计算机应用 ›› 2011, Vol. 31 ›› Issue (04): 952-955.DOI: 10.3724/SP.J.1087.2011.00952

• 信息安全 • 上一篇    下一篇

面向移动云计算弹性应用的安全模型

徐光侠1,2,陈蜀宇3   

  1. 1. 重庆大学 计算机学院, 重庆400030
    2. 重庆邮电大学 软件学院, 重庆 400065
    3. 重庆大学 软件学院, 重庆 400030
  • 收稿日期:2010-10-25 修回日期:2010-12-07 发布日期:2011-04-08 出版日期:2011-04-01
  • 通讯作者: 徐光侠
  • 作者简介:徐光侠 (1974-),女,重庆人,副教授,博士研究生,主要研究方向:移动计算终端、可信计算;
    陈蜀宇 (1963-),男,重庆人,教授,博士生导师,博士,主要研究方向:网络与移动计算、可信计算、分布式计算、云计算。
  • 基金资助:
    国家自然科学基金资助项目(60873100);重庆市自然科学基金资助项目(CSTC 2008BB2307);重庆市发改委高技术产业技术开发项目(20091537)

Security model of elastic applications for mobile cloud computation

Guang-xia XU1,2,Shu-yu CHEN3   

  1. 1. College of Computer Science, Chongqing University, Chongqing 400030, China
    2. School of Software, Chongqing University of Posts and Telecommunications, Chongqing 400065, China
    3. School of Software Engineering, Chongqing University, Chongqing 400030, China
  • Received:2010-10-25 Revised:2010-12-07 Online:2011-04-08 Published:2011-04-01
  • Contact: Guang-xia XU

摘要: 根据云计算资源建立了资源受限设备弹性应用的安全模型。首先介绍了由一个或多个Weblet组成的一个弹性应用程序,每个Weblet可在移动设备端或云端启动,Weblet之间可根据所处的计算环境的动态变化或用户的配置进行迁移。分析了该模式的安全性,提出建立弹性应用程序的安全设计模型,包括实现Weblet运行所在的移动设备端和云端之间的身份验证、安全会话管理和通过外部网络的访问服务。该模型解决了Weblet之间的安全迁移和授权云Weblet通过外部Web网络去访问敏感用户数据的问题。该方案能应用在云计算场景,如在企业应用环境下的私有云和公有云之间的应用集成。

关键词: 云计算, 移动设备, 弹性应用, 安全模型

Abstract: Based on elastic computing resources from clouds, a security model for elastic applications of resource-constrained devices was set up. First, an elastic application consisting of one or more Weblets was introduced. Each Weblet could be launched on a device or cloud, and could be migrated between them according to dynamic changes of the computation environment or user preferences on the device. Then, the security requirement of access pattern was analyzed. Security design model for elastic applications was proposed, which included the authentication and secure session management between Weblets running mobile device side and those on the cloud. The proposed model resolves security migration among Weblets and authorizes cloud Weblets to access sensitive user data via external Web services. The principles can be applied in cloud computation scenarios such as application integration between private and public clouds in an enterprise environment.

Key words: cloud computing, Mobile Device (MD), elastic application, security model

中图分类号: