發(fā)布時(shí)間：2018-06-09 00:44

  本文選題：安全存儲(chǔ)系統(tǒng) + 機(jī)密性�。� 參考：《華中科技大學(xué)》2012年碩士論文

【摘要】：隨著網(wǎng)絡(luò)技術(shù)和存儲(chǔ)技術(shù)的飛速發(fā)展，越來越多的數(shù)據(jù)在網(wǎng)絡(luò)上存儲(chǔ)和共享，但與此同時(shí)數(shù)據(jù)面臨的安全威脅也日益增多，存儲(chǔ)安全的重要性日益凸顯。 通過分析現(xiàn)有的分布式存儲(chǔ)系統(tǒng)的安全機(jī)制以及實(shí)施方案，發(fā)現(xiàn)目前的安全策略實(shí)施時(shí)有所側(cè)重，，基本上保證機(jī)密性、完整性、可用性這些傳統(tǒng)安全機(jī)制指標(biāo)。然而在分布式環(huán)境下，復(fù)雜多變的網(wǎng)絡(luò)結(jié)構(gòu)，異構(gòu)的存儲(chǔ)機(jī)群，以及高并發(fā)量的用戶，存在著密鑰管理復(fù)雜、系統(tǒng)性能影響較大、安全管理脆弱等缺點(diǎn)，因此靈活高效的密鑰管理策略和可靠完善的安全管理機(jī)制是提高存儲(chǔ)安全系統(tǒng)效率的重要因素。 針對(duì)現(xiàn)有分布式安全存儲(chǔ)系統(tǒng)的安全管理機(jī)制不完善，密鑰管理策略不能同時(shí)滿足安全性、靈活性和高效性的需求。本文提出了一種分布式環(huán)境下存儲(chǔ)安全解決方案，引入可信的安全管理器和密鑰服務(wù)器。通過權(quán)限證書和文件分組，實(shí)施靈活的訪問控制策略和安全的數(shù)據(jù)共享機(jī)制；通過單獨(dú)的密鑰服務(wù)器，實(shí)現(xiàn)安全高效的密鑰管理策略；通過統(tǒng)一的的安全管理接口，方便用戶和管理員進(jìn)行日常的安全管理操作；通過審計(jì)日志，完成整個(gè)儲(chǔ)存系統(tǒng)的實(shí)時(shí)監(jiān)測(cè)和用戶行為的統(tǒng)計(jì)追蹤。 論文研究的目標(biāo)是實(shí)現(xiàn)高效的分布式安全存儲(chǔ)系統(tǒng)，保證數(shù)據(jù)安全、高效的存儲(chǔ)和訪問。實(shí)驗(yàn)顯示，在分布式存儲(chǔ)系統(tǒng)上實(shí)施上述安全方案，隨機(jī)讀寫性能下降的分別為24%和29%，對(duì)系統(tǒng)整體效率影響不大。
[Abstract]:With the rapid development of network technology and storage technology, more and more data are stored and shared on the network. The importance of storage security is becoming more and more important. By analyzing the security mechanism and implementation scheme of the existing distributed storage system, we find that the current security policy has some emphasis on the implementation, which basically ensures confidentiality and integrity. Availability these traditional security mechanism metrics. However, in the distributed environment, the complex and changeable network structure, heterogeneous storage cluster, and high concurrent users have some shortcomings, such as complex key management, great impact on system performance, fragile security management, and so on. Therefore, flexible and efficient key management strategy and reliable and perfect security management mechanism are important factors to improve the efficiency of storage security system. Key management policies cannot meet the requirements of security, flexibility and efficiency. This paper presents a storage security solution in distributed environment, which introduces trusted security manager and key server. Through privilege certificate and file grouping, flexible access control policy and secure data sharing mechanism are implemented; through a separate key server, a secure and efficient key management strategy is realized; and a unified security management interface is adopted. It is convenient for users and administrators to carry out daily security management operations. Through audit log, real-time monitoring of the entire storage system and statistical tracking of user behavior are completed. The goal of this paper is to realize an efficient distributed secure storage system. Ensure data security, efficient storage and access. The experimental results show that the random read and write performance drops by 24% and 29% respectively in the distributed storage system, which has little effect on the overall efficiency of the system.
【學(xué)位授予單位】：華中科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2012
【分類號(hào)】：TN918.4;TP333

【參考文獻(xiàn)】

相關(guān)期刊論文 前3條

1 肖國(guó)鎮(zhèn),白恩健,劉曉娟;AES密碼分析的若干新進(jìn)展[J];電子學(xué)報(bào);2003年10期

2 崔國(guó)華,洪帆,付小青,胡倫駿;數(shù)據(jù)庫系統(tǒng)中一種更安全的加密機(jī)制[J];華中理工大學(xué)學(xué)報(bào);2000年07期

3 楊德志,黃華,張建剛,許魯;大容量、高性能、高擴(kuò)展能力的藍(lán)鯨分布式文件系統(tǒng)[J];計(jì)算機(jī)研究與發(fā)展;2005年06期

相關(guān)碩士學(xué)位論文 前1條

1 趙俊杰;面向?qū)ο蟠鎯?chǔ)系統(tǒng)安全模型的研究與實(shí)現(xiàn)[D];江蘇大學(xué);2006年

本文編號(hào)：1998001