CN110266723A - A kind of safety of cloud service methods of risk assessment - Google Patents
A kind of safety of cloud service methods of risk assessment Download PDFInfo
- Publication number
- CN110266723A CN110266723A CN201910609486.1A CN201910609486A CN110266723A CN 110266723 A CN110266723 A CN 110266723A CN 201910609486 A CN201910609486 A CN 201910609486A CN 110266723 A CN110266723 A CN 110266723A
- Authority
- CN
- China
- Prior art keywords
- index
- risk
- technology
- data
- cloud computing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a kind of safety of cloud service methods of risk assessment, belong to field of cloud computer technology, in conjunction with three safety problem of each level of cloud service, security target and each safe practice aspects, to show which kind of technology is able to solve which kind of security risk problem to reach expected security target, and then establish cloud service technical security risk indicator system.Since the data got from cloud service provider have the problems such as subjectivity is strong, data are few, entropy weight theory in conjunction with multi-category support vector machines and is constructed safety of cloud service risk evaluation model by the present invention, accurate result has been obtained by instance analysis, demonstrate the assessment models be it is feasible, effectively.And elaborate advantage existing for the assessment models, it can be referred to for industry, push the development and application of cloud computing.
Description
Technical field
The invention belongs to field of cloud computer technology, and in particular to a kind of safety of cloud service methods of risk assessment.
Background technique
Cloud computing is one of the hot topic of current information technical field, is all circles such as industrial circle, academia, government equal ten
It embodies the thought of " network is exactly computer " by point focus of attention, by a large amount of computing resources, storage resource and software resource
It links together, forms the shared virtual IT resource pool of huge size, provided for remote client computer and " come as soon as called, wave it
Go " and seem that the IT of " ability is unlimited " is serviced.As long as user propose demand, service i.e. from " cloud " end sail come, not only not by
The limitation of time, region, user do not have to also worry the problems such as whether resources are enough such as calculate, store, as long as payment on demand, so that it may
To obtain the cloud resource of " inexhaustible " whenever and wherever possible.The development of cloud computing is faced with many critical problems,
And safety problem is stood in the breach, with popularizing for cloud service application, importance presentation gradually rises trend, it has also become restricts cloud
Calculate the central factor of development.IDC (Internet data center) it is primary about " user think cloud computing mode adjustment and
What problem is " investigation in, safety ranks first with 74.6%, it is seen then that safety problem has become that " the cloud computing epoch are most
The problem for needing to crack.Gartner mechanism, U.S. investigation result in 2009 shows that the CTO of 70% or more interviewed enterprise thinks
The first cause of cloud computing is not used to be the worry there are Information Security and privacy in the recent period.In addition to this, in recent years, entirely
The major well-known cloud service provider of ball also frequently occurs all kinds of security incidents, and details are as shown in table 1.It can be seen that each cloud service
How the safety problem of quotient solves and avoids these peaces to oneself causing the interests for also compromising user while economic loss
The generation of full problem, not only becomes enterprise, government, user's concern, also becomes the hot spot of research therewith.Cloud computing
Security risk be related to many aspects, technology is one side therein, in terms of traditional network security, each technology
Can combined use evade security risk, still, for the cloud computing newly to emerge, what technology can reduce risk using? no
Can which technology be risk be brought using? this, which is one, is worth the problem of thinking is with research, carries out in-depth study to it, can
Perfect and abundant availability risk management and cloud computing theory system are applied or are referred to for government, enterprise, user, to push
The development and application of cloud computing.
1. safety of cloud service accident of table
Presently, there are research contents and achievement be substantially summarized as the following:
1. proposing various Evaluation of Information System Security Risk methods, and in the information systems such as application is arrived school, enterprise.
Gong Jun et al. proposes a kind of to the Information Security Risk Evaluation Model based on FAHP, and the model is applied in school
In the net of garden, reality is met by case verification result.Treasure et al. 2 documents are paid to be proposed respectively based on fuzzy theory and nerve net
The appraisal procedure of network, the Information Security Risk Assessment Methods based on Bayesian network, with the appraisal procedure to information system into
Row assessment is effective.It pays 3 documents of sand et al. and proposes the information system based on entropy weight theory and fuzzy set theory respectively and comment
Estimate method, based on fuzzy reasoning and multiple neural network in Evaluation of Information System Security Risk method, based on grey fuzzy
Theoretical Evaluation of Information System Security Risk method, by instance analysis, verifying these methods can accurately believe quantitative evaluation
Cease system risk.Chen Song et al. proposes a kind of process of Evaluation of Information System Security Risk, to improve the accurate of risk assessment
Property.Yu et al. has done purpose, target, risk assessment operation flow according to the environment of role, structure and information system detailed
Analysis, proposes the method for the Evaluation of Information System Security Risk of commercial presence process.
2. safety problem or risk and one general countermeasure of proposition under cloud computing environment.
Lu Xianyu has only carried out brief analysis to security risk that may be present under cloud computing environment, proposes and is let out by data
The 5 aspect bring security risks such as dew, virtualization, identity and access management, do not propose countermeasure or solution for risk
Method.There are loophole, resource-sharing, loss of data or leakage etc. 11 for the interface or API that Jiang Zhengwei et al. proposes cloud service
Aspect meeting bring security risk, and countermeasure is provided for each security risk.Lin Zhaoji et al. is for cloud computing
Existing feature elaborates that cloud computing is deposited in terms of server security, data safety, application service safety, management and monitoring four
Safety problem, and propose a cloud computing security model.Zhang Wei rectifies et al. from cloud computing provider, network, employee, law
The safety problem that cloud era corporate information is faced is elaborated with four aspects of policy, and proposes countermeasure and suggestion.Gartner
Mechanism structure has proposed 7 Risks existing for the cloud computings such as data isolation, data-privacy, superuser access.Coalfire exists
The big cloud computing security risk of Data Position, data ownership etc. 10 is proposed in report in 2012.Report of the CSA in 2013
In indicate cloud computing there are the threats of the aspect of leaking data, loss of data etc. 9.
