题名

雲端運算環境中資料安全性之探討

并列篇名

The study of data security in cloud computing environments

DOI

10.6828/KSU.2012.00004

作者

楊貴清

关键词

雲端運算 ; 資料安全 ; 備援系統 ; 資料遷 ; cloud computing ; data security ; backup systems ; data migration

期刊名称

崑山科技大學資訊管理研究所學位論文

卷期/出版年月

2012年

学位类别

碩士
导师

羅仕堂
内容语文

繁體中文
中文摘要

雲端運算目前已是學術研究的焦點議題,其商業性應用也逐漸成為趨勢。雖然,雲端運算中關於檔案資料之可用性、完整性是主要的研究主題,但隨之衍生的資料安全性議題卻逐漸演變為攸關雲端存敗的關鍵點。因此本研究擬架構一雲端檔案資料備援系統,以提高雲端運算下檔案資料可用性與降低資料完整性的安全威脅,達到企業使用者能夠信賴雲端運算之環境。再者,由於雲端運算導入初期,大多數的組織機構在將檔案資料從原本的資訊設備內遷移至雲端平台時,均面臨資料量太大衍生出網路頻寬無法負荷之情形,及以手動方式遷移數量龐大的檔案時極易出錯之困境。此外,在考慮功能之更完備、更易運用及更具商業價值的前提下,本研究特別將檔案資料遷移至雲端的功能,整合加入本研究建立之雲端檔案備援系統中,並加入提升資料安全性之設計,透過此資料安全之設計,以降低企業運用雲端環境時的安全疑慮和憂心、提升企業對雲端運算的接受度,並進而使雲端處處更易於推廣。
英文摘要

Cloud computing is already the major topic of the computer science research; its commercial application has become a new trend. File data availability, integrity are the major research topic in cloud computing. The security issues become the key of success while the information retrieval from the data deposit of the cloud computing environment. Therefore, this study is try to create a cloud backup system, in order to increase the file data availability, to reduce the integrity of security threats. This system can achieve the objective which users can believe the cloud computing environment. Furthermore, in the earlier cloud computing most of the business archives are migrated data from the local storage devices into the cloud platform. Such applications are confronted with the overloading of network bandwidth, and manually operation of data migration will induce the error easily. Therefore, the migration function for file data to the cloud platform system is constructed in a cloud environment in this research, and enhances the function to more completeness and easier to use. For the commercial application consideration, the proposed system developed the cloud file backup utilization to increase data security. This research consists mainly of three parts: the first is described how to build an operating environment for Apache, PHP, Java program, the Linux operating system environment; the second is followed by the establishment the interface of a users to browse and download the backup files; Finally, there are some modules are presented in the design of the FTP server to migrate files, including the program module and communication cloud platform of redundancy department program modules. In this system, it integrated system environment, interface modules and associated files database structure. And these operations are expressed in a logical procedure of these programs. After the implementation and verification, the proposed system in this study can provide users with a security and convenience cloud backup system.
主题分类 資訊科技學院 > 資訊管理研究所
社會科學 > 管理學
参考文献
  1. and Emerging IT Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility,” Future Generation Computer Systems, Vol. 25, No. 6, pp. 599-616, June 2009.
    連結:
  2. [8] B. P. Rimal, E. Choi, and I. Lumb, “A Taxonomy and Survey of Cloud
    連結:
  3. [9] P. Hofmann and D. Woods, “Cloud Computing: the Limits of Public Clouds for
    連結:
  4. Business Applications,” IEEE Internet Computing, Vol. 14, No. 6, pp.90-93,
    連結:
  5. November 2010.
    連結:
  6. Infrastructure Management in Private and Hybrid Clouds,” IEEE Internet Computing, Vol. 13, No. 5, pp. 14-22, September 2009.
    連結:
  7. Brandic, “Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility”, Future Generation Computer Systems, Volume 25, Issue 6, June 2009.
    連結:
  8. [37] “Introduction to Cloud Computing architecture White Paper”, Sun Microsystems,
    連結:
  9. [40] Wikipedia (2012, June 22). Cloud computing. Retrieved June 22, 2012,
    連結:
  10. April 5, 2011.
    連結:
  11. [44] A Platform Computing Whitepaper, ‘Enterprise Cloud Computing:Transforming
    連結:
  12. IT’, Platform Computing, pp6, viewed 13 March 2010.
    連結:
  13. [45] Dooley B, 2010, ‘Architectural Requirements Of The Hybrid Cloud’,
    連結:
  14. Information Management Online, viewed 10 February 2010, from
    連結:
  15. [47] Wikipedia(2012, February 9). Data feed. Retrieved February 9, 2012,
    連結:
  16. [53] Wikipedia(2012, May 12). MIME. Retrieved May 12, 2012,
    連結:
  17. [54] Wikipedia(2012, June 23). Atom(standard). Retrieved June 23, 2012,
    連結:
  18. February 14, 2012, http://commons.apache.org/net/.
    連結:
  19. [59] Wikipedia(2012, June 15). EBCDIC. Retrieved June 15, 2012,
    連結:
  20. [64] Wikipedia(2012 June 22). Ajax (programming). Retrieved June 22, 2012,
    連結:
  21. [65] 劉家驊, 洪士凱, “雲端運算資料安全防護機制”, Proc. of the 2010
    連結:
  22. Conference on Computer Vision, Image Processing and Information Technology, Ching Yun University, Zhongli, Jun. 9, 2010.
    連結:
  23. [67] Ramgovind S, Eloff MM, Smith E. “The Management of Security in Cloud
    連結:
  24. [70] Cloud Security Alliance, “Security Guidance for Critical Areas of Focus in
    連結:
  25. [71] 蔡一郎, ”雲端運算與雲端安全架構”, Cloud computing and Network security,
    連結:
  26. [74] Dimitrios Zissis, Dimitrios Lekkas, “Addressing cloud computing security
    連結:
  27. Computing and Communications, Dalian, China, 2008. Los Alamitos, CA, USA:
  28. IEEE CS Press, 2008:5-13.
  29. [7] R. Buyya, C. S. Yeo, S. Venugopal, J. Broberg, and I. Brandic, “Cloud omputing
  30. Computing Systems,” the fifth International Joint Conference on INC, IMS and IDC (NCM '09), 2009.
  31. [10] B. Sotomayor, R. S. Montero, I. M. Llorente, and I. Foster, ”Virtual
  32. [11] IDC. IT Cloud Services User Survey, pt.2: Top Benefits & Challenges[R/OL].
  33. (2008-10-2)[2009-01-21]. http://blogs.idc.com/ie/?p=210.
  34. [12] CERT/CC. Full Statistics[R/OL]. (2009-02-12)[2010-01-14].
  35. 111
  36. http://www.cert.org/stats.
  37. cloud-computing-to-bring-security-app-shift-report-says.aspx.
