虚拟化IaaS环境安全域与访问控制模型研究
|
摘要
针对虚拟化IaaS(Infrastructure as a Service)环境下的安全隔离及访问控制问题进行了研究,通过系统地研究IaaS环境下的安全隔离与访问控制需求,以安全域划分原则为指导,从网络基础设施、域边界管控、安全支撑性基础设施方面综合考虑,系统地构建了IaaS平台网络安全域模型;并重点针对IaaS平台特有的共享多租户环境,抽象了租户域要素并构建了租户域模型.进一步地,在所构建的安全域模型的基础上,结合云计算环境下资源动态性、云资源具有时效性等因素,从用户业务会话访问控制的角度出发,基于RBAC(Role-Based Access Control)模型及UCON(Usage CONtrol)模型构建了包括用户、角色、权限、资源、授权规则等元素的云资源访问控制模型CloudAC,从而保障虚拟化IaaS环境下用户对云资源访问的安全性.实践表明,依据提出的安全域模型构建的云计算IaaS环境,可以有效地保障不同业务功能网络的安全隔离;利用基于租户域或租户子域构建的隔离网络环境,可以在较小的管理与资源开销下为租户提供灵活的域划分能力,让租户可以依据业务安全需求自主构建隔离与边界可控的网络环境,消除了传统方式下进行网络分段时对物理网络或物理防火墙的配置需求;并使业务环境具有纵深防御能力.同时,依据所构建的云资源访问控制模型,可以灵活构建具有权限分离、用户属性与云资源属性约束、云资源租赁时间约束、虚拟机资源隔离性增强特性的云资源访问控制系统,且相关属性与约束元素可结合业务需求按需扩充,从而能够更好地满足云环境下具有多租户共享、动态特性的云资源访问控制需求.
To stratify the requirements of safety isolation of different business functions networks and access control of cloud resources in IaaS( Infrastructure as a Service) environments,according to the principles of network security domain division,and taking into account network infrastructure,access control of domain perimeter,and security supporting,a security domain model for virtualization IaaS environment was constructed systematically. And focusing on the multi-tenant environment in IaaS platform,the essential factors of the tenant network domain were abstracted and a tenant domain model was constructed. Moreover,based on the above security domain model for virtualization IaaS environment and RBAC( Role-Based Access Control) model and UCON( Usage CONtrol)model,and taking account of the factors of dynamic nature and time sensitive of cloud resource,an access control model for cloud resource that named CloudAC was constructed to ensure cloud resources were accessed and delivered legitimately and securely from the perspective of access control of users' business sessions,which contains factors of users,roles,permissions,resource,authorization rules and etc.. The results showed that by employing the security domain model to construct network architecture,the tenant network domain or sub-domain environment could be built with consuming little management cost and computing resource,which eliminated configuration requirements for physical networks or physical firewalls effectively when network segmentation was performed and have the prosperity of defense-in-depth according to the business isolation and security requirements.,and the security isolation of different business networks could be ensured. Moreover,a flexible cloud resources management system cloud be constructed effectively by employing the access control model,which had the extensible properties of privilege separation,attributes constraints for user subject and cloud resource object,lease time constraints for cloud resources,and enhanced security isolation for virtual machines. The CloudAC model was more suitable to satisfy the requirements of access control of cloud resources that had the characteristics of multi-tenant shared and dynamic.
To stratify the requirements of safety isolation of different business functions networks and access control of cloud resources in IaaS( Infrastructure as a Service) environments,according to the principles of network security domain division,and taking into account network infrastructure,access control of domain perimeter,and security supporting,a security domain model for virtualization IaaS environment was constructed systematically. And focusing on the multi-tenant environment in IaaS platform,the essential factors of the tenant network domain were abstracted and a tenant domain model was constructed. Moreover,based on the above security domain model for virtualization IaaS environment and RBAC( Role-Based Access Control) model and UCON( Usage CONtrol)model,and taking account of the factors of dynamic nature and time sensitive of cloud resource,an access control model for cloud resource that named CloudAC was constructed to ensure cloud resources were accessed and delivered legitimately and securely from the perspective of access control of users' business sessions,which contains factors of users,roles,permissions,resource,authorization rules and etc.. The results showed that by employing the security domain model to construct network architecture,the tenant network domain or sub-domain environment could be built with consuming little management cost and computing resource,which eliminated configuration requirements for physical networks or physical firewalls effectively when network segmentation was performed and have the prosperity of defense-in-depth according to the business isolation and security requirements.,and the security isolation of different business networks could be ensured. Moreover,a flexible cloud resources management system cloud be constructed effectively by employing the access control model,which had the extensible properties of privilege separation,attributes constraints for user subject and cloud resource object,lease time constraints for cloud resources,and enhanced security isolation for virtual machines. The CloudAC model was more suitable to satisfy the requirements of access control of cloud resources that had the characteristics of multi-tenant shared and dynamic.
