Dissertation > Excellent graduate degree dissertation topics show

Logically oriented virtual domain multi -level access control system

Author: WangShengLan
Tutor: ZouDeQing
School: Huazhong University of Science and Technology
Course: Information Security
Keywords: Logic virtual domain Virtualization Access Control Security Policy Cloud Computing The flow of information
CLC: TP309
Type: Master's thesis
Year: 2011
Downloads: 53
Quote: 0
Read: Download Dissertation

Abstract


In recent years, cloud computing has become the IT research focus. Virtualization technology can effectively promote the development of cloud computing, it is a virtual machine as a unit into high-performance computer system resources, shielding the underlying hardware architecture differences. Logical virtual domain is a cloud computing environment on different service nodes multiple virtual machines in order to meet the resource requirements of distributed applications or collaborate on demand dynamic consortium consisting of its flexibility in the allocation of resources for the upper software provides an efficient execution environment . However, by the large number of logical virtual domains of IT architecture inside, the different user's task placed on the same physical machine can cause similar denial of service attacks and sensitive data leakage weaknesses and likely to cause inter-VM messaging error flow and unreasonable resource sharing, rely solely on the current mainstream Virtual Machine Manager's own security mechanisms, and can not solve the inter-domain across physical platforms isolation and resource sharing issues. In order to effectively solve the above problem, the logic-oriented virtual domain multi-level access control systems in a cloud environment for multiple virtual machine isolation between control and rational control the flow of information and resource sharing conduct research, and its main features are: first, to provide hierarchical model of strategic management and support for more than four access control policy, the logical inter-domain virtual domain layer implements Chinese wall policy; within the domain layer to achieve a multi-level security policies and discretionary access control; virtualization services in support of node layer implements a simple type strategy and can be recycled according to priority virtual machine's memory resources. Second, the security policy to the virtual machine in a transparent manner in the virtual bridge layer implemented in order to improve efficiency and reduce the loading strategy between nodes to establish secure transmission channel. Third, using the Trusted Platform Module technology to achieve a measure of remote attestation hardware platform for cloud users to create logical virtual domains provide credible assurance virtualization platform. System test results showed that: the logic-oriented virtual domain-level access control system can more effectively control information between multiple virtual machines and has a good flow of function realization, the bandwidth is 100Mbps in the case of inter-domain policy enforcement with the additional time overhead to logical virtual domain only 6% of start-up time, while comparing the two domains strategy through vertical load execution time are based on the growth in the 3s.

Related Dissertations

  1. Study on Channel Allocation of Multi-Channel MAC Protocol in Ad-Hoc Network,TN929.5
  2. The Design and Implementation of DICOM Middle Software and Access Control Model in Formation Integration Platform,TP311.13
  3. The Research of Dynamic Trust Model on Cloud Computing Platform,TP309
  4. Research on MAC Protocol for WIreless Sensor Network,TN915.04
  5. Study on the Access Control of the Court Information System,TP309
  6. French strategy to safeguard the rights of adult learning,G720
  7. Cloud-based digital library service model,G250.76
  8. Analysis of China’s Household Electrical Appliance Industry Supply Chain Integration,F426.6
  9. The Design and Implementation of Higher People’s Court Website That Based on Component and ASP Technology,TP311.52
  10. Huaiyin Institute of Technology campus card system design and security policy,TP393.18
  11. Design and Implementation of Online Shopping Prototype System Based on Hadoop,TP311.52
  12. Based on the study of resource management in the cloud environment of credibility,TP315
  13. Design and implementation of civil explosive industry online procurement system,TP311.52
  14. Design and Implementation based the Google platform promotional modules commodity module,TP311.52
  15. Research and Design of Virtual Research Center System of Yalong River Based on S2SH,TP311.52
  16. The Operation and Maintenance of ITIL Based on Cloud Computing,TP311.52
  17. The Research of Software Service Platform Based on Cloud Computing,TP311.52
  18. Fujian Telecom operation and maintenance operations audit system design and implementation,TP311.52
  19. Research on Purpose-based Access Control in Relational Database,TP311.13
  20. Research on Checking and Digesting Policy Conflicts Under Multi-Policy Environments,TP393.08
  21. Research and Implementation of Embeded Web System Security,TP393.08

CLC: > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > General issues > Security and confidentiality
© 2012 www.DissertationTopic.Net  Mobile