Access Control

Security analysis and improvement of cloud storage access control scheme Crown Fan Hong Dudahai on Tang, Tang Y,lee p,lui j,et al. Secure Overlay Cloud with access controls and storage Deletion. IEEE transactions on dependable and Secure computing,2012,9 (6): 9 ...

As the needle cloud attacks more and more, business users must assess their cloud security controls ahead of time.   　　In this article, Dave Shackleford provides some best practices for defending against cloud attacks. Alert Logic recently released a 2014 cloud security report showing a significant increase in the number of attacks against the cloud recently.   　　But are corporate cloud infrastructures ready to fight cloud attacks? Given the increasing number of attacks against the cloud, all use ...

Research and realization of security data management system based on cloud the dream of the 祎 in this paper, a cryptographic index generation algorithm based on the underlying metadata set is proposed to encode the protected plaintext data. At the same time, based on the structural characteristics of relational database, the paper designs a database ciphertext storage model for storing ciphertext data and cipher index code. According to the query problem of database ciphertext data in Das model, this paper presents a query algorithm of ciphertext data based on filtering query technique. In the process of data query, the algorithm is first generated according to the user input of the clear text query conditions ...

May 5, 2009, IBM announced the launch of new services, hardware and software designed to improve the security of the cloud computing environment, ensure data confidentiality, and protect against application attacks. The latest research by IBM's X-force Security research team shows that global crime organizations are developing new attack technologies at an alarming rate. At the same time, companies are increasingly deploying more collaborative business models and using new IT bases, including cloud computing, virtualization and Web 2.0.

According to the CBRC statistics, in 2011, China's rural commercial banks, rural credit cooperatives, villages and towns bank more than 2000, but for a long time, these small and medium-sized banks have been with the internet has maintained a cautious boundary relationship. 2012 China's network retail market transaction scale reached 1.3 trillion, the rapid development of e-commerce touched the traditional small and medium-sized banking business transformation of the nerves, but the traditional it architecture characteristics can not support the financial business after the internet, "phenomenon-class" technical support challenges, So the financial institution's IT technology structure transformation becomes its can embrace the Internet, the business transformation rises ...

The most tempting point of cloud computing is that end users can access the cloud in any access way and enjoy the rich application and fast computing power of the cloud. Among them, the use of mobile access security issues are becoming the focus of attention.     Recently, the author interviewed the Network Kang Science and technology product Director Shaomin, understand its latest application of security gateway products NS-ASG to the enterprise private cloud mobile Access security protection. Shaomin Technology product director Next generation VPN traditional internet era, mobile access ...

HBase is a distributed, column-oriented, open source database based on Google's article "Bigtable: A Distributed Storage System for Structured Data" by Fay Chang. Just as Bigtable takes advantage of the distributed data storage provided by Google's File System, HBase provides Bigtable-like capabilities over Hadoop. HBase Implements Bigtable Papers on Columns ...

389 directory server is a full-featured, compliant, LDAPV3 Linux directory servers that evolve from Fedora directory server. In addition to standard LDAPV3 operations, it supports multiple master replications, complete online configuration and management, links, virtual properties, http://www.aliyun.com/zixun/aggregation/38609.html in Data "> Access control directives, Virtual list view, server ...

For different cloud service patterns, security concerns are not the same; there are, of course, some of the 3 models that need to be focused on security, whether it be IaaS, PaaS, or SaaS, such as data security, encryption and key management, identity and access management, security incident management, Business continuity, and so on. IaaS Layer Security Policy: IaaS covers all infrastructure resource levels from the computer room equipment to the hardware platform. The security of the IaaS layer mainly includes physical and environmental security, host Security, network security, virtualization security, interface security ...

CT-RBAC: An access control model in cloud computing environment Changlingxia Wang Zhao Lianjun Microelectronics and Computers, Microelectronics & Computer, 2014 06 Ct-rbac: An access control model in cloud computing environment

Today's market has a large number of public cloud storage services, many services require customer registration. In return for registration, many vendors also offer free cloud storage capacity. Using the 12 public cloud storage services listed in this article, you can theoretically get 112GB of free cloud storage capacity. But not all services are the same. Each service has its advantages and disadvantages, such as how much files can be uploaded? How much does it cost to extend the cloud storage space? What operating systems and mobile applications can be integrated? Of course, consider the security of each service. Listed below ...

