| 摘要: | 研究期間:10108~10207;Recently cloud computing has attracted much attention from the public and cloud-based applications become more and more popular. However, for legal concern and risk control, enterprises that value security usually only hand over part of their work to a public cloud and use their private cloud to handle their key work. Hence, demands for cross-cloud computing become more and more popular. Currently, solutions of security management of cross-cloud computing are mainly provided by the cloud computing service providers. However, these solutions may not satisfy the following requirements that enterprises need. First, both a public cloud and a private cloud must adopt the same security policy. Second, once a company changes her security policy, the clouds must make the corresponding management adjustment. Third, a company must be able to directly control the cloud security mechanism in a centralized way. Fourth, packets belongs to a company should not travel through the clouds used by a different company. As a result, for the popularity and feasibility of cloud computing, security management of cross-cloud computing becomes a critical issue. This project is a subproject of the integrated project---“On the Research of NetFPGA Based Security Management Mechanisms for Future Inter-Cloud Computing System”. This project tries to achieve the following three goals. First, develop some algorithms, techniques, and mechanisms that can satisfy the requirements that cross-cloud computing management needs. Second, to satisfy the high-speed communication requirement of cross-cloud computing and to continue the research result of our team in our previous NetFPGA project, we will modify the structure of open-flow switch, using iBF (In-packet Bloom Filter) to achieve both of the path hidden and the information isolation that are based on the theory of Erasure Code Distributed Storage System to achieve the safety of these security mechanisms. We plan to finish this project in three years. In the first year, we will design solutions for Inter-Cloud computing and develop related modules. In the second year, we will implement our method in a NetFPGA card and make related tests. In the third year, we will work with other team to make various tests on an iGENT platform. Research results of the above phase will be published on papers. |
