随着云计算在学术界和工业界的兴起,云计算也不可避免的带来了一些安全问题.本文对云计算的安全需求进行了总结,指出云计算不仅在机密性、数据完整性、访问控制和身份认证等传统安全性上存在需求,而且在可信性、配置安全性、虚拟机安全性等方面具有新的安全需求.我们对云计算的两个典型产品Amazon Web Services和Windows Azure的安全状况进行了总结,并阐述了针对云计算的拒绝服务攻击和旁通道攻击.基于云计算的安全需求和面临的攻击,对现有安全机制进行了优缺点分析,系统的总结了现有的安全机制.%With the development of cloud computing in the academia and industry, it is inevitable that many security problems arise.This paper summarizes the security requirements of cloud computing, which not only cover the traditional security requirements like confidentiality,data integrity,access control and identity authentication,but also introduce new security requirements in the credibility,configuration and virtual machinery.We make conclusions about the security situations on two typical cloud computing products: Amazon Web Services and Windows Azure and elaborate two attack mechanisms against cloud computing:Denial of service attack and Side channel attack.Based on the security requirements and attacks against cloud computing, we systematically summarize the current security protection mechanisms and further make a comparison among them.
展开▼