Pepper Map Technology Today (August 30) held in Beijing 2014 product launches, officially released based on the operating system kernel reinforcement technology free server, Web site security products-Yun Yu. Mr. Ni, a researcher of Chinese Academy of Sciences, academician of China Engineering Academy, Technical advisor of the National Security Bureau, director of the Information Security Technology Engineering Center of Chinese Academy of Sciences, Kinshan teacher, director of Network Security Laboratory of the Academy of Sciences, director of Zhongguancun Network Security laboratory Liu Baoxu, and well-known internet since media people Lou, Dingdao, Lou, Zhu Yi, Wang Jiwei and so on were invited and attended the hair ...

The commercial route of large data has already opened, the data as an important component of enterprise's assets, its core is constantly highlighted. Due to the large data age data with large data, high flow rate, a wide range, unstructured and so on a series of characteristics, the threat will be diverse, complex, unprecedented. In this regard, trend science and technology that in the large data era of confrontation, enterprises need to establish a data protection as the core of the cloud Security intelligent Protection strategy, more comprehensive and rapid resolution of the infrastructure layer of Hadoop and other threats. "Unstructured data" has been forgotten. Data protection strategies also need to be synchronized ...

Research on some theories and key technologies of mixed cloud service security (ph. D.) Zhu Zhiqiang, Wuhan University This paper is based on cloud authentication and on the basis of security requirements such as authorization management, the paper studies the cloud identity management and authentication, authorization management model, cloud infrastructure security and so on, in order to improve the security of mixed cloud service. The specific research contents include: 1. The requirement of user authentication for resource access across the cloud under the hybrid cloud architecture, from the establishment of private cloud based on PKI system ...

May 5, 2009, IBM announced the launch of new services, hardware and software designed to improve the security of the cloud computing environment, ensure data confidentiality, and protect against application attacks. The latest research by IBM's X-force Security research team shows that global crime organizations are developing new attack technologies at an alarming rate. At the same time, companies are increasingly deploying more collaborative business models and using new IT infrastructures, including cloud computing, virtualization, and Web 2.0, all of which have brought new complexity to the security team ...

The advent of cloud computing has made it possible for public clients to obtain Low-cost, high-performance, fast-deployment and sea-quantified computing services. But just as a new thing brings us benefits, as well as problems, cloud computing, while bringing us economies of scale and high application usability benefits, also determines its core technical features (virtualization, resource sharing, distribution, etc.) that have a natural hidden danger in its security. For example, when data and information are stored in a "cloud" of uncertainty in the physical location, how is service security, data security, and privacy security ensured? Will these problems threaten individuals, businesses and nations ...

Cloud computing has many benefits, but there are also a number of unwelcome "peers" accompanying them. They are governance issues, authentication gateways (whether or not they are used), and security issues. Although these issues are similar to cross-cutting it areas, they are not exactly the same. True, SOA governance is the first step in transformational cloud governance, says Joe McKendrick of the Joe McKendrick Institute, which spans multiple platforms and system access services as the fundamental challenge of cloud computing. "In the cloud, a service may be called by an application, and the application is ...

Cloudera recently released a news article on the Rhino project and data at-rest encryption in Apache Hadoop. The Rhino project is a project co-founded by Cloudera, Intel and Hadoop communities. This project aims to provide a comprehensive security framework for data protection. There are two aspects of data encryption in Hadoop: static data, persistent data on the hard disk, data transfer, transfer of data from one process or system to another process or system ...

Safesquid is a Linux based content filtering HTTP1.1 agent, but also an application-level firewall, which allows administrators to control over the network who can access what, when to access and how much content. 　　It gives administrators all the http://www.aliyun.com/zixun/aggregation/38609.html "> Access control & Full content control." Safesquid offers a completely free unlimited time version, ...

For any project, the start phase is critical for delivering secure applications. Proper security requirements can lead to proper security design. The following discusses eight major issues to consider when analyzing the security requirements for Web applications. 1. Authentication and password management: This is primarily a one-off activity and is done only as part of the project. Someone may ask some questions about authentication and password management: Password Policy: This is a very important issue because of avoiding dictionary attacks related to user credentials. Password hashing algorithm: Ensure that passwords are encrypted using the appropriate encryption algorithm ...