3. with the methods of traditional analytic hierarchy process (AHP), Grey-fuzzy Theory, neural network or theory to cloud computing safety
Risk is done simple quantitative or qualitative analysis and is ground and makes internal disorder or usurp.
CSALIU Peiyu et al. thinks that cloud computing is faced with numerous safety problems, and summarize 8 kinds of security threats with
And corresponding risk factors, finally propose a kind of cloud computing security risk assessment model based on analytic hierarchy process (AHP).Zhou Zixi
Et al. make a search mainly for the confidentialities of data, and excavated the security risk of data confidentiality, be based on to propose
The data confidentiality risk evaluation model of data-flow analysis, this method can effectively identify in cloud computing environment destroy service and
The behavior of data confidentiality.Wang Zhaocheng analyzes evaluation index in need of consideration, emphasis in cloud computing information security risk evaluation
Information assets assessment identification process is discussed, the Information Security Risk quantitative calculation method based on cloud computing is given.Liu is identical
People proposes a kind of cloud computing macroscopic view security risk assessment analysis method, and this method effectively discloses to be faced under cloud computing environment
Special, macroscopical risk.Han Qiyun is directed to the safety problem that is faced of cloud computing, has summed up 8 classes and has threatened criterion and right
The 39 kinds of deterrents answered construct Analytic Hierarchy Process Model, and analyzed using analytic hierarchy process (AHP), propose a kind of base
Information Security Risk Evaluation Model under cloud computing environment is shown experimentally that the risk model has certain practical valence
Value.Pass through the content concluded, it can be seen that studying obtained achievement, there are a little deficiencies:
1. the research in terms of cloud computing security evaluation uses analytic hierarchy process (AHP), fuzzy theory, neural network, fault tree point more
The methods of analysis method, but research achievement is less, and the achievement that oneself has is only capable of referring to, and can not be applied in example and these methods are deposited
In defect, as shown in table 2.
2 appraisal procedure defect of table
Appraisal procedure | Disadvantage |
Fault Tree Analysis | The fault tree building of quantification difficult, complication system is difficult and calculating process is more complex |
Analytic hierarchy process (AHP) | It is required that evaluator's ability is strong and there are subjectivities |
Fuzzy comprehensive evaluation method | Membership function determination does not have systematic method and there are subjectivities |
Artificial neural network | Structure determination is complicated, and optimization is difficult, be easy to cause local optimum and overfitting problem |
2. user is passively to receive cloud service bring risk, but most of cloud computings are pacified in cloud service process
Research in all directions is carried out from the angle of user, having and not yet illustrate research angle, so that achievement is lack of pertinence,
Even if using can not ensure the interests of user.
3. most achievements are not associated with cloud computing feature and service mode carries out in-depth study, only from illustrating in a certain respect
Safety problem existing for cloud computing and there are a large amount of subjective factors, and simple qualitative or quantitative research is carried out, lack real
Example verifying, so that Evaluated effect is unobvious.
4. in the research achievement of cloud computing security risk assessment, in terms of the technical factor for relationship cloud service risk do not occur
Research, also without corresponding risk indicator system and assessment models.
Summary of the invention
The present invention provides a kind of safety of cloud service methods of risk assessment.From the angle of cloud service provider, in conjunction with cloud computing
The characteristics of and service mode to its further in-depth study of safety, the characteristics of according to cloud computing platform three layers of service mode,
Each layer of major Safety and risk are summed up, then illustrates the relevant technologies that can reduce risk and safe mesh
Mark, after triplicity under condensed cloud computing environment technical risk principal element, and construct cloud computing technology security risk assessment
Then index system establishes the assessment models based on entropy weight theory and support vector machines, and by case verification, which is to have
Effect, and then elaborate advantage existing for the model.
Its technical solution are as follows:
A kind of safety of cloud service methods of risk assessment, comprising the following steps:
Step 1, cloud computing security risk index system are established
According to the principal element of technical risk under cloud computing environment, equipment protection technology can be reduced with monitoring of tools technology
Cloud computing technology security risk index system can be obtained in its induction-arrangement by installation security risk;
Step 2, quantification of targets data acquisition
In cloud computing technology security risk index system, including general objective layer, first class index layer, two-level index layer;Wherein
First class index layer is divided into hardware resource risk, data safety risk, virtualization security risk, interface security risk and resource point
With 5 indexs of security risk, two-level index includes equipment protection technology, monitoring of tools technology, intrusion detection and DDoS prevention skill
Art, searching ciphertext and processing technique, data destroying technology, backup and recovery technology, data check technology, fault-toleranr technique,
Data encryption technology, data segmentation technique, data isolation technology, distributed proccessing, authentication and access control technology,
Secure virtual machine technology, antivirus protection technology, security audit technology, interface and API protection technique, scheduling of resource and distribution technique
And 19 evaluation indexes of multi-tenant technology.This 19 evaluation indexes are qualitatively, in order to accurately carry out cloud at present
Calculate security risk assessment, it is necessary to quantify to this 19 evaluation indexes, quantization is exactly to its value of imparting.It is commented according to cloud computing
The characteristics of risk indicator estimated, selects application risk inspection table to carry out quantization marking for each index, according to the content of research with
Cloud computing security risk level is divided into 5 grades, and provides detection risk table by theme.
Each index meaning is as follows:
Equipment protection technology: the technology can protect hardware device involved by cloud computing center (server, cable
Deng), guarantee that it runs well and works, to reduce the risks such as service disruption, loss of data caused by due to equipment fault.
Monitoring of tools technology: the technology can guarantee that physical equipment will not be occurred by artificial damage and timely discovering device
Failure, cause the risks such as equipment damage, service disruption due to interior employee or other staff abuse one's power to reduce.
Data destroying technology: the technology can be not thorough user's deletion and remaining data are thorough because exiting cloud service
Bottom is removed, to reduce the risks such as leaking data.
Backup and recovery technology: the technology can back up user data on time, and timely when needed, quickly extensive
It is multiplexed user data, to reduce because of loss of data caused by the reasons such as equipment fault, natural calamity or the risks such as unavailable.
