云提供商可信性审计与验证研究

项目名称： 云提供商可信性审计与验证研究

项目编号： No.61202081

项目类型： 青年科学基金项目

立项/批准年度： 2013

项目学科： 计算机科学学科

项目作者： 刘川意

作者单位： 北京邮电大学

项目金额： 23万元

中文摘要： 云计算被广泛认为是信息技术发展的必然趋势。然而，由于在云计算模式下用户失去了对托管在云端的数据和应用的直接控制能力，云计算与云服务的推广和有效使用很大程度上取决于云提供商的可信性。本项目拟分析造成云提供商不可信的威胁模型以及典型的云计算平台体系结构，在此基础上，设计一种新的引入可信第三方TTP（Trusted Third Party）云提供商可信性审计和验证模型，并针对云平台可信证据收集、云提供商远程可信性验证、云提供商可信审计协议等关键技术进行深入研究。更进一步，为了防止TTP成为单点瓶颈或单点故障，通过云计算技术构建TTP平台，我们称为"小云审大云"。本项目拟实现原型系统，并进行定量分析、测试和评价，期望将其用于实际云计算平台中。

中文关键词： 云提供商；云计算；远程验证；可信性；可信计算

英文摘要： Cloud computing is broadly recognized as the trend of IT.However, in cloud computing mode, customers lose the direct controll of their data and application which are outsourced to or hosted by the cloud providers.The key problem to widespread use of cloud computing is the trustworhiness of cloud providers.Based on the threat model analysis and cloud computing architecture analysis, this project aims to design and implement a novel trust framework to audit and verify the trustworthiness of cloud providers. It introduces a Trusted Third Party to do the audit and verification work, uses trusted computing technologies to collect trust evidence,and designs core protocols according to the operation procedures of cloud providers. Moreover,in case of becoming the single point of failure or single point of performance bottleneck, we plan to design and implement an cloud based TTP platform, which is called "The small cloud audits the big clouds". This project plans to implement a prototype, and takes a quantitative evaluation of the prototype in order to make it to be used in real scenarios.

英文关键词： Cloud Service Providers；Cloud Computing；Remote Attestation；Trustworthiness；Trusted Computing