摘要
已有的云安全防护方法如加密、访问控制和虚拟机隔离等不能够提供数据端到端的安全防护。首先,提出了一个面向云环境的双层信息流控制模型,给出了模型的关键要素定义、集中式与分布式信息流控制规则、能力标记调整规则、标记传播规则和降密规则.然后,综合动态污点跟踪和虚拟机自省技术,设计并实现了原型系统IFCloud,可为云租户提供信息流跟踪与控制即服务,为云平台提供常见系统攻击如栈溢出、缓冲区溢出等攻击的防护机制.最后,给出了原型系统IFCloud的功能测试结果.表明IFCloud能够灵活、正确、实时地跟踪和控制云下敏感数据流.可应用于云平台下面向软件即服务的细粒度数据安全保护.
The existing security methods in the cloud such as encryption,access control,and VM isolation can not guarantee end-to-end data security. To address this problem,a double-layer information flow control model is proposed. The definition of key element, centralized and decentralized information flow rules, capability adjustment rules, label propagation rules, and declassification rules of the model are presented. Then, taking the advantages of dynamic taint tracking and virtual machine introspection technologies,a prototype system named IFCloud are designed and implemented. IFCloud achieves information flow tracking and controlling as a service for cloud tenant and provides detection methods against common system attacks such as stack and buffer overflow attack for the cloud provider. Finally, IFCloud is demonstrated to be a flexible and accurate system that tracks and controls the sensitive data flow in the cloud at runtime from the function test results, and it can be applied to protect data security at a fine-grained level for the software as a service cloud.
引文
[1]周恩光,李舟军,郭华,等.一个改进的云存储数据完整性验证方案[J].电子学报,2014,42(1):150-154.ZHOU En-guang,LI Zhou-jun,GUO Hua,et al.An improved data integrity verification scheme in cloud storage system[J].Acta Electronica Sinica,2014,42(1):150-154.(in Chinese)
[2]王小明,付红,张立臣.基于属性的访问控制研究进展[J].电子学报,2010,38(7):1660-1667.WANG Xiao-ming,FU Hong,ZHANG Li-chen.Research progress on attribute-based access control[J].Acta Electronica Sinica,2010,38(7):1660-1667.(in Chinese)
[3]肖玮,陈性元,包义保.可重构信息安全系统研究综述[J].电子学报,2017,45(5):1240-1248.XIAO Wei,CHEN Xing-yuan,BAO Yi-bao.Review of research on reconfigurable information security system[J].Acta Electronica Sinica,2017,45(5):1240-1248.(in Chinese)
[4]PRIEBE C,MUTHUKUMARAN D,O'KEEFFE D,et al.CloudSafetyNet:detecting data leakage between cloud tenants[A].Proceedings of the 6th ACM Workshop on Cloud Computing Security[C].USA:ACM,2014.117-128.
[5]PAPPAS V,KEMERLIS V P,ZAVOU A,et al.CloudFence:data flow tracking as a cloud service[A].Proceedings in Attacks,Intrusions,and Defenses[C].Berlin:Springer,2013.411-431.
[6]PASQUIER T F J M,SINGH J,BACON J,et al.An information flow control model for the cloud[A].International Conference on Cloud Computing Technology and Science[C].USA:ACM,2016.70-77.
[7]PASQUIER T F J M,BACON J,SHAND B.FlowR:aspect oriented programming for information flow control in ruby[A].Proceedings of the 13th International Conference on Modularity[C].USA:ACM,2014.37-48.
[8]PASQUIER T F J M,SINGH J,BACON J,et al.Information flow audit for PaaS clouds[A].IEEE International Conference on Cloud Engineering[C].USA:IEEE,2016.42-51.
[9]PASQUIER J M,SINGH J,BACON J.Clouds of things need information flow control with hardware roots of trust[A].IEEE,International Conference on Cloud Computing Technology and Science[C].USA:IEEE,2016.467-470.
[10]HENDERSON A,PRAKASH A,YAN L K,et al.Make it work,make it right,make it fast:building a platform-neutral whole-system dynamic binary analysis platform[A].ISSTA[C].USA:ACM,2014.248-258.
[11]李保珲,徐克付,张鹏,等.虚拟机自省技术研究与应用进展[J].软件学报,2016,27(6):1384-1401.LI Bao-hui,XU Ke-hu,ZHANG Peng,et al.Research and application progress of virtual machine introspection technology[J].Journal of Software,2016,27(6):1384-1401.(in Chinese)
[12]吴泽智,陈性元,杨智,等.信息流控制研究进展[J].软件学报,2017,28(1):135-159.WU Ze-zhi,CHEN Xing-yuan,YANG Zhi et al.Survey on information flow control[J].Journal of Software,2017,28(1):135-159.(in Chinese)