Data check technology: the technology can timely find the incomplete situation of user data, thus reduction factor evidence
Partial loss etc. and caused by data are imperfect or not available risk.
Authentication and access control technology: the technology can guarantee the data of user's Lawful access oneself and use to have ordered
Service, can not access, obtain or using other users data and service, thus caused by reducing and being accessed etc. because of illegal authorization
The risks such as leaking data, data tampering.
Data encryption technology: the technology can encrypt the data in transmission, storage, deposit data with ciphertext form
Guaranteeing the safety of data, to reduce because of illicit interception and attack, illegal authorization access and data are let out caused by stealing etc.
The risks such as reveal, distort.
Intrusion detection and DDos precautionary technology: whether the technology can find to have in cloud system in time violates security strategy
Behavior and the sign attacked, while attack and intrusion behavior can be taken precautions against, so that reduction enters because of DDos attack, illegally
Service disruption caused by equal behaviors is invaded, unavailable and data is serviced and the risks such as is stolen, reveals.
Data segmentation technique: if the data of user are divided into stem portion by the technology, being respectively stored on different servers,
To guarantee that malicious person can not obtain user's partial data, guarantee the safety of data, to reduce because stealing, unauthorized access etc. is made
At the risks such as leaking data.
Secure virtual machine technology: the technology can guarantee the safety that software and fictitious host computer are blurred in cloud computing platform, prevent
Only generation the problems such as unauthorized access, rogue attacks loophole, to reduce the risks such as service disruption, leaking data.
Antivirus protection technology: the technology can timely find, be isolated and killing cloud platform in virus, to reduce
The risks such as service caused by because of the virus infection due to is unavailable, leaking data, data are unavailable.
Interface and API protection technique: the technology can protect fragile, unsafe interface and API, to reduce because not
The interface and API of safety are eavesdropped or are attacked and caused data interception, steals, reveals and service the risks such as unavailable.
Data isolation technology: the technology can guarantee the isolated storage in cloud between data and data, to reduce number
According to risks such as leakages.
Distributed proccessing: the technology makes user that oneself data are modified or deleted in cloud, it can be ensured that institute
Some copies are all modified, to reduce data because of the risks such as inconsistent or unavailable caused by after modification.
Searching ciphertext and processing technique: the technology can guarantee safety of the data encrypted in processing, use process
Property and can be by quick-searching, to reduce the risks such as leaking data caused by data are stolen etc. in use.
Scheduling of resource and distribution technique: the technology be able to solve in real time, dynamic expansion the problems such as, thus reduce because service
Service disruption, resource caused by situations such as device increase and decrease, user's increase and decrease such as can not distribute at the risks in time.
Fault-toleranr technique: the technology is able to solve the Fault-Tolerant Problems such as cloud computing system, software, so that can restore after accident
State to before generation accident, to reduce, loss of data, corrupted data, data are unavailable and service disruption or unavailable
Risk.
Multi-tenant technology: the technology can guarantee thousands of users data, application, money when using the same cloud platform
The safety such as source, to reduce because resource consumption is excessive, the risks such as service disruption, leaking data caused by unauthorized access etc..
Security audit technology: safe design is the important technical of system Security Construction, can be under cloud computing environment
Activity or behavior checked and verified, to reduce because of the brings risk such as unauthorized access, illegal operation.
Step 3, the index weight value based on entropy weight calculate
Based on the data that above-mentioned detection risk table obtains, the weight of each index is calculated using entropy weight method, thus really
The weight of fixed each index, i.e. significance level;
Step 4, support vector machines assessment
Support vector machines is applied into cloud computing security evaluation, and is unfolded around more classification and nonlinear problem, it is right
Cloud computing is assessed safely.
Further, step 3 specifically:
1. calculating feature specific gravity
If the initial data got is the matrix of a m*n, i.e. Rm*n, wherein m is the number for participating in the cloud service provider of evaluation
Amount, n are the quantity of evaluation index.
If under jth item index, the index value that i-th of evaluation object is got accounts for the specific gravity of all evaluation object index total values
For pij,
So:
2. calculating entropy
The relatively important entropy of jth item index are as follows:
Wherein, 0≤ej≤ 1, entropy is bigger, illustrates that risk indicator factor is smaller to the contribution of cloud computing risk assessment.
3. calculating each index weight value
After obtaining the entropy of each index, 1-e can be usedjValue measure the power of each risk factors, and carried out normalizing
At change
Reason, obtains the weight of each evaluation index are as follows:
Wherein,The then index weight value vector of each index weights composition are as follows:
4. the index value of Calculation Estimation index
By index weights vector and Rm*nTransposed matrix RTMultiplication obtains the index value matrix of evaluation index, it may be assumed that
Rj=βj*RT (5)
Further, step 4 specifically:
An optimal separating hyper plane is constructed, optimal separating hyper plane can correctly separate two classes, and make score
Class interval is maximum;
On the one hand: for two classification problems
If there are the data sample set (x of linear separabilityi, yi), i=1,2 ..., n, xi∈Rd, yi∈ {+1, -1 }, linearly
The general type of discriminant function is that then to there is an Optimal Separating Hyperplane as follows by f (x)=ω x+b:
ω x+b=0 (6)
Discriminant function is normalized, meets all samples of two classes all | f (x) | >=1, nearest from classifying face at this time
F (x)=1 of sample, it is desirable that classifying face can correctly classify to all samples, that is, meet:
yi[(ω·xi)+b] -1 >=0, i=1,2 ..., n (7)
Class interval is equal at this timeInterval maximum is equivalent to | | ω | |2It is minimum.Meet formula (7) and makesMost
Small classifying face is exactly optimal classification surface.
