云计算环境下的拟态IAM系统设计实现方法
Design and implementation method of mimic IAM system in cloud computing environment
宋玉 1孙贺 2王家兴 2潘云飞 2张建辉3
作者信息
- 1. 郑州大学计算机与人工智能学院,河南郑州 450001
- 2. 郑州大学 网络空间安全学院,河南 郑州 450002
- 3. 信息工程大学 国家数字交换系统工程技术研究中心,河南 郑州 450000
- 折叠
摘要
随着云计算的快速发展及其普及,企业的传统数据安全边界被打破,出现云资产管理混乱、越权、误操作等现象,对用户的信息安全产生巨大威胁.基于此,对目前云计算环境下身份认证和访问管理(identity and access manage-ment,IAM)的安全问题进行研究,提出结合内生安全思想,采取拟态防御手段构建出一种具有内生安全效应的拟态身份认证和访问管理(mimicry identity and access management,MIAM)体系架构方案,并对其进行详细描述.将该方案分别进行稳定性测试、系统性能测试以及系统安全性评估,实验数据表明,该方案具有可行性和安全性.
Abstract
With the rapid development and popularization of cloud computing,the traditional data security boundary of enterprises has been broken,and there are phenomena such as chaos,overreach,and misoperation of cloud asset management,which poses a huge threat to the information security of users.Based on this,the security problems of identity and access management(IAM)in the current cloud computing environment were studied,and a mimicry identity and access management(MIAM)archi-tecture scheme with endogenous security effect was proposed to be constructed by means of mimicry defense combined with endogenous security ideas.And it was described in detail.The stability test,system performance test and system security evalua-tion of the scheme were carried out separately.Experimental data show that the scheme is feasible and secure.
关键词
云计算/拟态防御/内生安全/身份认证/访问管理/信息安全/网络安全Key words
cloud computing/mimic defense/endogenous safety/authentication/access management/information security/cy-ber security引用本文复制引用
基金项目
河南省科技攻关计划(222102210231)
出版年
2024
NETL
NSTL
维普
万方数据