论文英语翻译摘要例文

时间:2024.3.20

iii

摘 要

翻译是运用一种语言把另一种语言所表达的思想准确而有完整地再次表达出来的语言实践活动。在翻译过程中,为使译文高层次地达到语义、风格的和谐等值,词性的转换是译者必用的手法。根据英汉两种语言的不同特点,本文重点强调了汉语和英语两种语言互译中词性转换的重要性,并举例说明在英译汉和汉译英中经常要进行词性转换,使译文过更加通顺或地道。此外,以一些实例分析中国英语学习者在词性转换中存在的问题及提供相应对策。

关键词:词性;翻译;词性转换;英汉互译

iv

Abstract

Translation can be defined that the merit of the original work is so completely and accurately transfused into another language. In the process of translation, in order to achieve equivalence of high level, the transform of parts of speech must be used by translator. This paper emphasizes the importance of the transformation of parts of speech in English to Chinese or Chinese to English translation based on different characteristics of English and Chinese. And it is demonstrated with examples that in translation between English and Chinese the parts of speech of words is often conversed to make the version move coherent and idiomatic. Furthermore, taking Chinese learners’ errors in transform of parts of speech the paper suggests some countermeasures.

Key words: parts of speech; translation; transform; translation between English

and Chinese


第二篇:计算机 专业英语翻译 论文


杭州电子科技大学

计算机专业英语结课论文

云计算的安全性 组 员:张红 09052704 (10-14页)

汤丽 09052706 (15-17页)

指导教师:

20xx年4 月7日

1

原文:

Who Can You Trust in the Cloud?

A Review of Security Issues Within Cloud Computing

ABSTRACT

In this paper, we discuss security issues with Cloud BasedComputing and Cloud

Operating Systems. Cloud computing has recently experienced a significant increase in

popularity as major companies such as Google and Microsoft have started to release cloud based products, advertise the use of the cloud, and even release an open source Cloud OS. As the general public becomes more aware of cloud based computing and the popularity increases the demand for security will increase. This paper discusses both unique security concerns for cloud computing as well as shared security issues between cloud and traditional computing. Current solutions for these security risks are also discussed and evaluated. In addition, we propose a method for allowing the user to select specific security levels of security for items and make a list of security items that all users should be aware of before opting to use cloud based services.

Categories and Subject Descriptors

D.4.6 [Security and Protection]: Cryptographic controls, Access controls

D.4.6 [Operating Systems]: Security and Protection - Access controls – Authentication, Cryptographic controls, Informationflow controls, Invasive software.

D.4.7 [Operating system] Organization and Design- Distributed systems

General Terms

Cloud Computing, Cloud Operating System, Security, WS-Security, TLS, XML

Encryption, XML Signature, Browser Security

1. INTRODUCTION

Cloud Computing has been a hot topic of discussion for several years. The recent

deployment of Google’s Chrome OS, an open-source cloud based operating system, has added fuel to concerns for the security of cloud computing especially when the majority of the operating systems tasks are handled outside of the users hardware and control.

Permission to make digital or hard copies of all or part of this work for personal or

classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.

Information Security Curriculum Development Conference 2011 October 7-9, 2011,

Kennesaw, GA, USA.

Copyright 2011 ACM 978-1-4503-0812-0/10/11…$10.00.

In addition, Microsoft and other companies have started focusing more technology and advertisements on cloud based applications. While cloud computing and cloud based

operating systems are not brand new, it is of importance to reevaluate the aspects of security for cloud computing as awareness and popularity of using cloud computing becomes more popular. Security aspects of cloud computing have been compared to historical work on early time-sharing systems [1]. Similar security problems are resurfacing as modern use of computers reverts back to server-based usage. Given this similarity, some problems with cloud computing already have solutions. In addition, most of the security issues with cloud 2

computing already exist in currently used methods for computing. Having said this, there are novel problems that exist as a result of cloud computing and should or have been addressed. Finally, security within the cloud network covers more than just the security of users’ data. It also includes the prevention of cloud based bot networks, spam, and other types of tactics abusing the capabilities of the seemingly infinite resources available within the cloud. In section 2 we give an overview of Cloud Computing. The section covers cloud computing with virtual machines, such as on the Amazon Elastic Compute Cloud (EC2) and Cloud

Operating Systems such as Google Chrome OS. We feel that it is important to have at least a general understanding of Cloud Computing to understand the security issues. Section 3

discusses the security issues for cloud computing. The section attempts to give a well rounded examination of both new and preexisting security concerns and how those security concerns are addressed. The section also covers aspects affecting users as well as potential security risks to the providers and potential abuses of clients. A proposed solution for allowing users to select security settings is discussed in section 4 and a proposal is made for a standardized method for assigning security for data across cloud networks. In addition, a list of security issues that all users should be aware of is given and suggestions are made for users to minimize security risks if they choose to use cloud based services. Lastly, the conclusion summarizes all of the security concepts and suggests future areas of research based on the material discussed in this paper.

2. OVERVIEW OF CLOUD COMPUTING

Cloud computing is a very broad term used for the recent development of internet-based computing. This section gives a very brief summary of cloud computing and also discusses cloud operating systems. The goal of this section is to give any readers a foundation of knowledge so that they can better understand security concerns as well as current security measures existing within cloud computing.

2.1 Virtualization, IaaS, SaaS, and PaaS

Virtualization is the central technology which makes cloud computing possible [4, 5]. Essentially, virtualization is a technology that makes it possible for a single PC or server to simultaneously run more than one session of an operating system. This allows users to run applications designed for different operating systems on a single machine instead of having multiple pieces of hardware for each required operating system. In order to allow a system to run multiple operating system, virtual machines are created which emulate a hardware device. Virtual machines also known as Hypervisors [4] handles communication between the

different operating systems and the CPU within the PC or server, storage of data, and network connection. This new technology allowed corporations such as Amazon to create massive

networks of servers with virtually an unlimited number of virtual machines. Amazon’s Elastic Compute Cloud (EC2) is probably the most well known vendor of infrastructure-as-a-service (IaaS) which is a term coined for allowing a client to rent virtual machine images as a service.

A user can install software, store data, and do almost everything that can be done with a

physical PC or server. Virtualization allowed providers to greatly expand the capabilities for server-side tasks and made it more cost efficient for clients to use IaaS. Clients were no

longer obligated to spend money for hardware and maintenance. Instead, the provider is able to supply highly cost effective servers as part of a large datacenter or warehouse. Around the same time, providers started to offer Software-as-a-service (SaaS) which was the beginning of cloud computing. SaaS is also referred to as ―software on demand‖ in which a client can use software provided by a organization and pay for the usage in unit or measurement. With this 3

new technology, creative minds were able to develop the idea for cloud computing. While this term as mentioned earlier is broad and encompasses many different ideas and practices, the basic idea of the cloud is that more computations are completed on the server side. Servers are managed within datacenters and optimized for maximum efficiency and performance; with servers playing the major role in providing service, users are able to experience a seemingly instant, more capable, and dynamic system.

2.2 Cloud Computing Architecture

Cloud computing can be divided into two sections, the user and the cloud. In most scenarios, the user is connected to the cloud via the internet. It is also possible for an organization to have a private cloud in which a user is connected via a intranet. However, both scenarios are

identical other than the use of a private and public network or cloud [5]. The user sends requests to the cloud and the cloud provides the service. See Figure 1.

Within the cloud, a central server is responsible for administering the system and in

many ways functions as the operating system of the specific cloud network. Another name for this is called ―middleware‖ which is the central server for a particular cloud. Examples include Google App Engine and Amazon EC2 [5].

2.3 Cloud Applications

The most common form of cloud applications are called Software- as-a-Service (SaaS) in which a company makes a software available over the web for users to pay for in some form or another. Examples of popular SaaSs include financial software, document software, and almost all software one would expect to find for private computing. There are also free types of SaaS such as Google Apps which includes Google Docs, which allows users to

complete many features of desktop publishers such as Microsoft Windows Office. However, Google Docs does not offer as much functionality as typical desktop publishers, but it does add the ability to dynamically save materials (every update is saved automatically) so that if connection is lost between the user and the cloud no materials will be lost. In addition, users are able to share documents and edit simultaneously over the web. This allows easier

collaboration and reduces the amount of time individuals have to spend compiling multiples drafts of Documents.

2.4 Just Enough Operating Systems

In a movement toward taking full advantage of cloud computing many organizations

have started to develop an operating system for users that would do ―just enough‖ in order for them to use cloud computing options. This has led to the term Just Enough Operating System (JeOS). A JeOS is a step toward allowing users to become dependent on the cloud for handling the majority of tasks. The JeOS is a new advancement in directing users to only using browsers for running applications. By using browsers all applications in any language could be accessible as long as the server were able to translate into a web browser format. Security of future PCs could be focused on browser based security.

