云环境下学术信息资源安全保障体系构建
|
摘要
云计算的应用使得学术信息资源动态聚合、按需动态分配,为海量用户提供了灵活服务模式的同时,也使学术信息资源安全面临挑战。文章通过分析云环境下学术信息资源面临的新型安全威胁,从技术和管理两方面进行了学术信息资源安全保障体系的构建,基于安全域理论进行了安全保障技术措施的部署,同时构建了多主体的协同管理机制,进行了安全管理保障,为学术信息资源的安全保障提供参考。
The cloud computing enables dynamic allocation and distribution on demand of the academic information resources and thus can provide convenient and flexible services for a large number of users. However,cloud computing threatens the security of academic information resources. To solve this problem,the paper establishes a security system for the academic information resources, from both the technical view and the aspect of management, by analyzing the emerging security threats of the academic information resources. The security ensuring technology can be deployed based on the security domain theory. Meanwhile,multi-agent collaborative management mechanism is constructed to ensure security management and provides a reference for the security of academic information resources.
The cloud computing enables dynamic allocation and distribution on demand of the academic information resources and thus can provide convenient and flexible services for a large number of users. However,cloud computing threatens the security of academic information resources. To solve this problem,the paper establishes a security system for the academic information resources, from both the technical view and the aspect of management, by analyzing the emerging security threats of the academic information resources. The security ensuring technology can be deployed based on the security domain theory. Meanwhile,multi-agent collaborative management mechanism is constructed to ensure security management and provides a reference for the security of academic information resources.
引文
[1]万莉,吕美娇.云环境下数字学术信息资源安全保障的标准化推进[J].数字图书馆论坛,2017(7):20-23.
[2]林鑫.云环境对学术信息资源安全保障的影响[J].情报理论与实践,2017,40(11):17-21,9.
[3]Surianarayanan S,Santhanam T. Security Issues and Control Mechanisms in Cloud[C]. 2012 International Conference on Cloud Computing Technologies,Application and Management(ICCCTAM). IEEE,2012:74-76.
[4]Almorsy M,Grundy J,Mller I. An Analysis of the Cloud Computing Security Problem[EB/OL].(2016-09-05)[2018-10-02]. https://arxiv. org/abs/1609. 01107.
[5]汤飞.基于信息安全等级保护思想的云计算安全防护技术研究[D].北京:中国铁道科学研究院,2015.
[6]Information Technology Assurance Framework[EB/OL].(2018-10-01)[2018-10-01]. https://baike. baidu. com/item/ITAF/18782128.
[7]艾鹏.基于PPDRR与GRL模型的安全域划分度量方法研究[D].重庆:重庆大学,2007.
[8]Beunardeau M, Connolly A, Geraud R, Naccache D. Fully Homomorphic Encryption:Computations with a Blindfold[J]. IEEE Security&Privacy,2016,14(1):63-67.
[9]周知,吕美娇.云服务中的数字学术信息资源安全风险防范[J].数字图书馆论坛,2017(7):14-19.
[10]林鑫,胡潜,仇蓉蓉.云环境下学术信息资源全程化安全保障机制[J].情报理论与实践,2017(11):22-26.
[11]王庆刚,顾峰.基于大数据时代的高校网络安全防护的探究[J].电脑知识与技术,2018(22):34-35.
[12]张浩.面向云计算环境的虚拟边界安全防护方法研究[D].武汉:武汉大学,2014.
[13]赵宇龙.云存储中第三方审计机构在数据完整性验证中的应用[D].成都:电子科技大学,2015.
[14]曹鹏,石宇.数字学术信息云服务中的用户安全与权益保障[J].数字图书馆论坛,2017(7):24-29.
[15]周瑶.云计算环境下基于信任和角色的动态访问控制技术研究[D].南昌:南昌大学,2016.
[16]周平高.基于行为规则的数据库入侵检测研究[D].武汉:华中科技大学,2007.
[2]林鑫.云环境对学术信息资源安全保障的影响[J].情报理论与实践,2017,40(11):17-21,9.
[3]Surianarayanan S,Santhanam T. Security Issues and Control Mechanisms in Cloud[C]. 2012 International Conference on Cloud Computing Technologies,Application and Management(ICCCTAM). IEEE,2012:74-76.
[4]Almorsy M,Grundy J,Mller I. An Analysis of the Cloud Computing Security Problem[EB/OL].(2016-09-05)[2018-10-02]. https://arxiv. org/abs/1609. 01107.
[5]汤飞.基于信息安全等级保护思想的云计算安全防护技术研究[D].北京:中国铁道科学研究院,2015.
[6]Information Technology Assurance Framework[EB/OL].(2018-10-01)[2018-10-01]. https://baike. baidu. com/item/ITAF/18782128.
[7]艾鹏.基于PPDRR与GRL模型的安全域划分度量方法研究[D].重庆:重庆大学,2007.
[8]Beunardeau M, Connolly A, Geraud R, Naccache D. Fully Homomorphic Encryption:Computations with a Blindfold[J]. IEEE Security&Privacy,2016,14(1):63-67.
[9]周知,吕美娇.云服务中的数字学术信息资源安全风险防范[J].数字图书馆论坛,2017(7):14-19.
[10]林鑫,胡潜,仇蓉蓉.云环境下学术信息资源全程化安全保障机制[J].情报理论与实践,2017(11):22-26.
[11]王庆刚,顾峰.基于大数据时代的高校网络安全防护的探究[J].电脑知识与技术,2018(22):34-35.
[12]张浩.面向云计算环境的虚拟边界安全防护方法研究[D].武汉:武汉大学,2014.
[13]赵宇龙.云存储中第三方审计机构在数据完整性验证中的应用[D].成都:电子科技大学,2015.
[14]曹鹏,石宇.数字学术信息云服务中的用户安全与权益保障[J].数字图书馆论坛,2017(7):24-29.
[15]周瑶.云计算环境下基于信任和角色的动态访问控制技术研究[D].南昌:南昌大学,2016.
[16]周平高.基于行为规则的数据库入侵检测研究[D].武汉:华中科技大学,2007.