摘要
云计算是一个庞大的系统,其规模大小与复杂程度决定了解决云计算安全问题的难易程度。云平台的安全管控是科技、规章和行为的复杂组合。云计算环境的系统整体连通性和各级数据的完整性需综合考虑典型特征的网络、系统、应用和用户等诸多因素,将各解决方案相互联合、综合设计,才能保护云平台安全。本文将围绕云计算虚拟化平台,展开基于云计算虚拟化平台的安全基线配置及核查方法的研究,并由此设计云平台安全基线自动化核查技术。在此基础上,提出面向云平台组件安全基线配置的安全管控方法,旨在降低云计算虚拟化平台中各组件可能因配置不当所造成的安全风险,确保云平台系统安全、稳定地运行。
Cloud computing is a huge system,and its size and complexity determine the difficulty degree to solve cloud computing security problems. Security management of cloud platforms is a complex combination of technology, regulations and behavior. The overall connectivity of the cloud computing environment and the integrity of the data at all levels need to take into account the typical characteristics of the network, systems, applications, users and other factors, and the solutions can be combined and integrated to protect the security of the cloud platform. This paper focuses on the cloud computing virtualization platform, researches on the security baseline configuration and verification method based on cloud computing virtualization platform, and designs the cloud platform security baseline automatic verification technology. On this basis, the security management method for cloud platform component security baseline configuration is proposed to reduce the security risks caused by improper configuration of components in the cloud computing virtualization platform and ensure the safe and stable operation of the cloud platform system.
引文
[1]潘小明,张向阳,沈锡镛,等.云计算信息安全测评框架研究[J].计算机时代,2013(10):22-25.
[2]王惠莅,拐晨,拐建军.美国云计算安全FedRAMP项目研究[J].信息技术与标准化,2012(8):34-37.
[3]孙铁.创建自主可控的业务系统安全基线技术体系[J]信息网络安全,2009(5):19-20.
[4]李晨,王伟.安全基线控制在风险管理过程中的应用[J]网络安全技术与应用,2009(9):4-7.
[5]桂永宏.业务系统安全基线的研究及应用[J].计算机安全.2001(10):23-27.