Therefore, the constrained optimization problem that optimal classification surface problem can be expressed as, i.e., asked under the constraint of formula (7) as
The minimum value of minor function:
For this purpose, the Lagrange function being defined as follows:
In formula, αi>=0 is Lagrange multiplier.For the minimum value for asking formula (9), respectively to ω, b, αiIt seeks partial differential and enables it
Be equal to 0, obtain
According to the constraint condition of formula (7) and (10), the Solve problems of above-mentioned optimal classification surface can be converted to following
The dual problem of convex quadratic programming optimizing:
In formula, αiCorresponding Lagrange multiplier.This is a quadratic function optimization problem, existence and unique solution.IfFor
Optimal solution then has:
In formula,The sample being not zero, as supporting vector, therefore the weight coefficient vector of optimal classification surface is supporting vector
Linear combination;b*It is classification threshold, it can be by constraint condition αi[yi(ω·xi+ b) -1]=0 solution.
The optimal classification function obtained after the solution above problem are as follows:
The problem of for linearly inseparable, can introduce relaxation factor ξ and punishment parameter C, this allows for formula (8) change
Are as follows:
It the problem of for linearly inseparable, can be by introducing a Nonlinear Mapping φ, by the data sample of the input space
Originally it is mapped to high-dimensional feature space, optimal classification surface is then constructed in feature space, using appropriate in optimal classification surface
Kernel function k (xi, xj) and meet Mercer condition, so that it may the linear classification after realizing a certain nonlinear transformation.
Similarly, classification function can be obtained:
On the other hand: for more classification problems
What above-mentioned the problem of classifying primarily directed to two, was unfolded, but practical problem is often polytypic problem.When making
When handling more classification problems with support vector machines, it is necessary to construct suitable multi classifier.
Further, classified using One-against-one.
Beneficial effects of the present invention:
Three safety problem, security target and each safe practice aspects of each level of present invention combination cloud service, thus
It show which kind of technology is able to solve which kind of security risk problem to reach expected security target, and then establishes cloud service technical security
Risk indicator system.Since the data got from cloud service provider have the problems such as subjectivity is strong, data are few, the present invention is by entropy weight
Theory is in conjunction with multi-category support vector machines and constructs safety of cloud service risk evaluation model, has obtained standard by instance analysis
It is true as a result, demonstrate the assessment models be it is feasible, effectively.And elaborate advantage existing for the assessment models, it can be for
Industry reference, pushes the development and application of cloud computing.
Detailed description of the invention
Fig. 1 is cloud service level;
Fig. 2 is cloud computing technology security risk index system;
Fig. 3 is optimal separating hyper plane schematic diagram;
Fig. 4 is cloud computing security risk metrology step;
Fig. 5 is prediction result figure.
Specific embodiment
Present invention will be explained in further detail with specific embodiment with reference to the accompanying drawing.
Cloud service can totally be divided into three levels as shown in Figure 1:, wherein be located at bottom is IaaS (infrastructure
Service), the resources such as cloud service provider will be calculated, be stored are supplied to user as service, and user can obtain cheap and complete
Kind resource;What it is positioned at middle layer is PaaS (platform services), and cloud service provider is supplied to Software Development Platform as service
User, user may have access to and use without individually purchase and deployment software development platform, by Internet;Positioned at top layer
It is SaaS (software services), various software deployments beyond the clouds, are then supplied to user by cloud service provider in a manner of service.
It is as shown in Figure 2: to be a multi-level index system, cloud computing technology security risk is by hardware resource risk, number
It is codetermined according to security risk, virtualization security risk, interface security risk and resource allocation security risk, it may be assumed that cloud computing
Technical security risk (B)={ hardware resource risk (B1), data safety risk (B2), virtualize security risk (B3), interface peace
Full blast danger (B4), resource allocation security risk (B5)}.Wherein,
Hardware resource risk is related to 2 factors of equipment protection technology and monitoring of tools technology, it may be assumed that hardware resource risk
(B1)={ b1_1,b1_2}
Data safety risk is related to 11 factors such as intrusion detection and DDos precautionary technology, it may be assumed that data safety risk
(B2)={ b2_1,b2_2,b2_3,b2_4,b2_5,b2_6,b2_7,b2_8,b2_9,b2_10,b2_11}
Virtualization security risk is related to 2 factors such as secure virtual machine technology, it may be assumed that virtualization security risk (B3)=
{b3_1,b3_2}
Interface security risk is related to 2 factors such as security audit technology, it may be assumed that interface security risk (B4)={ b4_1,
b4_2}
Resource allocation security risk is related to 2 factors such as multi-tenant technology, it may be assumed that resource allocation security risk (B5)=
{b5_1,b5_2}
It is as shown in Figure 3: to be the content of support vector machines core the most, exactly construct an optimal separating hyper plane, most
Excellent Optimal Separating Hyperplane can correctly separate two classes, and make class interval maximum, to distinguish classification.
As shown in Figure 4: the step of measurement cloud takes security risk mainly has, and is faced first by analyzing each level of cloud service
Safety problem and target, solve these problems with technology required for target, to obtain cloud service risk measure index body
Then system obtains quantized value corresponding to index by risk investigation table, finally the method based on comentropy and support vector machines
The security risk faced to cloud service is measured.
In Fig. 5, the svmtrain function and 10 groups of training samples carried using the tool box libsvm is to support vector machines
Classifier be trained, obtain model.Finally, performance model predicts the security level of 2 groups of test samples, prediction etc.
Unanimously with actual grade (3,2), accuracy rate reaches 100% to grade.
According to step shown in Fig. 4, it is as follows that case application is unfolded:
Step 1, cloud computing security risk index system are established
Establish cloud computing security risk index system as shown in Figure 2.
Step 2, quantification of targets data acquisition
The marking of technical security risk indicator is carried out using cloud service provider of the detection risk table to 12 different scales, is got
Following data.
