基於Xen之雲端虛擬網路自動建置與管理研究－以CSEP雲端安全實驗平台為例

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：6

、訪客IP：3.20.205.228

姓名

王小玲(Siao-ling Wang) 查詢紙本館藏

畢業系所

資訊管理學系

論文名稱

基於Xen之雲端虛擬網路自動建置與管理研究－以CSEP雲端安全實驗平台為例
(On Automatic Installation and Management of Xen-based Cloud Virtual Networks—A Case Study on the Cloud Security Experimental Platform)

相關論文

★ 應用數位版權管理機制於數位影音光碟內容保護之研究	★ 以應用程式虛擬化技術達成企業軟體版權管理之研究
★ 以IAX2為基礎之網頁電話架構設計	★ 應用機器學習技術協助警察偵辦詐騙案件之研究
★ 擴充防止詐欺及保護隱私功能之帳戶式票務系統研究-以大眾運輸為例	★ 網際網路半結構化資料之蒐集與整合研究
★ 電子商務環境下網路購物幫手之研究	★ 網路安全縱深防護機制之研究
★ 國家寬頻實驗網路上資源預先保留與資源衝突之研究	★ 以樹狀關聯式架構偵測電子郵件病毒之研究
★ 考量地區差異性之隨選視訊系統影片配置研究	★ 不信任區域網路中數位證據保留之研究
★ 入侵偵測系統事件說明暨自動增加偵測規則之整合性輔助系統研發	★ 利用程序追蹤方法關聯分散式入侵偵測系統之入侵警示研究
★ 一種網頁資訊擷取程式之自動化產生技術研發	★ 應用XML/XACML於工作流程管理系統之授權管制研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

雲端運算眾所皆知提供了資料儲存和運算能力的擴充，但漸漸的也開始尋找新的應用情境，尤其是建立基於雲端的虛擬網路服務（Cloud-based Virtual Networks，簡稱CVN），亦稱為網路即服務（Network as a Service，簡稱NaaS）或虛擬私有雲（Virtual Private Cloud，簡稱VPC）。然而目前提供雲端虛擬網路建置與管理服務的平台，主要是針對網路管理人員等，具有網路管理及設定相關知識的使用者，對於大多數的使用者來說不論在使用的操作上，或是學習上都造成了不必要的負擔。
為了降低使用者需額外學習其他知識的負擔及降低使用者因操作不易可能導致設定錯誤的情況發生。本研究以CSEP雲端安全實驗平台為例，提出一雲端虛擬網路自動建置與管理機制，透過圖形化的網路拓樸編輯介面及建置與管理功能的自動化，讓使用者能以更便利、更直覺的方式來建置雲端虛擬網路環境，以降低使用者的內、外在認知負荷。
本研究之雲端虛擬網路自動建置與管理機制，經實驗證明可正確的為使用者進行Routing Table及IP的設定，即使使用者並不懂得如何設定也能在短時間內建置出可用的網路環境，降低使用者需額外學習其他知識的負擔。並且從實驗中也可明確得知，本研究之雲端虛擬網路自動建置與管理機制相較於多數人採用的Command Line Interface，所花費的時間大幅的降低了41.04%，大大提升了使用者體驗。

摘要(英)

Cloud computing provides a well-known data storage and computing capacity expansion, but gradually began to find new applications scenarios, especially the establishment of Cloud-based Virtual Network Services (CVN), also called the Network as a Service ( NaaS) or Virtual Private Cloud (VPC). However, currently available in the cloud to install and manage virtual network services platform, mainly for network management personnel, who has network management knowledge and know how to set up a network. Therefore, for most users, whether on the operation, or the study have caused unnecessary burden.
In order to reduce the burden of need additional knowledge and learning to reduce the degree of operating difficulty and reduce configuration error happens when the user don′t know how to use it. Therefore, we use Cloud Security Experiment Platform (CSEP) as an example, proposed a cloud virtual network automatic installation and management mechanism, through a graphical interface and network topology automatic installation and management functions, make it more convenient and intuitive way to install cloud virtual network environment for users, and reduce user’s Intrinsic Cognitive Load and Extraneous Cognitive Load.
The study of cloud virtual network automatic installation and management mechanism, after the experiment proved to be correct for conduct IP and routing table settings, even if the users do not understand how to set up, they also can install a network environment in a short time that reduce the burden of users. In this study, we also proved from the experiments that the cloud virtual network mechanism automatic installation and management mechanism compared to the majority of people using the Command Line Interface (CLI), the time it takes to dramatically reduce 41.04%, greatly enhance the user experience.

