Research On Trusted Service Model And Its Key Problem In Cloud Computing Enviornment

Cloud computing service is usually carried out in a dynamic, open network environment. The inherent characteristic of dynamicity and instability of Cloud computing services leads to the frequent failure of the service, which in turn brings new challenges to build trusted cloud services. This thesis focuses on formal modeling of trusted services in cloud computing environment. An approach for aspect-oriented trusted model of cloud computing services is proposed. Based on the aspect-oriented colored Petri Nets, basic module and trusted module, including security, fault detect, test case selection, are modeled as separate sub modules, connected by general and specific substitution transitions. Model checking techniques and case studies are used to verify trusted properties of cloud services. The experimental results show the feasibility and effectiveness of the method.The main contributions of this thesis are as follows.1. Research on trusted service modeling in cloud computing based on AOPBased on the studies on the theory of Petri nets and AOP, a cloud computing trusted service model (CTN) is proposed in this thesis. Based on the aspect-oriented colored Petri nets, basic function net and trusted net of cloud service are modeled as separate sub modules. The model also provides theoretical foundation for formal modeling and analysis in the subsequent three specific measures to enhance the credibility of cloud computing service.Through separating the credible crosscutting from cloud computing service’s business processe, and describing the trust properties of the crosscutting by hierarchical colored Petri nets, a Petri nets model of cloud computing trusted service is built. This model accurately describes the cloud service features as Petri nets, and reduces the complexity of analysis and verification. Precise formal description of the Petri-net model, effectively enhances system credibility of the application model to build the actual cloud.2. Research on security access control strategy of cloud computing trusted service According to trusted cloud computing service needs, research on cloud computing service access control description language is undertaken, which is based on AOP for accurately describe the security requirements of users on the trusted cloud computing services. According to the cloud computing services implementation process, description language is used to construct the access control model of cloud computing services. Research on access control policy for cloud computing trusted services is based on the execution semantics of the model and Qos of the service.A method based on CTN model to control the dynamic security access to cloud service is proposed. On this basis, the method implements the algorithm of dynamic access control policy, verifies the correctness and validity of the Petri net operational semantics, and theoretically analyzes cloud computing access control policy.3. Research on fault detect method of cloud computing trusted serviceThe research applies CTN to model analysis with Byzantine fault detecting method on cloud computing trusted service, and builds a cloud computing trusted service fault diagnosis model base on CTN, including description of computing resources and network resources, data and logical relationships between tasks, the match between mandates and resources, the types and characteristics of fault.A method based on CTN model to detect and locate Byzantine fault is proposed. According to the fault type and characteristics, the method puts forward a part node rotation detection strategy, depicts detection strategies using CTN model, gives the detection algorithm, and verifies the correctness and validity with the help of operational semantics and model state space of Petri nets.4. Research on service test method of cloud computing trusted serviceBased on CTN model, a testing framework of cloud computing service is proposed. Bases on AOP, the framework separates the test concerns from core concerns of cloud computing trusted service, integrates these modules dynamically to a complete cloud computing service model by using weaving mechanism. The framework also gives a cloud computing service test case selection strategy, abstracts the test case selection algorithm into the test model of cloud computing service portfolio, implements the test case selection algorithm, and verifies the correctness and validity of the service portfolio with the help of operational semantics and model state space of Petri nets.