3 expert A of table gives a mark to the index of cloud service provider A
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
7.0 | 5.0 | 2.5 | 4.8 | 3.0 | 1.5 | 5.6 | 4.0 | 2.0 | 3.5 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
7.0 | 6.0 | 3.5 | 6.0 | 4.2 | 5.4 | 5.0 | 4.5 | 3.5 |
4 expert B of table gives a mark to the index of cloud service provider B
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
1.5 | 2.0 | 3.5 | 3.0 | 3.0 | 2.5 | 2.3 | 2.0 | 2.0 | 2.0 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
3.5 | 3.5 | 3.0 | 2.5 | 3.0 | 1.5 | 2.8 | 3.0 | 3.0 |
5 expert C of table gives a mark to the index of cloud service provider C
6 expert D of table gives a mark to the index of cloud service provider D
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
9.0 | 8.0 | 6.0 | 8.0 | 7.0 | 7.8 | 6.5 | 8.0 | 5.5 | 6.8 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
7.0 | 7.5 | 8.7 | 7.0 | 8.0 | 8.5 | 7.0 | 7.0 | 8.0 |
7 expert E of table gives a mark to the index of cloud service provider E
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
4.0 | 1.0 | 3.0 | 1.0 | 3.5 | 3.0 | 2.0 | 2.5 | 2.5 | 3.0 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
1.5 | 3.0 | 2.5 | 3.0 | 2.0 | 1.0 | 3.0 | 2.0 | 2.5 |
8 expert F of table gives a mark to the index of cloud service provider F
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
7.0 | 8.0 | 5.5 | 8.5 | 6.5 | 6.5 | 6.0 | 6.0 | 8.0 | 6.5 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
7.0 | 8.0 | 7.0 | 8.5 | 6.0 | 6.0 | 5.0 | 7.0 | 6.0 |
9 expert G of table gives a mark to the index of cloud service provider G
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
0.5 | 1.0 | 1.0 | 1.0 | 1.0 | 3.0 | 1.0 | 1.3 | 2.0 | 1.0 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
1.0 | 2.0 | 1.0 | 0.5 | 2.0 | 2.0 | 1.0 | 0.5 | 1.0 |
10 expert H of table gives a mark to the index of cloud service provider H
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
9.0 | 9.5 | 9.0 | 9.0 | 9.5 | 9.5 | 8.5 | 9.5 | 9.5 | 9.0 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
9.0 | 9.5 | 9.0 | 9.0 | 9.5 | 9.5 | 9.0 | 9.5 | 9.0 |
11 expert I of table gives a mark to the index of cloud service provider I
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
0.5 | 0.5 | 1.0 | 1.5 | 0.5 | 1.5 | 0.5 | 1.5 | 1.0 | 1.0 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
1.0 | 1.0 | 2.0 | 1.0 | 1.0 | 0.5 | 1.0 | 1.0 | 1.5 |
12 expert J of table gives a mark to the index of cloud service provider J
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
9.0 | 8.5 | 9.0 | 9.5 | 9.0 | 9.5 | 9.0 | 9.0 | 9.5 | 9.0 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
9.0 | 9.5 | 9.0 | 9.0 | 9.0 | 9.5 | 9.0 | 9.0 | 9.0 |
13 expert K of table gives a mark to the index of cloud service provider K
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
3.0 | 4.0 | 2.0 | 4.0 | 4.5 | 6.5 | 5.5 | 6.0 | 4.0 | 7.0 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
5.5 | 4.5 | 4.0 | 4.0 | 5.0 | 2.5 | 3.5 | 5.0 | 4.0 |
14 expert L of table gives a mark to the index of cloud service provider L
B1-1 | B1-2 | B2-1 | B2-2 | B2-3 | B2-4 | B2-5 | B2-6 | B2-7 | B2-8 |
2.0 | 3.0 | 2.5 | 4.5 | 4.0 | 3.0 | 5.0 | 3.5 | 2.0 | 2.0 |
B2-9 | B2-10 | B2-11 | B3-1 | B3-2 | B4-1 | B4-2 | B5-1 | B5-2 | |
5.0 | 2.0 | 3.0 | 2.0 | 4.0 | 1.0 | 3.0 | 3.5 | 2.5 |
2) above-mentioned data are obtained into following initial data after arranging.
15 initial data of table
Step 3, the index weight value based on entropy weight calculate
1) after calculating above-mentioned five matrixes by formula (1), formula (2), the entropy of each index is obtained are as follows:
e1=[0.8952,0.8961]
e2=[0.9193,0.9202,0.9238,0.9281,0.9234,0.9330,0.9128,0.9196,0.9301,
0.9349,0.9312]
e3=[0.9136,0.9360]
e4=[0.8809,0.9314]
e5=[0.9211,0.9288]
2) according to entropy obtained above, after being calculated by formula (3), formula (4), obtain the weight of each index to
Amount:
β1=[0.5022,0.4978]
β2=[0.0980,0.0969,0.0925,0.0873,0.0930,0.0814,0.1059,0.0976,0.0849,
0.0790,0.0835]
β3=[0.5745,0.4255]
β4=[0.6345,0.3655]
β5=[0.5256,0.4744]
3) after calculating weight vectors by formula (5), corresponding index value is obtained, as follows:
R1=[6.0044,1.7489,3.7511,8.5022,2.5066,7.4978,0.7489,9.2489,0.5000,
8.7511,3.4978,2.4978]
R2=[3.8789,2.7373,4.5072,7.1067,2.4967,6.8702,1.3839,9.1765,1.1235,
9.1846,4.8304,3.3028]
R3=[5.2341,2.7127,4.2873,7.4255,2.5745,7.4363,1.1383,9.2127,1.0000,
9.0000,4.4255,2.8510]
R4=[5.2538,1.9751,5.1345,7.9517,1.7310,5.6345,1.6345,9.3172,0.6827,
9.3172,2.8655,1.7310]
R5=[4.0256,3.0000,4.7628,7.4744,2.2372,6.5256,0.7372,9.2628,1.2372,
9.0000,4.5256,3.0256]
4) These parameters value is arranged, obtains set of data samples, as shown in table 16.