關鍵字(中)

★ 雲端虛擬網路
★ 圖形化
★ 自動化
★ 雲端安全實驗平台
★ 認知負荷

關鍵字(英)

★ Cloud Virtual Network
★ Graphics
★ Automation
★ Cloud Security Experiment Platform
★ Cognitive Load

論文目次

論文摘要 i
英文摘要 ii
誌謝 iii
目錄 iv
圖目錄 vi
表目錄 viii
第一章緒論 1
1-1 研究背景 1
1-2 研究動機與目的 6
1-3 研究貢獻 8
1-4 章節架構 8
第二章相關研究 9
2-1 雲端虛擬網路自動建置與管理之定義 9
2-1-1 虛擬網路與網路虛擬化 9
2-1-2 雲端虛擬網路 11
2-1-3 自動建置與管理 11
2-2 雲端虛擬網路建置與管理相關研究 12
2-4-1 中華電信hicloud VPC 12
2-4-2 Amazon VPC 13
2-4-3 DeterLab 15
2-4-4 Testbed@TWISC 18
2-3 雲端安全實驗平台與雲端服務提供者（SAMEVED）簡介 20
2-3-1 雲端安全實驗平台（CSEP）現況 20
2-3-2 SAMEVED 23
2-4 小結 25
第三章雲端虛擬網路自動建置與管理機制 27
3-1 雲端虛擬網路自動建置與管理機制的架構與流程設計 27
3-2 雲端虛擬網路自動建置與管理機制的功能詳述 30
3-2-1 雲端虛擬網路建置頁面 30
3-2-2 解析拓樸 33
3-2-3 圖形轉API 38
3-2-4 CVN建置 39
3-2-5 設為CVN樣本映像檔 40
3-2-6 Routing Table與IP自動配置 43
3-3 雲端虛擬網路自動建置與管理機制的適應性 45
第四章實驗設計與結果討論 46
4-1 實驗設計 46
4-1-1 實驗一：Routing Table與IP自動配置之功能驗證 46
4-1-2 實驗二：雲端虛擬網路自動建置與管理機制對使用者的影響 48
4-2 實驗結果與討論 50
4-2-1 實驗一：Routing Table與IP自動配置之功能驗證 50
4-2-2 實驗二：雲端虛擬網路自動建置與管理機制對使用者的影響 54
4-3 小結 57
第五章結論與未來研究 58
5-1 研究結論與貢獻 58
5-2 研究限制 59
5-3 未來研究 59
參考文獻 61

