A Secure Data Access Model in Cloud Computing Environment and Its Performance Evaluation

• Main Authors: Yong-Kuei Liu, 劉用貴
• Other Authors: Prof. Patrick S. Chen
• Format: Others
• Language: zh-TW
• Published: 2014
• Online Access: http://ndltd.ncl.edu.tw/handle/89129510239886273965

博士 === 大同大學 === 資訊工程學系(所) === 102 === Services provided over the Internet are permeated with a number of risks, including system intrusion under false identification, theft of sensitive and private data, and sniffing of data in transmission, just to name a few. Meanwhile, issues such as data isolation and access efficiency in the cloud environment are yet to be resolved. This explains the sustained reservation of businesses over cloud-based services or applications. Users of cloud computing are most concerned with whether cloud providers have the capacity to secure clients’ data and prevent access to or damage of data by unauthorized users. This research proposes a new method to prevent potential risks related to cloud access by creating a “secure data access model for cloud environment”, designed to make access to distributed database more secure and efficient. The model incorporates active identity authentication, secure isolation and data exchange, prioritized multi-level scheduling control, distributed access and encryption/decryption technologies. With this model, users must pass private cloud active authentication before receiving an authorization code. Users’ data will be encrypted and sent to an independent channel for secure isolation and data exchange before users can enter the private cloud and be granted access rights for transaction. Prioritized multi-level secure scheduling for secure distributed data access is recommended to boost transaction efficiency. We upgraded Altruistic Locking (AL) to Prioritized AL. We discussed its nature and proved that Prioritized AL-based scheduling can be serialized. Experiments show that scheduling policy increases the efficiency of access to distributed databases. The combination and simulation of priority and multi-level security through views can achieve secure data access. The results of this research indicate that control of the “read” function is the premise of good access control and the solution to most threats of improper access, and good scheduling serialization of the “write” function is an effective way to prevent deadlocks. This research reveals that this secure data access architecture in the cloud environment is effective in preventing unauthorized access, improving transaction concurrency, and promoting data access efficiency. Experiments of this research show active authentication in the private cloud and secure isolation are able to seclude threats from the public cloud; prioritized multi-level security in combination with distributed database facilitates faster and more effective transaction through AL, reducing the time to commit transactions and rollbacks and preventing deadlocks. Based on the comparison between two experiment groups, Prioritized AL proves to perform better than conventional two-phase locking, and AL as the scheduling mechanism is able to achieve better efficiency. The usability of the architecture proposed in this research is therefore evident.