Due to the unique advantages of cloud computing and the huge business prospects, the introduction of mobile Internet will make the system of mobile internet change, and will bring many new security problems, in order to solve the problem of mobile internet security in cloud computing mode, we must combine the mobile Internet technology's access mode to diversify, The diversification of enterprise operation mode and the diversification of user security needs, according to the idea of security, namely service, integrated design of a multi-level, multi-level, flexible, cross-platform and unified user interface, mobile internet based general cloud computing security technology architecture.
From the perspective of service model, the Cloud Security Alliance proposes a security reference model based on the hierarchy of three basic cloud services and its dependencies, and realizes the mapping from cloud service model to security control model. The key feature of this model is that the lower the rank of the supplier, the more security and management responsibilities The cloud service user has to undertake.
The security of cloud computing under mobile Internet is very important
From a security synergy perspective, the Dell IT Solutions Expert Group classifies 16 possible cloud computing patterns from the physical location of the data, the state of all relationships in the cloud-related technologies and services, the boundary state of the application resources and services, the operation of the cloud services, and the 4 dimensions that affect security synergy. Different cloud computing patterns have different synergy, flexibility and security risk characteristics. Cloud service users need to choose the most appropriate cloud form based on their own business and security synergy requirements.
The Dell IT Solutions Expert Group said the general security technology architecture in mobile Internet environment has the following 6 aspects: ensuring the data security and privacy protection of different users under the mobile Internet, ensuring the security of the cloud computing platform virtualized operating environment, and providing customized security services according to different security requirements; Conduct risk assessment and security monitoring of the operating cloud computing platform, secure the cloud infrastructure, build trusted cloud services, and protect the integrity and confidentiality of the user's private data.
In response to the three levels of software in the cloud computing architecture, namely service (SaaS), PAAs, and infrastructure, the service (IaaS), the cloud Security application services are constructed, including privacy data protection, encrypted data query, data integrity verification, security event warning and content security services.
In view of the characteristics of cloud computing virtualization, cloud security basic services including virtual machine security isolation, virtual machine security monitoring, virtual machine security migration and virtual machine security mirroring are also built, and virtual technology is used to span different system platforms. Cloud security infrastructure is also included in the cloud computing security technology architecture in mobile internet environments. Due to differences in user security requirements, the cloud platform should have the ability to provide cloud infrastructure services at different security levels.
The security technology architecture in mobile Internet environment also includes a unified cloud security management platform, which includes user management, key management, authorization authentication, firewall, anti-virus, security log, early warning mechanism and audit management subsystem. The Cloud Security management platform provides comprehensive management across security domains and across security levels throughout the cloud security application services, cloud security platform services, and cloud security infrastructure services at all levels, including the operational and dimensional security of the entire system with different security domains and multiple security levels.
The architecture considers the various access modes of cloud users in mobile Internet environment, such as 2G/3G/4G, Wi-Fi and WiMAX, and has a unified cloud Security Application Service interface, and provides services such as mobile Multimedia service, mobile email, mobile payment, Web browsing and mobile search, At the same time can also provide privacy data protection, ciphertext data query, data integrity verification, security event warning and content security, such as users can directly customize the security services.
At the same time, the architecture also takes into account the entire system reference cloud security standards and evaluation system compliance checks. The application software provided by the cloud service provider must be systematically tested and evaluated by a Third-party trusted evaluation agency to determine its security risks in the mobile Internet cloud environment and set up its trust level, and the cloud application service provider cannot set the trust level of the service. Cloud users may proactively avoid the loss of customized security cloud application services that are not evaluated by a Third-party trusted evaluation agency. The testing and evaluation of cloud application service security levels also brings access specifications to cloud service providers, forcing cloud service providers to improve service quality and security awareness of cloud services.
The Dell IT Solutions Expert Group recommends that construction of general cloud computing security technology architecture in mobile Internet environment The security level of the cloud service can be applied to the user's differentiation, and it can seamlessly integrate different operating systems and heterogeneous network systems to bring a unified operation mode to the end users of different access modes.