參考文獻

[1] 毛文波、邊瑞鋒和李芳，「雲計算網絡虛擬化原理與實現」，CCISA（資訊安全通訊）期刊，第20卷，第1期，10~30頁，2014年1月。
[2] D. Taylor and J. Turner, “Towards a diversified internet,” White Pap. Novemb., 2004.
[3] J. S. Turner and D. E. Taylor, “Diversifying the internet,” in Proceedings of the Global Telecommunications Conference, 2005. GLOBECOM’05. IEEE, Vol. 2, p. 6–pp, 2005.
[4] N. M. Chowdhury and R. Boutaba, “A survey of network virtualization,” Comput. Netw., Vol. 54, No. 5, pp. 862–876, 2010.
[5] R. Zalenski, “Firewall technologies,” Potentials IEEE, Vol. 21, No. 1, pp. 24–29, 2002.
[6] G. Rouskas, “Network Virtualization: A Tutorial,” in Proceedings of the Optical Fiber Communication Conference, p. OW1A–1, 2012.
[7] N. M. K. Chowdhury and R. Boutaba, “Network virtualization: state of the art and research challenges,” Commun. Mag. IEEE, Vol. 47, No. 7, pp. 20–26, 2009.
[8] R. G. Patricio and J. Celestino, “Hephaestus: A cloud-based environment to virtual network automation,” in Proceedings of the Computers and Communications (ISCC), 2013 IEEE Symposium on, pp. 000567–000571, 2013.
[9] I. Ayadi, N. Simoni, and G. Diaz, “NaaS: QoS-aware Cloud Networking Services,” in Proceedings of the Network Computing and Applications (NCA), 2013 12th IEEE International Symposium on, pp. 97–100, 2013.
[10] P. Costa, M. Migliavacca, P. Pietzuch, and A. L. Wolf, “NaaS: Network-as-a-Service in the Cloud,” in Proceedings of the 2nd USENIX conference on Hot Topics in Management of Internet, Cloud, and Enterprise Networks and Services, Hot-ICE, Vol. 12, pp. 1–1, 2012.
[11] T. Choi, N. Kodirov, T.-H. Lee, D. Kim, and J. Lee, “Autonomic management framework for cloud-based virtual networks,” in Proceedings of the Network Operations and Management Symposium (APNOMS), 2011 13th Asia-Pacific, pp. 1–7, 2011.
[12] Y.-M. Chen, C.-E. Chuang, H.-C. Liu, C.-Y. Ni, and C.-T. Wang, “Using Agent in Virtual Machine for Interactive Security Training,” in Security Technology, Springer, pp. 65–74, 2011.
[13] X. Li and Z. Zhan, “Visio-Based Method for User Mapping Topology Graph in Network Management System,” in Proceedings of the Biomedical Engineering and Computer Science (ICBECS), 2010 International Conference on, pp. 1–4, 2010.
[14] Y. LI and W. LIU, “Analysis of the Shortest Route in Network on Dijkstra Algorithm,” Microcomput. Appl., Vol. 3, p. 007, 2004.
[15] S. D. Sorden, “A cognitive approach to instructional design for multimedia learning,” Informing Sci. Int. J. Emerg. Transdiscipl., Vol. 8, pp. 263–279, 2005.
[16] M.-X. Chen and K.-L. Mei, “Mechanism of Automatic Deployment for Virtual Network Environment,” in Proceedings of the Parallel Processing (ICPP), 2013 42nd International Conference on, pp. 1061–1066, 2013.
[17] D. Kakadia and V. Varma, “Network Virtualization Platform for Hybrid Cloud,” in Proceedings of the Cloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on, Vol. 2, pp. 69–74, 2013.
[18] J. B. Siu and Z. S. Guo, “Web-based network configuration management system,” in Proceedings of the Communication Technology, 2000. WCC-ICCT 2000. International Conference on, Vol. 1, pp. 487–491, 2000.
[19] M. Hibler, R. Ricci, L. Stoller, J. Duerig, S. Guruprasad, T. Stack, K. Webb, and J. Lepreau, “Large-scale Virtualization in the Emulab Network Testbed.,” in Proceedings of the USENIX Annual Technical Conference, pp. 113–128, 2008.
[20] D. Nurmi, R. Wolski, C. Grzegorczyk, G. Obertelli, S. Soman, L. Youseff, and D. Zagorodnov, “The eucalyptus open-source cloud-computing system,” in Proceedings of the Cluster Computing and the Grid, 2009. CCGRID’09. 9th IEEE/ACM International Symposium on, pp. 124–131, 2009.
[21] T. Benzel, “The science of cyber security experimentation: the DETER project,” in Proceedings of the 27th Annual Computer Security Applications Conference, pp. 137–148, 2011.
