English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113311/144292 (79%)
Visitors : 50928616      Online Users : 956
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/77389


    Title: 混合雲之用戶身份認證、檔案授權及權責---雲端運算資安與互通性之基礎研究
    Other Titles: Authentication, Authorization and Accountability of Hybrid Cloud---A Fundamental Research into the Security and Interoperability of Clouds
    Authors: 姜國輝
    Contributors: 資訊管理學系
    Date: 2014
    Issue Date: 2015-08-05 12:09:20 (UTC+8)
    Abstract: 繼網際網路蓬勃發展後,吾人的工作與生活變得更為便利。雲端運算問世之後, 更多用戶將其做資料備份與發佈的平台。用戶常用雲端的方案有以下三種:即公有雲 (Public Cloud)、私有雲(Private Cloud)及混合雲(Hybrid Cloud)。使用公有雲將服務與資 料儲存交由雲端提供商託管,例如使用 Google Apps、G-mail,以減少企業內部的成本。 用戶亦可建置私有雲,以提供檔案備援與內部服務。另外,用戶可結合公有雲與私有 雲以構成混合雲,即使用公有雲儲存敏感度不高之資料並將敏感度較高的資料存至私 有雲或本地端。如此地在混合雲環境混用數位資財的狀況下,本地端與雲端資料的一 致性成為關鍵性的問題。雖然,以長期的眼光看來,用戶使用雲端運算可以獲利,然 而不同地點之資料的一致性問題卻會讓用戶裹足不前。其問題來自於兩方面: 首先是” 資訊混亂”的問題,它源自於不同地點的資料版本不一;其次的問體是”管理危機”,它 肇因於不可靠的資料存取。 本研究將探討用戶在使用混合雲時遇到的安全控管及互通性問題,即用戶帳號認 證,存取權限管理以及用戶權責。本計畫將研究使用開放標準 OpenID 與 O'Auth 來 進行對公有雲的帳號認證、檔案存取授權及管控,以開發出一個跨本地端電腦或私有 雲與公有雲帳號與檔案內容權限之管理與權責同步系統。在本研究中,我們將將結合 多個主流公有雲平台(例如 Google App/GAE、Apple iCloud、MS Azure、FaceBook 等), 以及 Hadoop 為本之私有雲平台、本地端則包含多種作業系統之電腦主機,例如 Linux、 Ms-Windowsc 和 OS X 等。其間,用戶由任一本地端主機登入後,可以處理對應的雲 端之身分認證及獲得資料存取權。如此,本系統可解決在公有雲、私有雲與本地端系 統多重帳號的困擾以及組織人員由外部存取與內部存取時的權限不足或檔案版本不同 的問題。整體而言,我們將根據 CMMI 來校驗系統的功能性、可靠性和一致性,以展 現此一方法的可用性與卓越性。
    With the benefit from public cloud, users are able to utilize their business information in lower cost but higher efficiency. Integrity between local storages and the clouds is a critical issue which often messes up the users’ digital assets in a hybrid cloud environment. The downside makes the users reluctant to embrace cloud technology, though they may benefit from it in the long-term. The drawback comes from two aspects: “the information chaos” and “the management crisis”. The chaos originates from the possibility of information inconsistency among replicas in different places. The managerial crisis lies in the non-trustable access to the digital assets. This research aims to solve the Hybrid Cloud security control and interoperability issues such as Authentication as well as Access Right Authorization and consequent Accountability. The research refers to the de facto open standards, viz. OpenID and O`Auth to facilitate Authentication, Access Right Authorization and Accountability for the Hybrid Cloud environments. The mechanisms are implemented for a cross-platform which encompasses local hosts with different OS, the private cloud based on Hadoop, and the mainstream platforms as the public cloud scenario, such as Google Apps/GAE, Apple’s iCloud, FaceBook etc. Users can launch the login from whatever a local host and then deal with Access Right Permissions on the respective clouds. Last but not least, we will validate, according to CMMI, the functionality, reliability and integrity of the solutions to show the superiority and applicability of our approach.
    Relation: MOST103-2221-E004-014
    PB10308-1549
    Data Type: report
    Appears in Collections:[Department of MIS] NSC Projects

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML2758View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback