本文已被:浏览 1998次 下载 536次
投稿时间:2019-05-08 修订日期:2020-04-13
投稿时间:2019-05-08 修订日期:2020-04-13
中文摘要: 针对传统云服务安全评估方法中存在的评估指标粒度粗且难以量化以及评估方法主观依赖度高且效率低等问题,提出了一种基于标准化安全指标体系的云服务安全等级评估模型。首先,依据评估指标体系设计原则,以中国云计算服务安全能力要求标准为基础,借鉴国外机构有关云服务的安全控制框架及服务水平协议标准,提出了一种细粒度及可量化的标准化安全指标体系构建方法;然后,基于此指标体系提出了云服务安全等级评估模型,该模型在评估云服务的安全等级时,考虑到安全指标体系中指标类型的差异化及其属性对云服务安全性的影响,设计了一种基于客观指标权重分配的安全等级评估方法,对评估对象的安全等级进行量化评估;最后,分别通过应用案例和性能分析实验,验证了本文所提出的评估模型的有效性以及评估方法的效率。实验结果表明,本文提出的基于标准化安全指标体系的云服务安全等级评估模型不仅能有效、准确地评估不同云服务商的安全能力,而且其安全等级评估方法在性能方面优于传统的基于层次分析法的云服务安全评估方法。
Abstract:In order to cope with the issues existing in the traditional literature that assessment metrics are coarse-grained and non-quantitative as well as assessment methods are subjective and low efficiency, an assessment model of could service security level based on the standardized security metric hierarchy was proposed. First, a fine-grained, quantifiable and standardized cloud service security metric hierarchy was structured according to the principle of evaluation metric system. The content of cloud service security metric hierarchy was composed of both domestic and foreign standards related to the cloud service security. Second, a cloud service security level evaluation model was proposed based on the metric hierarchy. Considering the difference of metric’ types and impact of attributes on the security features of cloud services, a security level assessment method was designed based on the objective weights assignment of the metrics to evaluate the security level of cloud services. Finally, a case study and a performance comparison experiment were respectively conducted to validate effectiveness of the proposed assessment model and efficiency of its evaluation method. Experimental results show that the proposed assessment method is efficient and accurate in the cloud service security level assessment, and the evaluation method outperforms the traditional cloud service security assessment methods.
keywords: cloud service security metric security level assessment objective weight assignment TOPSIS
文章编号:201900429 中图分类号:TP309.1 文献标志码:
基金项目:国家自然科学基金项目(61802270;61802271);中央高校基本科研业务费专项资金(SCU2018D018;SCU2018D022)
作者简介:李想(1987-),男,博士生.研究方向:云服务安全评估;云服务信任管理.E-mail:463651743@qq.com
引用文本:
李想,杨瑞,陈兴蜀,刘垚磊,王启旭.基于标准化安全指标体系的云服务安全等级评估模型[J].工程科学与技术,2020,52(3):159-167.
LI Xiang,YANG Rui,CHEN Xingshu,LIU Yaolei,WANG Qixu.Assessment Model of Cloud Service Security Level Based on Standardized Security Metric Hierarchy[J].Advanced Engineering Sciences,2020,52(3):159-167.
引用文本:
李想,杨瑞,陈兴蜀,刘垚磊,王启旭.基于标准化安全指标体系的云服务安全等级评估模型[J].工程科学与技术,2020,52(3):159-167.
LI Xiang,YANG Rui,CHEN Xingshu,LIU Yaolei,WANG Qixu.Assessment Model of Cloud Service Security Level Based on Standardized Security Metric Hierarchy[J].Advanced Engineering Sciences,2020,52(3):159-167.