引文
[1]Brunette G,Mogull R. Security guidance for critical areas of focus in cloud computing v3. 0[M]. Toronto:Cloud Security Alliance,2011.
[2]Badger ML,Grance T,Patt-Corner R,et al. Cloud computing synopsis and recommendations[J]. NIST Special Publication,2012,800(146):1-84.
[3]CSA. SecaaS implementation guidance[M]. Toronto:Cloud Security Alliance,2012.
[4]Ramaswamy Chandramouli. Secure virtual network configuration for virtual machine(VM)protection[J]. NIST Special Publication,2015,800(125B):1-27.
[5]Convery Sean. Network security architectures[M]. Beijing:Posts&Telecom Press,2013.
[6]MailléEric,Mennecier René-Francois. VMware vSphere5 building a virtual datacenter[M]. Old Tappan:Pearson Education,Inc.,2013.
[7] Zhang Yu-qing,Wang Xiao-fei,Liu Xue-feng,et al. Survey on cloud computing security[J]. Journal of Software,2016,27(6):1328-1348.
[8] Gai S,Salli T,Andersson R. Cisco unified computing system(UCS)(data center):a complete reference guide to the cisco data center virtualization server architecture[M]. Old Tappan:Pearson Education,2010.
[9]Lee G. Cloud networking:understanding cloud-based data center networks[M]. San Francisco:Morgan Kaufmann Publishers Inc.,2014.
[10]Denton James. Learning open stack networking(neutron)[M].Birmingham:Packt Publishing Ltd,2014.
[11]Cabuk S,Dalton C I,Eriksson K,et al. Towards automated security policy enforcement in multi-tenant virtual data centers[J]. Journal of Computer Security,2010,18(1):89-121.
[12]Gerges S,Khattab S,Hassan H,et al. Scalable multi-tenant authorization in highly-collaborative cloud applications[J]. International Journal of Cloud Computing and Services Science(IJ-Closer),2013,2(2):106-115.
[13]Lu Zhi-gang,Jiang Zheng-wei,Liu Bao-xu. A virtual network access control method based on VxLAN[J]. Computer Engineering,2014,40(8):86-90.
[14]Paladi N,Michalas A,Gehrmann C. Domain based storage protection with secure access control for the cloud[C]. Proceedings of the 2nd International Workshop on Security in Cloud Computing,ACM,2014:35-42.
[15]Wang Yu-ding,Yang Jia-hai,Xu Cong,et al. Survey on access control technologies for cloud computing[J]. Journal of Software,2015,26(5):1129-1150.
[16]Wang Bin-feng,Su Jin-shu,Chen Lin. Reviewof the design of data center network for cloud computing[J]. Journal of Computer Research and Development,2016,53(9):2085-2106.
[17]Li Dan,Chen Gui-hai,Ren Feng-yuan,et al. Data center network research progress and trends[J]. Chinese Journal of Computers,2014,37(2):259-274.
[18]Chen L,Chen X S,Jiang J F,et al. Research and practice of dynamic network security architecture for Iaa S platforms[J]. Tsinghua Science and Technology,2014,19(5):496-507.
[19] Han Zhen-yang,Chen Xing-shu,Hu Liang,et al. Communication access control method based on software defined networking for virtual machines in Iaa S platforms[J]. Journal of Computer Application,2015,35(5):1262-1266.
[20]Chen Xing-shu,Hu Liang,Chen Guang-rui,et al. Security service access method for virtual network[J]. J. Huangzhong Unvi. of Sec.&Tech,(Natural Science Edition),2016,44(3):49-54.
[7]张玉清,王晓菲,刘雪峰,等.云计算环境安全综述[J].软件学报,2016,27(6):1328-1348.
[13]卢志刚,姜政伟,刘宝旭.一种基于VXLAN的虚拟网络访问控制方法[J].计算机工程,2014,40(8):86-90.
[15]王于丁,杨家海,徐聪,等.云计算访问控制技术研究综述[J].软件学报,2015,26(5):1129-1150.
[16]王斌锋,苏金树,陈琳.云计算数据中心网络设计综述[J].计算机研究与发展,2016,53(9):2085-2106.
[17]李丹,陈贵海,任丰原,等.数据中心网络的研究进展与趋势[J].计算机学报,2014,37(2):259-274.
[19]韩贞阳,陈兴蜀,胡亮,等.基于软件定义网络的Iaa S虚拟机通信访问控制方法[J].计算机应用,2015,35(5):1262-1266.