2.5 Cloud Operating Systems

Building on the development of JeOSs, Cloud Operating Systems have been developed. Most

recently, Google has released Google Chrome OS on a laptop named CR-48 for a pilot program. Basically, the Google Chrome OS is a form of JeOS which provides an operating systems that only handles necessities required to allow the user to user the Google Chrome browser to access cloud applications. It is expected that the use of JeOS will become more common within the

marketplace because consumers will be able to purchase hardware at a fraction of the price of traditional hardware that uses non-cloud based operating systems. Also, as mentioned earlier, this type of 4

setup reduces the costs for organizations by not requiring them to purchase operating systems or pay for labor to maintain servers.

3. SECURITY ISSUES

As mentioned previously, there are many security concerns for the use of cloud

computing. These security concerns include both items that are related to traditional

computing as well as security issues specific to cloud computing. Also, there are security issues that affect clients as well as providers. Most individuals think of attacks on the user’s computer when computer security is mentioned. However, it is important to also consider that individuals can abuse cloud computing to create a virtual bot-network.

3.1 XML Signature

One method for ensuring authenticity of data within the Simple Object Access Protocol (SOAP) was to create XML Signatures. Essentially, an XML signature is attached to

fragments of XML in order to prove to the recipient that the data is authentic and has integrity

[3]. However, an attack known as the ―wrapper attack‖ in which an attacker can inject

duplicate a fragment of XML while adding additional code that would lead the computer to do additional unwanted tasks. As its name implies, the attacker virtually wraps the signature around the malicious code and passes it on as if it were genuine. XML is essential for cloud computing for sharing information between systems. With wrapper attacks as a potential way to cause malicious problems, providers must think of creative ways to prevent wrapping

attacks from succeeding. Having said this, wrapper attacks are not common and are not very likely because they are not commonly used in business applications.

3.2 Browser Security

For Cloud Operating Systems such as Google Chrome OS, the browser is the main

source for I/O for the user. There are many issues facing security for browsers within the cloud. The first common line of defense for browsers is for servers to use the Same Origin Policy (SOP) which is for the server to monitor the original location of the browser when the request was made and only accept requests if the request comes from the same location. However, this has been proven to not be a sufficient form of security. The paper [3] argues that the main problem with browsers is that they can not take advantage of XML Signature or encryption and makes the case for integrating this capability into future browsers. Without the capability of using XML encryption and signature the browser is left to use Transport Layer Security (TLS) or ―Secure Socket Layer‖ which refers to two layers: the record layer and the TLS handshake. This serves as the primary form of security for browsers. However, it

requires the server to have a digital certificate and not all pages are secure. The major flaw to TLS is ―phishing‖ which is where users are tricked by a malicious website or individual with the intent of gaining the users login information. Once the attacker has access to this data, TLS is obsolete in protecting the data. This is the first of many items that is not specific to the security of users’ data. Security for the cloud also includes how

3.3 Flooding

One type of attack is called Denial-of-Service (DOS) attack. In this type of attack a

hacker uses infected computers to all connect to a specific website, overloading the server with requests and causing the server to get bogged down and not function efficiently[3]. With traditional servers there is a limit to the capabilities of the physical server. However, in a

situation where the website is on a cloud and the owner pays via usage, there is seemingly an infinite amount of resources for the server. If a DOS were targeted to a cloud based server the owner of that website could be charged an outrageous amount as the cloud provided more and 5

more resources to supply the demand on the server caused by the DOS. In addition to inflated costs to the owner, other users of the cloud may also be affected by the DOS as shared

resources are taken and used for the site with dealing with the DOS and not on the unaffected site. Another possibility is that the cloud could try to pull resources from other nodes or sections of the cloud which would then cause a significant spread of the number of people affected by the DOS attack.

3.4 Reputation Fate Sharing

One unfortunate side effect of sharing one piece of hardware for several users is that the reputation of all individuals using the same piece of hardware can be affected by each other. There are two specific real world instances where there have been

significant victims of reputation fate sharing. The first, followed shortly after attackers were successfully able to subvert Amazon EC2 and cause for a large amount of SPAM to be sent out from the Amazon Cloud. As a result, Spamhaus blacklisted a large portion of

Amazon’s EC2 IP addresses. Amazon was forced to change its policies and require additional steps of security for users [1]. A second incident involves the raid of a datacenter by FBI agents on the charge that cybercrimes were being administered on hardware within the facility. As a result, operations for many innocent users were affected while FBI agents searched for evidence with the cybercrime case they were working on [1]. In fact, some

companies affected by the seizure reported that they suffered significant losses but could not do anything to regain what was lost. This type of security risk affects multiple parties and is a result of the cloud being abused by a user. While these security risks are

significant, the reality is that datacenters are better capable of dealing with security as compared to individuals. The problem is that when a datacenter security flaw is exposed numerous victims will be affected, even those that exercise secure behaviors.

3.5 Side Channels

Within a piece of hardware that has multiple virtual machines resources are shared

which can be used as a way to side channel data from one virtual machine to another. This type of attack is based on the shared resources between virtual machines within the same piece of hardware. An attacker if successful in neighboring a target can then use various methods for intercepting data being sent and received from the other virtual machine. This form of

security risk has been documented and there are many methods for preventing this type of attack.

As mentioned previously, while there are security flaws within the cloud it is important to

remember that there are security risks in all forms of computing. It is arguable that datacenters can provide superior security over what the majority of individuals are able to provide themselves. For instance, if a security flaw is discovered research is conducted to prevent or fix the flaw and software is updated. However, typical users are not likely to maintain their system and keep it up-to-date with security updates. Datacenters however, are able to install and implement security

updates almost immediately and can place the additional security on all of the virtual machines at the same time.

3.6 Loose Control Over Data

Probably the most significant reason for deterring companies and individuals from cloud

computing and cloud operating systems is that the user looses control over the data. On traditional PC or servers owned by a company or individual, there is control over

how the data is stored, restrictions put on who can access it, and backup policies are

established. For cloud computing the data is

6

stored on the server and the third-party company is responsible for deciding the details of data storage. Also, there is a level of trust

required between the user and the provider. The user must trust the provider enough to store potentially confidential, secret, or

sensitive data. While we could not find specific evidence of organizations sharing data illegally with third-party organizations, it is assumed that users will be obligated to consent the provider with permission to use analytics or even data stored to solicit advertisers, in order for the user to receive free services. Google’s business model is centered on providing free service to users while using information obtained to benefit advertisers. It is highly likely that organizations and individuals will not want their data mined for information for advertisers. This will require the users to elect for services that include fees but offer higher confidentiality and do not sell data to advertisers.

3.7 Dependence of the Internet

As the use of the cloud becomes more common and applications increase, our dependency on the internet is increasing exponentially. This holds true as more and more users rely on servers for the functionality of the majority of their applications

and for the storage of data. Especially when users use Cloud OS such as Google Chrome OS, users are fully dependent on the

internet for any form of computing. In the event of a catastrophic virus, terrorist attack, or other event capable of disabling the

internet for a large number if not all individuals, production would become severely crippled. For instance, if a water company chose to outsource servers and computers to virtual machines hosted in the cloud, the company and the clients could loose water

Control.

4. STANDARDIZED USER SECURITY DESIGNATION

After analyzing the material listed above, there are many items that should be focused on in order to maximize security within the cloud. For this reason, we have developed a list of security items that all individuals using the cloud should be aware of and review before

deciding whether to use the cloud. First however, we introduce an idea for standardization of assigning security to items across the cloud.

4.1 Standardization of security levels

Cloud computing is comprised of multiple servers and datacenters providing services via the internet and forming a seemingly infinite size of computing power. Security, as discussed throughout this paper, is a major concern and faces many

challenges within cloud computing. It is our suggestion that work be developed on

standardizing security levels throughout the cloud that all participating organizations follow. Servers would enforce specific security measures depending on the level

assigned. This standardization would allow users to designate specific security levels to different information. For instance, an organization working on research and development may place high security on information on projects that have not yet been published or

introduced to the marketplace. This same imaginary organization may also not view data once published as needing to be secure, therefore a lower setting could be assigned. In theory, by allowing different items to be assigned as needing to be secure and others as not needing security, the workload and levels of security could be focused on only items that need

security. Furthermore, providers could charge more or less based on the security requirements for the data that it is housing for the user.

7

Allowing users the ability to assign security levels could cause problems in that some may elect to make everything secure. This may cause unnecessary security precautions being made to data that would not otherwise have been treated securely. This would waste

resources and could prove to be less efficient than the current systems and methods currently in place. Also, by labeling items as secure or not, hackers may be able to better focus on information that is intended to be secure. This would greatly reduce the amount of packets that hackers would have to inspect for sensitive information because they would have a method for a targeting them.

