Research and design of CA certification center in cloud computing environment

Research and design of CA certification center in cloud computing environment

Beijing posts and Telecommunications Sheng Yuwei

Cloud computing as a new concept, the new service model is proposed, IT industry is another new direction. Cloud computing on-demand services, reasonable use of resources, simple deployment model and other advantages in the future can not only effectively promote the development of computers, but also can significantly improve people's lives and working methods. However, security issues have been accompanied by the development of cloud computing, but also hindered the development of cloud computing. The Certification center (CA), as the core of the public Key Infrastructure (PKI), is particularly important in terms of security. Therefore, the establishment of certification centers in the cloud computing environment has far-reaching significance. On the one hand, this paper studies security problems and solutions in cloud computing from the perspective of cloud computing security, and studies traditional public key infrastructure from traditional cryptography. By analyzing the advantages and disadvantages of the traditional public key infrastructure and cloud computing environment, the two are combined to complement each other to build the certification center in the Independent cloud computing environment and the Cloud Computing authentication Center under the mixed cloud computing environment. This paper summarizes the traditional public key infrastructure, this paper focuses on the theoretical basis of public key infrastructure and the related components of the certification center; The cloud computing and cloud security are summarized, summarizing the three service patterns and deployment patterns of cloud computing, and analyzing the security issues under cloud computing: multiuser, virtualization, Model security issues, heterogeneous platform issues, openness and funding issues. On the basis of this, two security models (Jericho Cloud Cube model, CSA model) are elaborated, and the certification center in the cloud computing environment is studied and designed, firstly, the general situation of the certification center is expounded, and then the various parts of the certification center are carried out, mainly with MIXCA initialization, Mixca Key Management, MIXCA certificate management. In order to adapt to the cloud computing environment, the traditional OCSP (?) It has been improved to design a service-based cloud environment for authentication and decryption under cloud computing environments, the security and usability of CA design in cloud computing environment are discussed in this paper. In the hybrid cloud computing environment of the CA design, first of all, the mixed cloud computing environment in the CA trust model, Then it is elaborated in several aspects: Cloud Bridge Center design, Cloud Bridge Center attribute token, Cloud Bridge Center short message mechanism and cloud Bridge Center Load device design, finally the mixed cloud computing design scheme is discussed and evaluated from the security and the high extensibility usability.

Research and design of CA certification center in cloud computing environment