  38. [33] Turner T. Hey! You! Get Off My Cloud: Computing Security Policies in the
  39. Virtual Environment[R/OL]. (2008-12-15)[2009-02-18].
  40. http://www.wwpi.com/software-/software/6460-hey-you-get-off-my-cloud-computing-security-policies-in-the-virtual-environment.
  41. [34] Global Secure Systems. Cloud Computing Concerns over Malware Hosting
  42. [R/OL]. (2009-01-26)[2009-02-17]. http://www.prosecurityzone.com/Customisa
  43. tion/News/IT_Security/Anti-virus_and_anti-malware_software/Cloud_computing_concerns_over_malware_hosting.asp.
  44. [35] “Google App Engine”, http://code.google.com/intl/zh-TW/appengine.
  45. [36] RajkumarBuyya, Chee Shin Yeo, Srikumar Venugopal, James Broberg, Ivona
  46. June 2009.
  47. [38] Axel Buecker, Koos Lodewijkx, Harold Moss, Kevin Skapinetz and Michael
  48. Waidner, Cloud Security Guidance‖ IBM Recommendations for the Implementation of Cloud Security, November 2, 2009.
  49. [39] ProductionScale (2008, April 24). Cloud Computing: Get Your Head in
  50. the Clouds. Retrieved April 3, 2009, from
  51. http://www.productionscale.com/home/2008/4/24/cloud-computing-getyour-
  52. head-in-the-clouds.html.
  53. 113
  54. http://en.wikipedia.org/wiki/Cloud_computing.
  55. [41] Network World (2008, September 9). Cloud computing hype spurs
  56. confusion. Retrieved April 3, 2009, from
  57. http://www.networkworld.com/news/2008/092908-cloud-computing-de
  58. finitions.html?fsrc=netflash-rss.
  59. [42] Information Age (2008, June 16). What Is Cloud Computing? Retrieved
  60. April 3, 2009, from
  61. http://www.infoage.idg.com.au/index.php/id;909486215;fp;4;fpid;1051
  62. 515815.
  63. [43] 葉建偉, 雲計算系統中作業安全技術研究, 中國學術期刊電子雜誌出版社,
  64. http://www.information-management.com/news/hybrid-cloudarchitectural-
  65. requirements-10017152-1.html.
  66. [46] Global Netoptex Incorporated , 2009, Demystifying the cloud. Important
  67. opportunities, crucial choices, http://www.gni.com, pp 4-14, viewed 13
  68. December 2009.
  69. http://en.wikipedia.org/wiki/Data_feed.
  70. [48]Wikipedia(2012, June 23). Transport Layer Security. Retrieved June 23, 2012,
  71. http://en.wikipedia.org/wiki/Secure_Socket_Layer.
  72. [49] Wikipedia(2012, June 13). HTTP Secure. Retrieved June 13, 2012,
  73. http://en.wikipedia.org/wiki/HTTP_Secure.
  74. [50] Wikipedia(2012, June 21). Oauth. Retrieved June 21, 2012,
  75. http://en.wikipedia.org/wiki/OAuth.
  76. [51] Google(2012, April 20).ClientLogin for Installed Applications . Retrieved April
  77. 20, 2012, https://developers.google.com/accounts/docs/AuthForInstalledApps.
  78. [52] Google(2012, April 20). AuthSub for Web Applications. Retrieved April 20,
  79. 2012 , https://developers.google.com/accounts/docs/AuthSub.
  80. http://en.wikipedia.org/wiki/MIME.
  81. http://en.wikipedia.org/wiki/Atom_(standard).
  82. [55] Wikipedia(2012, May 13). Metadata. Retrieved May 13, 2012,
  83. 114
  84. http://en.wikipedia.org/wiki/Metadata.
  85. [56] Wikipedia(2012, June 5). HTTP ETag. Retrieved June 5, 2012,
  86. http://en.wikipedia.org/wiki/HTTP_ETag.
  87. [57] Widipedia(2012, June 7). Access control list. Retrieved June 7, 2012,
  88. http://en.wikipedia.org/wiki/Access_control_list.
  89. [58] Apache Commons(2012, February 14). Apache Commons Net. Retrieved
  90. http://en.wikipedia.org/wiki/EBCDIC.
  91. [60] github, Studio-42/elFinder. https://github.com/Studio-42/elFinder/wiki.
  92. [61] jQuery. Documentation. http://docs.jquery.com/Main_Page.
  93. [62] http://jqueryui.com/.
  94. [63] Wikipedia(2012, June 8).Internationalization and localization. Retrieved June 8,
  95. 2012, http://en.wikipedia.org/wiki/Internationalization_and_localization.
  96. http://en.wikipedia.org/wiki/Ajax_(programming).
  97. [66] 楊文誌(民99)。雲端運算Cloud Computing 技術指南。台北市:松崗。
  98. Computing”, 2010, IEEE.
  99. [68] ISO. ISO 7498-2:1989. Information processing systems- Open Systems
  100. Interconnection. ISO 7498-2.
  101. [69] Dlamini M T, Eloff M M and Eloff J H P, ‘Internet of People, Things and
  102. Services – The Convergence of Security, Trust and Privacy’, 2009.
  103. Cloud Security V2.1”, December 2009, pp.13-69.
  104. Communications of the CCISA, Vol. 16, No. 4, Oct. 2010.
  105. [72] 彭秀琴,張念慈(2010),「雲端運算下資訊安全之探討」,經建會管制
  106. 考核處。
  107. [73] 朱智強, 混合雲服務安全若干理論與關鍵技術研究, 中國學術期刊電子雜
  108. 誌出版社, March 18, 2011.
  109. Issues”, Future Generation Computer Systems, Volume 28, Issue 3, March 2012, Pages 583–592.
  110. [75] Ali Asghary Karahroudy, “Security Analysis and Framework of Cloud
  111. 115
  112. Computing with Parity-Based Partially Distributed File System”, UMI Dissertation Publishing, July 2011.
  113. [76] https://www.dropbox.com/tour.
  114. [77] https://www.backupify.com/features.
  115. [78] https://www.sugarsync.com/?source=myss.
  116. [79] http://www.zmanda.com/cloud-backup-taiwan.html.
  117. [80] http://www.chmost.com/index.php/astaro/mail-archiving.html.
  118. [81] https://www.asuswebstorage.com/navigate/features/.
  119. [82] http://www.hitachibackup.com/.
  120. [83] http://www.asigra.com/.
  121. [84] http://mozy.com/products/.
  122. [85] http://aws.amazon.com/s3/.
print cancel