Research And Implementation Of Key Technology Of Active Monitoring Mechanism In Cloud Environment

With the development of information technology,cloud computing developed rapidly,at present,cloud computing has become the main way of a large number of data computing and storage management.With the development of cloud computing,security issues are also highlighted,on the one hand,users will store data resources in the cloud,unified management by the cloud administrator,resulting in the user and data ownership,management and the right to completely separate,which led to the user cloud administrator’s trust crisis.On the other hand,the current cloud security architecture is based on passive defense mechanism,the lack of active defense of the security mechanism,although some of the cloud security architecture based on the initiative of the cloud security architecture,based on the direct control of the data,defense mechanism,but there is no set of active monitoring through the real-time monitoring of cloud environment effective program.In view of the problems existing in cloud security,the main contents of this paper are as follows:(1)This paper expounds the current security problems of cloud computing,including the problem of cloud administrator trust crisis,the problem of virtualization and the unknown problem of user operation in cloud environment,pointing out the importance of cloud security problem and the urgency of solving cloud security problem.And then analyzes the shortcomings of the existing cloud security architecture,indicating that the existing cloud security architecture in the solution to the current cloud security problems are flawed;Finally put forward the credibility of the cloud architecture.(2)In view of the problem of trust crisis among users,this paper develops a corresponding credible policy based on the service-level agreement signed by the user and the cloud administrator to the user’s cloud environment.Through the measurement and verification guarantee the credibility of the user’s cloud environment,and the introduction of credible third party to verify the security of cloud environments deployed by cloud administrators.(3)In order to monitor the behavior of the user in the cloud environment in real time,this paper embeds the trusted monitoring point in the cloud environment,obtains the user’s operation information by dynamically loading the security module in the kernel layer,and sends the obtained message to the measurement module credible measurement,if the measurement results prove that the user action is not credible,trusted decision-making module will be credible user behavior prohibited,so as to further ensure the security of the cloud environment.(4)In the active monitoring module,the trusted control module obtains the operation information of the user layer and sends it to the trusted metric module for message measurement.In this paper,the message communication between the trusted control module and the trusted metric module is realized by netlink technology.(5)In view of the characteristics of cloud computing,this paper on the OpenStack platform to deploy the test environment,and the system’s functional modules to test to verify the reliability and effectiveness of the system.