4.2 List everyone should know

There are arguably an infinite number of items that users should be aware of and

consider before choosing to use cloud computing or cloud operating systems. We attempt to list several of these items and do not in any way suggest that this list is complete. Also,

anyone viewing this list should be aware that security especially for something as dynamic as cloud computing is constantly evolving and growing and he or she should seek additional items.

Social Engineering is probably the easiest method for hackers to gain access to

confidential material. Always review the authenticity of any form, email, or phone call when an individual is asking you for login information, passwords, or confidential information. If in question,go directly to the website of the organization and login, never login through a third-party source.

Cloud computing has security flaws but so does traditional computing. There are

security flaws in every form of computing. The main determinant is how hard someone is willing to take advantage of the security flaws to get your information. Every user should be aware that no form of computing is safe, however measures can be taken to lower the chances of exposure.

Cloud computing is arguably more secure than traditional PC computing for most users. Within the cloud experts are responsible for maintaining the security of information and date being handled by the servers. Most individuals do not have the expertise or are not willing to implement the most up-to-date security features on their home PC. For this reason, many

argue that cloud computing and cloud operating are actually safer than traditional computing.

Be aware of how confidential your data should be and act accordingly. No amount of security features will protect someone that blatantly posts confidential information in

non-secure or public areas within the internet. A large portion of security is in the hands of the user. Similarly, a user should be aware of the level of required confidentiality of the data being used to determine what services should be used. For example, a user planning to create a blog will not want to keep their posts secure and hidden from the public because the author wants people to read the post. In contrast, an organization responsible for maintaining a list of social security number must be sure that the social security numbers are not available to the public and are protected from malicious attacks. The majority of the services made available on the cloud are more or less social instruments that are not typically secure sensitive.

If you are planning to only use cloud computing for social instances and not post

anything that should be kept from the public then you should not fear using the cloud

computing. However, if the data is secure sensitive then further evaluation of the security offered by the cloud service should be evaluated.

Finally, the last item is to use reputable companies within the cloud and do research on companies that you are not familiar with to reduce your chance of falling victim to a phishing 8

scam or false entity.

5. CONCLUSION

This paper described numerous security issues facing cloud computing and cloud

operating system. Issues focused on users as well as security for servers which may have an indirect affect on users. This paper also discussed a novel idea for standardization of security levels for data across the cloud in which all servers would respect. After further discussion, this idea was found to need much more work and thought in order to be developed into

something useful in the future. Also, several key security issues were discussed that all users and organizations should be aware of when deciding whether to use the cloud or not.

6. REFERENCES

[1] Y. Chen, V. Paxson, and R. Katz.What’s New About Cloud

Computing Security? Technical Report UCB/EECS-2010-5,

Berkeley, 2010

[2] Pianese, F., Bosch, P., Alessandro, D., Janssens, N.,

Stathopoulos, T., and Steiner, M. 2010. Toward a Cloud

Operating System. Network Operations and Management

Symposium Workshops (NOMS Wksps).

[3] Jensen, M., Schwenk, J., Gruschka, N., and Iacono, L. 2009.

On technical Security Issues in Cloud Computing. IEEE

International Conference on Cloud Computing.

[4] Geer, D. 2009.The OS Faces a Brave New World. IEEE

Computer Society Volume 42, issue 10 p. 15 – 17.

[5] Ertaul, L. and Singhal, S. 2009. Security Challenges in

Cloud Computing. California State University, East Bay.

Academic paper [6] T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. ―Hey,

You, Get Off of My Cloud! Exploring Information Leakage

in Third-Party Compute Clouds.‖ ACM CCS 2009

[7] A. Cavoukian, ―Privacy in the clouds‖, in Springer Identity

in the Information Society, Published online: 18 December

2008.

9

译文:

在云计算领域里,该信任谁? 云计算领域中的安全问题回顾

摘要

在这篇文章中,我们要讨论一些关于基于云计算和云操作系统的安全问题。近期,随着一些主要的大公司,比如google和微软,已经开始发布基于云计算的产品,宣传云的使用,甚至发布了一个开放式资源云操作系统,基于此,云计算在使用数量上已经获得了重大的提升。随着公众对基于云计算的了解以及它的普及,这就意味着对安全方面要求的提升。这篇文章讨论云计算的两个独特安全措施,同时分享介于云和传统计算机的安全问题。当前这些对安全隐患的解决方法仍在被讨论和评估着。此外,我们提出一个方法,这个方法可以容许用户为其项目选择特殊的安全级别,而且列出一个在用户选择使用基于云计算服务之前都应该注意的安全项目的表单。