[22] P.-W. Tsai, Y.-T. Lai, P.-W. Cheng, C.-S. Yang, and M.-Y. Luo, “Design and develop an OpenFlow Testbed within virtualized architecture,” in Proceedings of the Network Operations and Management Symposium (APNOMS), 2013 15th Asia-Pacific, pp. 1–3, 2013.
[23] S.-J. Chen, J.-Y. Huang, C.-T. Huang, and W.-J. Wang, “SAMEVED: A System Architecture for Managing and Establishing Virtual Elastic Datacenters,” Int. J. Grid High Perform. Comput. IJGHPC, Vol. 5, No. 2, pp. 27–42, 2013.
[24] “Dropbox for Business security: A Dropbox whitepaper.” [Online]. Available: https://www.dropbox.com/static/business/resources/Security_Whitepaper.pdf.
[25] “hicloud VPC產品介紹,” hicloud VPC. [Online]. Available: http://hicloud.hinet.net/vpc/products.html.
[26] “Amazon Virtual Private Cloud,” Amazon Virtual Private Cloud. [Online]. Available: http://aws.amazon.com/cn/vpc/.
[27] “Introducing Amazon Virtual Private Cloud (VPC),” Amazon Web Services Blog. [Online]. Available: http://aws.typepad.com/aws/2009/08/introducing-amazon-virtual-private-cloud-vpc.html.
[28] “Amazon web services白皮書,” Amazon. [Online]. Available: http://media.amazonwebservices.com/AWS_Risk_and_Compliance_Whitepaper.pdf.
[29] “私有雲架構,” MiCloud. [Online]. Available: http://micloud.tw/ch/component/k2/item/241-private-cloud.
[30] “Virtual Private Cloud-as-a-Service: Extend Enterprise Security Policies to Public Clouds.” [Online]. Available: http://www.cisco.com/web/strategy/docs/gov/46113_cloud.pdf.
[31] “Azure 虛擬網路,” Microsoft Azure. [Online]. Available: http://azure.microsoft.com/zh-tw/services/virtual-network/.
[32] “Secure Data Connector,” Google Developers. [Online]. Available: https://developers.google.com/secure-data-connector/docs/1.3/overview.
[33] “中華電信hicloud虛擬私雲　成功協助桃園國際機場建置混合雲,” NetAdmin. [Online]. Available: http://www.netadmin.com.tw/article_content.aspx?sn=1307180001.
[34] 劉慈明, “台大、神通、基龍米克斯三方合作研發國內第一朵生技雲誕生.” [Online]. Available: http://www.mitac.com.tw/pdf/%E7%94%9F%E6%8A%80%E9%9B%B2.pdf.
[35] “企業建置雲端辦公環境私有雲商機日增,” DIGITIMES. [Online]. Available: http://www.digitimes.com.tw/tw/dt/n/shwnws.asp?CnlID=13&packageid=6151&id=0000287907_XPX8068I1T3KGF6B3NV8W&cat=50&ct=1.
[36] “DeterLab,” The Deter Project. [Online]. Available: http://deter-project.org/about_deter_project.
[37] “中央大學雲端安全實驗平台(Cloud Security Experimental Platform),” 中央大學雲端安全實驗平台. [Online]. Available: http://csep.mgt.ncu.edu.tw/.
[38] “SAMEVED,” OpenFoundry. [Online]. Available: http://www.openfoundry.org/of/projects/2313.
[39] “ISO 9241-210,” ISO. [Online]. Available: http://www.iso.org/iso/catalogue_detail.htm?csnumber=52075.
[40] “automatic,” Oxford Learner’s Dictionaries. [Online]. Available: http://www.oxfordlearnersdictionaries.com/definition/english/automatic_1.
[41] “ISO/IEC 7498-4.” ISO. [Online]. Available: http://www.iso.org/iso/catalogue_detail.htm?csnumber=14258.
[42] “Amazon Web Services CLI Tools,” Amazon Web Services CLI Tools. [Online]. Available: http://docs.aws.amazon.com/general/latest/gr/GetTheTools.html.
[43] “Amazon Virtual Private Cloud CLI Tools,” Amazon Virtual Private Cloud CLI Tools. [Online]. Available: http://awsdocs.s3.amazonaws.com/VPC/latest/vpc-qrc.pdf.
[44] “Emulab,” Emulab.Net. [Online]. Available: http://www.emulab.net/.
[45] “NS Script,” Emulab. [Online]. Available: https://wiki.emulab.net/wiki/Tutorial.
[46] “Emulab Client GUI (Alpha),” Emulab. [Online]. Available: http://www.emulab.net/netlab/client.php3.
[47] “Testbed@TWISC,” Testbed@TWISC. [Online]. Available: http://testbed.ncku.edu.tw/index.php3.
[48] “About POX.” [Online]. Available: http://www.noxrepo.org/pox/about-pox/.
[49] “Netbuild,” Netbuild. [Online]. Available: http://icl.cs.utk.edu/netbuild/index.html.
[50] “Critical Patch Updates, Security Alerts and Third Party Bulletin,” ORACLE. [Online]. Available: http://www.oracle.com/technetwork/topics/security/alerts-086861.html.

指導教授

陳奕明(Yi-ming Chen)

審核日期

2014-7-25

推文