發(fā)布時間：2018-06-09 00:44

  本文選題：安全存儲系統(tǒng) + 機密性��； 參考：《華中科技大學》2012年碩士論文

【摘要】：隨著網(wǎng)絡技術(shù)和存儲技術(shù)的飛速發(fā)展，越來越多的數(shù)據(jù)在網(wǎng)絡上存儲和共享，但與此同時數(shù)據(jù)面臨的安全威脅也日益增多，存儲安全的重要性日益凸顯。 通過分析現(xiàn)有的分布式存儲系統(tǒng)的安全機制以及實施方案，發(fā)現(xiàn)目前的安全策略實施時有所側(cè)重，，基本上保證機密性、完整性、可用性這些傳統(tǒng)安全機制指標。然而在分布式環(huán)境下，復雜多變的網(wǎng)絡結(jié)構(gòu)，異構(gòu)的存儲機群，以及高并發(fā)量的用戶，存在著密鑰管理復雜、系統(tǒng)性能影響較大、安全管理脆弱等缺點，因此靈活高效的密鑰管理策略和可靠完善的安全管理機制是提高存儲安全系統(tǒng)效率的重要因素。 針對現(xiàn)有分布式安全存儲系統(tǒng)的安全管理機制不完善，密鑰管理策略不能同時滿足安全性、靈活性和高效性的需求。本文提出了一種分布式環(huán)境下存儲安全解決方案，引入可信的安全管理器和密鑰服務器。通過權(quán)限證書和文件分組，實施靈活的訪問控制策略和安全的數(shù)據(jù)共享機制；通過單獨的密鑰服務器，實現(xiàn)安全高效的密鑰管理策略；通過統(tǒng)一的的安全管理接口，方便用戶和管理員進行日常的安全管理操作；通過審計日志，完成整個儲存系統(tǒng)的實時監(jiān)測和用戶行為的統(tǒng)計追蹤。 論文研究的目標是實現(xiàn)高效的分布式安全存儲系統(tǒng)，保證數(shù)據(jù)安全、高效的存儲和訪問。實驗顯示，在分布式存儲系統(tǒng)上實施上述安全方案，隨機讀寫性能下降的分別為24%和29%，對系統(tǒng)整體效率影響不大。
[Abstract]:With the rapid development of network technology and storage technology, more and more data are stored and shared on the network. The importance of storage security is becoming more and more important. By analyzing the security mechanism and implementation scheme of the existing distributed storage system, we find that the current security policy has some emphasis on the implementation, which basically ensures confidentiality and integrity. Availability these traditional security mechanism metrics. However, in the distributed environment, the complex and changeable network structure, heterogeneous storage cluster, and high concurrent users have some shortcomings, such as complex key management, great impact on system performance, fragile security management, and so on. Therefore, flexible and efficient key management strategy and reliable and perfect security management mechanism are important factors to improve the efficiency of storage security system. Key management policies cannot meet the requirements of security, flexibility and efficiency. This paper presents a storage security solution in distributed environment, which introduces trusted security manager and key server. Through privilege certificate and file grouping, flexible access control policy and secure data sharing mechanism are implemented; through a separate key server, a secure and efficient key management strategy is realized; and a unified security management interface is adopted. It is convenient for users and administrators to carry out daily security management operations. Through audit log, real-time monitoring of the entire storage system and statistical tracking of user behavior are completed. The goal of this paper is to realize an efficient distributed secure storage system. Ensure data security, efficient storage and access. The experimental results show that the random read and write performance drops by 24% and 29% respectively in the distributed storage system, which has little effect on the overall efficiency of the system.
【學位授予單位】：華中科技大學
【學位級別】：碩士
【學位授予年份】：2012
【分類號】：TN918.4;TP333

【參考文獻】

相關(guān)期刊論文 前3條

1 肖國鎮(zhèn),白恩健,劉曉娟;AES密碼分析的若干新進展[J];電子學報;2003年10期

2 崔國華,洪帆,付小青,胡倫駿;數(shù)據(jù)庫系統(tǒng)中一種更安全的加密機制[J];華中理工大學學報;2000年07期

3 楊德志,黃華,張建剛,許魯;大容量、高性能、高擴展能力的藍鯨分布式文件系統(tǒng)[J];計算機研究與發(fā)展;2005年06期

相關(guān)碩士學位論文 前1條

1 趙俊杰;面向?qū)ο蟠鎯ο到y(tǒng)安全模型的研究與實現(xiàn)[D];江蘇大學;2006年

本文編號：1998001