16 set of data samples of table
B1 | B2 | B3 | B4 | B5 | Security level | |
A | 6.0044 | 3.8789 | 5.2341 | 5.2538 | 4.0256 | 3 |
B | 1.7489 | 2.7373 | 2.7127 | 1.9751 | 3.0000 | 2 |
C | 3.7511 | 4.5072 | 4.2873 | 5.1345 | 4.7628 | 3 |
D | 8.5022 | 7.1067 | 7.4255 | 7.9517 | 7.4744 | 4 |
E | 2.5066 | 2.4967 | 2.5745 | 1.7310 | 2.2372 | 2 |
F | 7.4978 | 6.8702 | 7.4363 | 5.6345 | 6.5256 | 4 |
G | 0.7489 | 1.3839 | 1.1383 | 1.6345 | 0.7372 | 1 |
H | 9.2489 | 9.1765 | 9.2127 | 9.3172 | 9.2628 | 5 |
I | 0.5000 | 1.1235 | 1.0000 | 0.6827 | 1.2372 | 1 |
J | 8.7511 | 9.1846 | 9.0000 | 9.3172 | 9.0000 | 5 |
K | 3.4978 | 4.8304 | 4.4255 | 2.8655 | 4.5256 | 3 |
L | 2.4978 | 3.3028 | 2.8510 | 1.7310 | 3.0256 | 2 |
Step 4, support vector machines assessment
1) grade classification
Herein using the tool box Libsvm of the exploitations such as Taiwan Univ. professor Lin Zhiren[34]It, will be above-mentioned as calculation tool
12 groups of data are divided into two groups, and A, B, C, D, E, F, G, H, I, J remove this as test sample data as training sample data, K, L
Except, the security level of cloud service is divided into low, lower, medium, higher, high 5 classes, represents each grade with 1,2,3,4,5 respectively,
As shown in table 17.
17 risk class of table divides and mark
Mark | 1 | 2 | 3 | 4 | 5 |
Grade | It is low | It is lower | It is medium | It is higher | It is high |
Therefore the above-mentioned data by quantification treatment are divided into different security levels, as shown in table 18.
18 sample type of table and grade
2) kernel functional parameter calculates
It because needing to carry out calculations of classifying herein, and selects RBF as kernel function more, therefore penalty parameter c and core letter need to be calculated
Number parameter g optimal values, with improve classification accuracy, so use training sample data collection as calculating c, g initial data,
It is calculated using cross-validation method, the value for finally obtaining c, g when training sample classification accuracy reaches 100% is respectively as follows: c=
0.000976563, g=0.000976563.
3) training and prediction
Classification of the svmtrain function and 10 groups of training samples carried using the tool box libsvm to support vector machines
Device is trained, and obtains model model.Finally, being predicted with security level of the model to 2 groups of test samples, prediction etc.
Unanimously with actual grade (3,2), accuracy rate reaches 100% to grade, and classification results are as shown in Fig. 5.
Safety of cloud service methods of risk assessment of the invention, the domestic and international research for summarising safety of cloud service evaluation field are existing
Shape, according to summary gone out presently, there are and urgently the problem of, and summarize current cloud computing safe practice and can reduce
The two is combined technical risk under condensed cloud computing environment by safety problem existing for which kind of risk and each level of cloud service mode
Principal element, to construct index system.Then application risk application form obtain data, then with entropy weight theory and support to
The method that amount machine combines falls into 5 types safety of cloud service grade, and constructs multi-category support vector machines security evaluation mould
Type, by instance analysis, the prediction security level and practical security level of cloud service provider are completely the same, to prove that the model is
Effectively, feasible.
The foregoing is only a preferred embodiment of the present invention, the scope of protection of the present invention is not limited to this, it is any ripe
Know those skilled in the art within the technical scope of the present disclosure, the letter for the technical solution that can be become apparent to
Altered or equivalence replacement are fallen within the protection scope of the present invention.
Claims (4)
1. a kind of safety of cloud service methods of risk assessment, which comprises the following steps:
Step 1, cloud computing security risk index system are established
According to the principal element of technical risk under cloud computing environment, equipment protection technology and monitoring of tools technology can reduce facility peace
Its induction-arrangement is arrived cloud computing technology security risk index system by full blast danger;
Step 2, quantification of targets data acquisition
In cloud computing technology security risk index system, including general objective layer, first class index layer, two-level index layer;Wherein level-one
Indicator layer is divided into hardware resource risk, data safety risk, virtualization security risk, interface security risk and resource allocation peace
5 indexs in full blast danger, two-level index includes equipment protection technology, monitoring of tools technology, intrusion detection and DDoS precautionary technology, close
Text retrieval adds with processing technique, data destroying technology, backup and recovery technology, data check technology, fault-toleranr technique, data
Secret skill art, data segmentation technique, data isolation technology, distributed proccessing, authentication and access control technology, virtual machine
Safe practice, antivirus protection technology, security audit technology, interface and API protection technique, scheduling of resource and distribution technique and more
19 evaluation indexes of tenant's technology;This 19 evaluation indexes are qualitatively, in order to accurately carry out cloud computing peace at present
Full risk assessment, it is necessary to this 19 evaluation indexes be quantified, quantization is exactly to its value of imparting;Wind according to cloud computing assessment
The characteristics of dangerous index, selects application risk inspection table to carry out quantization marking for each index, will according to the content and theme of research
Cloud computing security risk level is divided into 5 grades, and provides detection risk table;
Step 3, the index weight value based on entropy weight calculate
Based on the data that above-mentioned detection risk table obtains, the weight of each index is calculated using entropy weight method, so that it is determined that often
The weight of a index, i.e. significance level;
Step 4, support vector machines assessment
Support vector machines is applied into cloud computing security evaluation, and is around more classification and nonlinear problem expansion, to cloud meter
Safety is calculated to be assessed.
