Bubble Enterprise Channel Channel April 23 due to the unique advantages of cloud computing and huge business prospects, cloud computing introduced mobile Internet, will make the mobile Internet system changes, and will bring many new security issues, in order to solve the cloud computing model of mobile internet security problems, We must combine the features of mobile internet technology, diversification of operation mode and diversification of users ' security requirements, and design a general cloud computing security technology architecture based on mobile internet, which integrates multi-level, multi-level, flexible, cross-platform and unified user interface according to security and service.
From the perspective of service model, the Cloud Security Alliance proposes a security reference model based on the hierarchy of three basic cloud services and its dependencies, and realizes the mapping from cloud service model to security control model. The key feature of this model is that the lower the rank of the supplier, the more security and management responsibilities The cloud service user has to undertake.
From a security synergy perspective, the Dell IT Solutions Expert Group classifies 16 possible cloud computing patterns from the physical location of the data, the state of all relationships in the cloud-related technologies and services, the boundary state of the application resources and services, the operation of the cloud services, and the 4 dimensions that affect security synergy. Different cloud computing patterns have different synergy, flexibility and security risk characteristics. Cloud service users need to choose the most appropriate cloud form based on their own business and security synergy requirements.
The Dell IT Solutions panel said that the design goals of the general cloud computing security technology architecture in mobile Internet environments include the following 6 aspects: Ensuring data security and privacy protection for different users of the mobile Internet, ensuring the security of the cloud computing platform virtualization environment, and depending on the security requirements, Provide customized security services, risk assessment and security oversight of the running cloud computing platform, secure cloud infrastructure security, build trusted cloud services, and protect the integrity and confidentiality of user-owned data.
In response to the three levels of software in the cloud computing architecture, namely service (SaaS), PAAs, and infrastructure, the service (IaaS), the cloud Security application services are constructed, including privacy data protection, encrypted data query, data integrity verification, security event warning and content security services.
In view of the characteristics of cloud computing virtualization, cloud security basic services including virtual machine security isolation, virtual machine security monitoring, virtual machine security migration and virtual machine security mirroring are also built, and virtual technology is used to span different system platforms. Cloud security infrastructure is also included in the cloud computing security technology architecture in mobile internet environments. Due to differences in user security requirements, the cloud platform should have the ability to provide cloud infrastructure services at different security levels.
Cloud computing security technology architecture in mobile Internet environment also includes a unified cloud security management platform, which includes user management, key management, authorization authentication, firewall, anti-virus, security log, early warning mechanism and audit management subsystem. The Cloud Security management platform provides comprehensive management across security domains and across security levels throughout the cloud security application services, cloud security platform services, and cloud security infrastructure services at all levels, including the operational and dimensional security of the entire system with different security domains and multiple security levels.
The architecture considers the various access modes of cloud users in mobile Internet environment, such as 2G/3G/4G, Wi-Fi and WiMAX, and has a unified cloud Security Application Service interface, and provides services such as mobile Multimedia service, mobile email, mobile payment, Web browsing and mobile search, At the same time can also provide privacy data protection, ciphertext data query, data integrity verification, security event warning and content security, such as users can directly customize the security services.
At the same time, the architecture also takes into account the entire system reference cloud security standards and evaluation system compliance checks. The application software provided by the cloud service provider must be systematically tested and evaluated by a Third-party trusted evaluation agency to determine its security risks in the mobile Internet cloud environment and set up its trust level, and the cloud application service provider cannot set the trust level of the service. Cloud users may proactively avoid the loss of customized security cloud application services that are not evaluated by a Third-party trusted evaluation agency. The testing and evaluation of cloud application service security levels also brings access specifications to cloud service providers, forcing cloud service providers to improve service quality and security awareness of cloud services.
The Dell IT Solutions Expert Group recommends that construction of general cloud computing security technology architecture in mobile Internet environment The security level of the cloud service can be applied to the user's differentiation, and it can seamlessly integrate different operating systems and heterogeneous network systems to bring a unified operation mode to the end users of different access modes.
This article only represents the author's own point of view, not related to this site, this site is not responsible for its authenticity.