[20]陈兴蜀,胡亮,陈广瑞,等.虚拟网络环境下安全服务接入方法[J].华中科技大学学报(自然科学版),2016,44(3):49-54.
[2]Badger ML,Grance T,Patt-Corner R,et al. Cloud computing synopsis and recommendations[J]. NIST Special Publication,2012,800(146):1-84.
[3]CSA. SecaaS implementation guidance[M]. Toronto:Cloud Security Alliance,2012.
[4]Ramaswamy Chandramouli. Secure virtual network configuration for virtual machine(VM)protection[J]. NIST Special Publication,2015,800(125B):1-27.
[5]Convery Sean. Network security architectures[M]. Beijing:Posts&Telecom Press,2013.
[6]MailléEric,Mennecier René-Francois. VMware vSphere5 building a virtual datacenter[M]. Old Tappan:Pearson Education,Inc.,2013.
[7] Zhang Yu-qing,Wang Xiao-fei,Liu Xue-feng,et al. Survey on cloud computing security[J]. Journal of Software,2016,27(6):1328-1348.
[8] Gai S,Salli T,Andersson R. Cisco unified computing system(UCS)(data center):a complete reference guide to the cisco data center virtualization server architecture[M]. Old Tappan:Pearson Education,2010.
[9]Lee G. Cloud networking:understanding cloud-based data center networks[M]. San Francisco:Morgan Kaufmann Publishers Inc.,2014.
[10]Denton James. Learning open stack networking(neutron)[M].Birmingham:Packt Publishing Ltd,2014.
[11]Cabuk S,Dalton C I,Eriksson K,et al. Towards automated security policy enforcement in multi-tenant virtual data centers[J]. Journal of Computer Security,2010,18(1):89-121.
[12]Gerges S,Khattab S,Hassan H,et al. Scalable multi-tenant authorization in highly-collaborative cloud applications[J]. International Journal of Cloud Computing and Services Science(IJ-Closer),2013,2(2):106-115.
[13]Lu Zhi-gang,Jiang Zheng-wei,Liu Bao-xu. A virtual network access control method based on VxLAN[J]. Computer Engineering,2014,40(8):86-90.
[14]Paladi N,Michalas A,Gehrmann C. Domain based storage protection with secure access control for the cloud[C]. Proceedings of the 2nd International Workshop on Security in Cloud Computing,ACM,2014:35-42.
[15]Wang Yu-ding,Yang Jia-hai,Xu Cong,et al. Survey on access control technologies for cloud computing[J]. Journal of Software,2015,26(5):1129-1150.
[16]Wang Bin-feng,Su Jin-shu,Chen Lin. Reviewof the design of data center network for cloud computing[J]. Journal of Computer Research and Development,2016,53(9):2085-2106.
[17]Li Dan,Chen Gui-hai,Ren Feng-yuan,et al. Data center network research progress and trends[J]. Chinese Journal of Computers,2014,37(2):259-274.
[18]Chen L,Chen X S,Jiang J F,et al. Research and practice of dynamic network security architecture for Iaa S platforms[J]. Tsinghua Science and Technology,2014,19(5):496-507.
[19] Han Zhen-yang,Chen Xing-shu,Hu Liang,et al. Communication access control method based on software defined networking for virtual machines in Iaa S platforms[J]. Journal of Computer Application,2015,35(5):1262-1266.
[20]Chen Xing-shu,Hu Liang,Chen Guang-rui,et al. Security service access method for virtual network[J]. J. Huangzhong Unvi. of Sec.&Tech,(Natural Science Edition),2016,44(3):49-54.
[7]张玉清,王晓菲,刘雪峰,等.云计算环境安全综述[J].软件学报,2016,27(6):1328-1348.
[13]卢志刚,姜政伟,刘宝旭.一种基于VXLAN的虚拟网络访问控制方法[J].计算机工程,2014,40(8):86-90.
[15]王于丁,杨家海,徐聪,等.云计算访问控制技术研究综述[J].软件学报,2015,26(5):1129-1150.
[16]王斌锋,苏金树,陈琳.云计算数据中心网络设计综述[J].计算机研究与发展,2016,53(9):2085-2106.
[17]李丹,陈贵海,任丰原,等.数据中心网络的研究进展与趋势[J].计算机学报,2014,37(2):259-274.
[19]韩贞阳,陈兴蜀,胡亮,等.基于软件定义网络的Iaa S虚拟机通信访问控制方法[J].计算机应用,2015,35(5):1262-1266.
[20]陈兴蜀,胡亮,陈广瑞,等.虚拟网络环境下安全服务接入方法[J].华中科技大学学报(自然科学版),2016,44(3):49-54.