2. safety of cloud service methods of risk assessment according to claim 1, which is characterized in that step 3 specifically:
1. calculating feature specific gravity
If the initial data got is the matrix of a m*n, i.e. Rm*n, wherein m is the quantity for participating in the cloud service provider of evaluation, n
For the quantity of evaluation index;
If under jth item index, the specific gravity that the index value that i-th of evaluation object is got accounts for all evaluation object index total values is
pij, so:
2. calculating entropy
The relatively important entropy of jth item index are as follows:
Wherein, 0≤ej≤ 1, entropy is bigger, illustrates that risk indicator factor is smaller to the contribution of cloud computing risk assessment;
3. calculating each index weight value
After obtaining the entropy of each index, 1-e is usedjValue measure the power of each risk factors, and be normalized,
Obtain the weight of each evaluation index are as follows:
Wherein,The then index weight value vector of each index weights composition are as follows:
4. the index value of Calculation Estimation index
By index weights vector and Rm*nTransposed matrix RTMultiplication obtains the index value matrix of evaluation index, it may be assumed that
Rj=βj*RT (5)。
3. safety of cloud service methods of risk assessment according to claim 1, which is characterized in that step 4 specifically:
An optimal separating hyper plane is constructed, optimal separating hyper plane correctly separates two classes, and makes class interval most
Greatly;
1) for two classification problems
If there are the data sample set (x of linear separabilityi,yi), i=1,2 ..., n, xi∈Rd,yi∈ {+1, -1 }, linear discriminant
The form of function is that then to there is an Optimal Separating Hyperplane as follows by f (x)=ω x+b:
ω x+b=0 (6)
Discriminant function is normalized, meets all samples of two classes all | f (x) | >=1, sample nearest from classifying face at this time
F (x)=1, it is desirable that classifying face can correctly classify to all samples, that is, meet:
yi[(ω·xi)+b] -1 >=0, i=1,2 ..., n (7)
Class interval is equal at this timeInterval maximum is equivalent to | | ω | |2It is minimum;Meet formula (7) and makesThe smallest point
Class face is exactly optimal classification surface;
Therefore, optimal classification surface problem representation is asked under the constraint of formula (7) as minor function at following constrained optimization problem
Minimum value:
For this purpose, the Lagrange function being defined as follows:
In formula, αi>=0 is Lagrange multiplier;For the minimum value for asking formula (9), respectively to ω, b, αiSeek partial differential and enable them etc.
In 0, obtain
According to the constraint condition of formula (7) and (10), it converts the Solve problems of above-mentioned optimal classification surface to following convex secondary rule
Draw the dual problem of optimizing:
In formula, αiCorresponding Lagrange multiplier;This is a quadratic function optimization problem, existence and unique solution;IfIt is optimal
Solution, then have:
In formula,The sample being not zero, as supporting vector, therefore the weight coefficient vector of optimal classification surface is the line of supporting vector
Property combination;b*It is classification threshold, by constraint condition αi[yi(ω·xi+ b) -1]=0 solution;
The optimal classification function obtained after the solution above problem are as follows:
The problem of for linearly inseparable, introduces relaxation factor ξ and punishment parameter C, this, which allows for formula (8), becomes:
The data sample of the input space is mapped to by the problem of for linearly inseparable by introducing a Nonlinear Mapping φ
Then high-dimensional feature space constructs optimal classification surface in feature space, kernel function k appropriate is used in optimal classification surface
(xi,xj) and meet Mercer condition, the linear classification after can be achieved with a certain nonlinear transformation;
Similarly, i.e.,
Obtain classification function:
2) for more classification problems
What above-mentioned the problem of classifying primarily directed to two, was unfolded, but practical problem is often polytypic problem;When using branch
When holding the vector machine more classification problems of processing, it is necessary to construct suitable multi classifier.
4. safety of cloud service methods of risk assessment according to claim 3, which is characterized in that carried out using One-against-one
Classification.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910609486.1A CN110266723A (en) | 2019-07-08 | 2019-07-08 | A kind of safety of cloud service methods of risk assessment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910609486.1A CN110266723A (en) | 2019-07-08 | 2019-07-08 | A kind of safety of cloud service methods of risk assessment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110266723A true CN110266723A (en) | 2019-09-20 |
Family
ID=67924865
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910609486.1A Pending CN110266723A (en) | 2019-07-08 | 2019-07-08 | A kind of safety of cloud service methods of risk assessment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110266723A (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111461558A (en) * | 2020-04-04 | 2020-07-28 | 中国人民解放军海军工程大学 | Key data safety destruction evaluation method |
CN112561305A (en) * | 2020-12-10 | 2021-03-26 | 上海对外经贸大学 | Enterprise data privacy protection evaluation method based on hierarchical model |
CN112785154A (en) * | 2021-01-22 | 2021-05-11 | 西安交通大学 | Safety evaluation method of cloud ERP system |
CN112862468A (en) * | 2021-02-01 | 2021-05-28 | 湖南大学 | Export tax refunding and financing method, equipment and medium based on block chain |
CN112948823A (en) * | 2021-03-19 | 2021-06-11 | 中国人民解放军国防科技大学 | Data leakage risk assessment method |
CN113965389A (en) * | 2021-10-26 | 2022-01-21 | 天元大数据信用管理有限公司 | Network security management method, equipment and medium based on firewall log |
CN115208675A (en) * | 2022-07-18 | 2022-10-18 | 中国建设银行股份有限公司 | Cloud asset configuration security processing method and system, storage medium and electronic equipment |
CN115878111A (en) * | 2022-09-26 | 2023-03-31 | 北京犬安科技有限公司 | Method and system for realizing TARA data multiplexing for threat analysis and risk assessment |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102001560A (en) * | 2010-12-15 | 2011-04-06 | 南京市特种设备安全监督检验研究院 | Vertical lift safety evaluation method |
CN103136587A (en) * | 2013-03-07 | 2013-06-05 | 武汉大学 | Power distribution network operating state classification recognition method based on support vector machine |
