attention from scholars. Another studying focus of major companies and organizations around the world is to guarantee the large commercial data generated in cloud, to pass to the various sub-systems in the cloud safely and quickly. The cost of the underlying hardware can be significantly reduced on the basis of the storage and delivery of cloud-based data security. The main secure data storage method to pass cloud computing is mainly based on model of Storage Service (S3) and Elastic Compute Cloud service (EC2). With the continuous increase of the number of network data, the data security requirements of cloud computing is getting higher and higher. To solve this problem, security data transfer method of cloud computing based on a multi-layered defense has been put forward. Using multi-layer data protection technology to take an effective detection of abnormality of massive data when it passed in cloud aims to narrow the abnormal deviation of data by using multi-point calibration, so as to guarantee the security of data, to overcome the defects of traditional methods, and to maximize the security of network data transfer between large-scale in the cloud to ensure data security.
2.3 Network principle
In figure 1, we can see that in the traditional network environment, data centers need to assign a separate network for each user, and each network requires a separate network security devices, firewalls and switches. All servers of a user are deployed in separate physical network to achieve the effect of data security isolation.
Figure 1 Network topology of traditional data center
Figure 2 Security Gateway
3. Solutions to the problems of cloud computing security
3.1 construction of the security system technically supported by the virtualization
Currently, virtualization has become a key technological means for cloud computing service providers to provide "on-demand services", including basic network architecture, storage resources, computer resources and application resources, which are in a big step forward to support virtualization. Only being based on virtual technology and according to the needs of different users, it may provide personalized storage calculation and appropriate allocation of application resources. And data security between different users can be achieved by using the virtualized instance logical isolation. Regardless of the underlying network architecture or the concept of security (service), security needs to support virtualization, so as to achieve the end-to-end virtualized computing.
3.2 Operations Management
From the perspective of the operational management, in addition to self-discipline to security from contract, cloud service providers also can introduce a third-party certification and discipline through the establishment of sound corporate reputation as well as other means contractually bound to constraints from the view of the contract security. It is what customers want. Currently, there are already many cloud computing service providers putting forward their own cloud service level agreements, which specify services from the quality of service, technical support, and intellectual property and also makes it clear that the rights and obligations of service providers and users. The credibility of the enterprise value can win the respect of customers. From the view of customers, the first choice of cloud computing users is to choose strong and reputable service provider.
3.3 Data security in the cloud
Under the environment of the cloud computing, the user data is stored in the cloud, if the user needs to use these data, they can download in the cloud, which has greatly improved the convenience. For the use of the software of the users, they are deployed and maintained together by relevant service providers. As a result, even if the terminal generates a certain problems to some extent, the user will not be affected, because the customer can replace the terminal, and input it into the cloud service, so as to immediately get the relevant data which they need. However, in order to realize the content above, it is necessary to develop a highly targeted and effective security mechanism to safeguard its security.
3.4 The division of the protected area
Before the data transmission in the cloud, it needs to calculate the amount and types of information of the transmission data. The first step in this algorithm is to calculate a protection check area, validates the data as the initial value of the data. The algorithm is based on three data units as a checksum. These three data units then are arranged into a triangular space model. Generally there are two points that can be described. One is a value of the data. The other is a time stamp of the data. Respectively regarding these two data points as the X, Y coordinates in a two-dimensional spatial coordinate system. It can be described in custom two-dimensional space. In this custom region, there are three data points to be passed. In the two-dimensional coordinates of the model, due to its own reasons, the data region to be selected may result in far distance in two-dimensional model, and insufficient precision of the area calculating results. In order to solve these problems, you can optimize the selected data area and then select the optimized data points instead of the last point, so as to fill the distance between the large differences of the data, and make the data in cloud data gain the optimum protection.
3.5 System maintenance and total cost of ownership
At the start and development of the current cloud computing, integration of network technology and network security is a must. And at present, one of the most obvious advantages to carry out it in the data center is the easy system maintenance, lower construction and maintenance costs. Solutions of network security integrated with network technology not only enhance the efficiency of data interaction, but reduce the number of devices and the network point of failure and the cost of deployment and maintenance. Network security integration program can reduce the number of equipment purchases, energy consumption and the workload of the configuration deployment, and expand and upgrade network more easily, as well as to reduce the number of maintenance personnel. Advantages of the management and maintenance of these features can significantly reduce the late maintenance costs, thereby reducing the total cost of ownership of the project.
3.6 Application security
Cloud environment has many characteristics with specific performance in flexibility, openness, and the public availability. However, these features threat the security of cloud computing applications to some extent. Therefore, to cloud services, it is necessary to have a certain sense of urgency and to fully consider security issues that may occur in the future during the deployment of the application. From the user's perspective, they should have a certain sense of urgency and safety, and take effective measures to guarantee the terminal security issues in the cloud. The user can encrypt the communication between the servers of the application of the sensitive data in order to guarantee certain extent its confidentiality.
3.7 The development of cloud security technology
In the field of network security, traditional antivirus method is that after the discovery of the virus, anti-virus company engineers will resolve virus samples and then upload the sample virus code to the virus database, so that user can update the virus database by timing or manually to get the anti-virus the software upgrade protection. But in this way, there is too much trouble in the upgrade. It also cost memory and bandwidth for the user to daily upgrade anti-virus software. But building a strong cloud server worldwide and put the virus code in the cloud can completely intercept virus variants, and also greatly reduce the processing tasks of the client and client memory footprint, so the user will not antivirus and upgrade software on time. Cloud and client interacts information at any time via the Internet, and all computing is putting into the cloud, so that it makes a significant savings in cost and time and controls the spread of the virus.
4. Summary
As an emerging technology, cloud computing gradually won the user's hearts with its strong technique and function. However, in a cloud computing environment, network security issues can not be ignored, otherwise it will affect the security of the network system, user data and covert security. We should be vigilant and strengthen management in the areas of security authentication, rights management and data encryption, and to make the availability, integrity and confidentiality of computers in a network environment gain more comprehensive protection, so as to highlight the advantages of cloud computing in terms of performance and provide customers with more convenience.
References
[1] Yao yuanyao, Zhang yumin. Applications of cloud computing in the field of network security[J].Science Mosaic.2009(07)
[2] Hu jiang. Computer network security problems and countermeasures[J].Technology Wind.2010(24)
[3] Liu ying, Liu puter network security problems and measures[J].Science & Technology Information. 2008(06)