CN104036112A (en) * | 2014-04-24 | 2014-09-10 | 河海大学 | Fault diagnosis method based on support vector machine and expert system |
CN104636449A (en) * | 2015-01-27 | 2015-05-20 | 厦门大学 | Distributed type big data system risk recognition method based on LSA-GCC |
CN104883369A (en) * | 2015-05-29 | 2015-09-02 | 天津大学 | Cloud configuration safety assessment method |
CN105896545A (en) * | 2016-06-16 | 2016-08-24 | 国网江苏省电力公司电力科学研究院 | Accident chain mode based distributed power flow controller location method |
CN107862455A (en) * | 2017-11-02 | 2018-03-30 | 国网天津市电力公司 | A kind of subjective and objective mixing appraisal procedure of power system cloud platform construction |
KR20180060044A (en) * | 2016-11-28 | 2018-06-07 | 주식회사 나라시스템 | Security System for Cloud Computing Service |
-
2019
- 2019-07-08 CN CN201910609486.1A patent/CN110266723A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102001560A (en) * | 2010-12-15 | 2011-04-06 | 南京市特种设备安全监督检验研究院 | Vertical lift safety evaluation method |
CN103136587A (en) * | 2013-03-07 | 2013-06-05 | 武汉大学 | Power distribution network operating state classification recognition method based on support vector machine |
CN104036112A (en) * | 2014-04-24 | 2014-09-10 | 河海大学 | Fault diagnosis method based on support vector machine and expert system |
CN104636449A (en) * | 2015-01-27 | 2015-05-20 | 厦门大学 | Distributed type big data system risk recognition method based on LSA-GCC |
CN104883369A (en) * | 2015-05-29 | 2015-09-02 | 天津大学 | Cloud configuration safety assessment method |
CN105896545A (en) * | 2016-06-16 | 2016-08-24 | 国网江苏省电力公司电力科学研究院 | Accident chain mode based distributed power flow controller location method |
KR20180060044A (en) * | 2016-11-28 | 2018-06-07 | 주식회사 나라시스템 | Security System for Cloud Computing Service |
CN107862455A (en) * | 2017-11-02 | 2018-03-30 | 国网天津市电力公司 | A kind of subjective and objective mixing appraisal procedure of power system cloud platform construction |
Non-Patent Citations (4)
Title |
---|
KHORSHED, M. T.等: "A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing"", 《FUTURE GENERATION COMPUTER SYSTEMS》 * |
姜茸等: ""云计算安全风险因素挖掘及应对策略"", 《现代情报》 * |
姜茸等: ""云计算技术安全风险评估研究"", 《电子技术应用》 * |
孙文兵: ""支持向量机在水资源质量分类评价中的应用"", 《邵阳学院学报(自然科学版)》 * |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111461558A (en) * | 2020-04-04 | 2020-07-28 | 中国人民解放军海军工程大学 | Key data safety destruction evaluation method |
CN111461558B (en) * | 2020-04-04 | 2022-04-22 | 中国人民解放军海军工程大学 | Key data safety destruction evaluation method |
CN112561305A (en) * | 2020-12-10 | 2021-03-26 | 上海对外经贸大学 | Enterprise data privacy protection evaluation method based on hierarchical model |
CN112785154A (en) * | 2021-01-22 | 2021-05-11 | 西安交通大学 | Safety evaluation method of cloud ERP system |
CN112862468A (en) * | 2021-02-01 | 2021-05-28 | 湖南大学 | Export tax refunding and financing method, equipment and medium based on block chain |
CN112862468B (en) * | 2021-02-01 | 2024-03-22 | 湖南大学 | Block chain-based export tax refund financing method, equipment and medium |
CN112948823A (en) * | 2021-03-19 | 2021-06-11 | 中国人民解放军国防科技大学 | Data leakage risk assessment method |
CN113965389A (en) * | 2021-10-26 | 2022-01-21 | 天元大数据信用管理有限公司 | Network security management method, equipment and medium based on firewall log |
CN113965389B (en) * | 2021-10-26 | 2024-05-03 | 天元大数据信用管理有限公司 | Network security management method, device and medium based on firewall log |
CN115208675A (en) * | 2022-07-18 | 2022-10-18 | 中国建设银行股份有限公司 | Cloud asset configuration security processing method and system, storage medium and electronic equipment |
CN115878111A (en) * | 2022-09-26 | 2023-03-31 | 北京犬安科技有限公司 | Method and system for realizing TARA data multiplexing for threat analysis and risk assessment |
CN115878111B (en) * | 2022-09-26 | 2024-02-06 | 北京犬安科技有限公司 | Threat analysis and risk assessment TARA data multiplexing implementation method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110266723A (en) | A kind of safety of cloud service methods of risk assessment | |
CN103782303B (en) | System and method for the detection based on unsigned of malice process | |
CN109446817A (en) | A kind of detection of big data and auditing system | |
Makarova | Determining the choice of attack methods approach | |
Bhogal et al. | A review on big data security and handling | |
CN112637108B (en) | Internal threat analysis method and system based on anomaly detection and emotion analysis | |
CN111563254A (en) | Threat risk processing method and apparatus for product, computer system and medium | |
Meriah et al. | A survey of quantitative security risk analysis models for computer systems | |
Pamuji et al. | Linear regression for prediction of excessive permissions database account traffic | |
CN115080291A (en) | Container abnormal behavior processing method and device | |
Shaorong et al. | Research on campus network security protection system framework based on cloud data and intrusion detection algorithm | |
Zaburko et al. | Information security risk assessment using the AHP method | |
Tse et al. | Risks facing smart city information security in Hangzhou | |
Chen et al. | RF-SVM based awareness algorithm in intelligent network security situation awareness system | |
Kavak et al. | The impact of information security management guide utilization on technological and institutional information security measures in university libraries in Türkiye | |
Wang et al. | Network computer security hidden dangers and vulnerability mining technology | |
Kim et al. | A study on analyzing risk scenarios about vulnerabilities of security monitoring system: focused on information leakage by insider | |
Geetha Rani et al. | A Survey of Recent Cloud Computing Data Security and Privacy Disputes and Defending Strategies | |
Zhu et al. | Quantitative safety assessment method of industrial control system based on reduction factor | |
Zhang | Information security risk assessment based on cloud computing and bp neural network | |
Yang et al. | Research on Quantitative Evaluation Method of Network Security in Substation Power Monitoring System | |
US20230188542A1 (en) | Enhancing hybrid traditional neural networks with liquid neural network units for cyber security and offense protection | |
Arki et al. | A Security Framework for Cloud Data Storage (CDS) Based on Agent | |
Zheng | The Classification and Classification of Big Data Based on the Internet of Things | |
Dong et al. | A Privacy-Preserving Electricity Theft Detection (PETD) Scheme for Smart Grid |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190920 |