分类和主题描述

D.4.6[安全与保护]:密码控制,存取控制

D.4.6 [操作系统]:安全与保护-存取控制-鉴定,密码控制,信息流控制,入侵软件

D.4.6 [操作系统]: 组织与设计-分布式系统

概述

云计算,云操作系统,安全性,服务安全,TLS,可扩展标记语言加密术,可扩展标记语言特性,浏览器安全性

1.简介

几年来,云计算已经成为一个很热门的话题。近期,作为一个基于云操作系统的开放式资源——谷歌操作系统的发展已经为云计算的安全性添加了一剂燃料,尤其是当大多数操作系统任务被硬件管理以外的用户所使用的时候。

在没有费用提供的情况下,这种使数字化或所有个人工作的硬拷贝再或者课堂作业这些都得到了许可,这些复印是不被以利益或商业利益所制作或分布的,并且在这一篇文章中,复印得到了很大的关注和完整的引用。要么去模仿,否则就得重新发布,登载在服务器上或重新分配表,这些都需要先有一个特殊的允许且/或的服务。

20xx年10月7到9日,信息安全课程发展会议2011,肯尼索,总代理人,美国。 除此之外,微软和其他公司已经开始集中了更多的技术和宣传在云应用程序上。虽然云计算和云操作系统不是全新的,但是随着公众对云计算使用的认识和数量变得越发流行,重新评估云计算的安全方面也是十分重要的。云计算的安全方面被比作为早期的 10

历史工作分时系统。类似的安全问题使现代计算机的使用回到服务器使用。对于这些相似点,云计算的一些问题已经有了解决方法。此外,云计算里的大多安全问题也都存在于目前应用的计算方法中。有人说到,由于云计算而存在一些问题应该或已经被处理。最后,云网络里的安全性不仅仅包括用户数据的安全。它也应该包括云bot网络的预防,垃圾邮件,和云里的其他类型方法滥用几近无限可用资源的能力。在第2部分里,我们给出了一个云计算的概览。这部分包含了带有虚拟机的云计算,例如在亚马逊的EC2和以谷歌操作系统为例的云操作系统。我们认为想要了解安全问题,至少对云计算有一个大概的认识是非常重要的。第3部分讨论云计算的安全问题。这个部分试着对新的和先前的安全问题及其执行方法给出一个全面的检查。这个部分也包含了对用户的影响和对供应商的潜在安全危机以及客户的潜在乱用。在第4部分一个可以使用户选择安全设置的途径将会被讨论,还有个提议是在云网络中为分配安全性所制定的一个标准方式。此外,给出了一列所有用户都应该意识到的安全问题,如果用户选择使用云服务,就会有一个建议可以使用户将安全危机降低到最小。最后,结论总结出所有的安全概念和未来的研究领域都应基于在这篇文章中以上被讨论的内容。

2.云计算的概述

云计算是一个非常广义的术语,用于网络计算技术的最新进展。这部分给出了一个非常简短的云计算概述,同时也讨论了云操作系统。这部分的目标就是给所有读者一个基础知识,使读者可以更好的理解安全问题和现在存在于云计算中的安全措施。

2.1虚拟化技术,IaaS, SaaS, 和 PaaS

虚拟化是中央技术,它使得云计算成为可能。本质上,虚拟化是一种技术,它使一个简单的PC机或服务器同时运行在一个操作系统的多个部分成为为可能。这就可以使用户在一个机器上同时运行为不同操作系统所设计的应用程序,而不是为每一个有需求的操作系统分配多个硬件块。为了容许一个系统可以运行多重操作系统,于是模仿一个硬件设备创造了虚拟机。

虚拟机也被称为计算机管理程序,它掌管着在PC或服务器,数据区,和网络连接方面,不同操作系统和CPU之间的通信。这项新技术使得诸如Amazon之类公司可以利用无限量的虚拟机制造出大量的网络服务器。Amazon公司的EC2可能是最知名的IaaS供应商,IaaS是一个代表容许用户租用虚拟机图像作为服务器的俗语。利用一台物理PC或服务器,用户可以安装软件,存储数据,做任何可以做的事。虚拟化可以是供应商去广泛拓展服务器端任务的能力,使使用IaaS用户投入的费用更有效。客服也不必再花钱买硬件和维护。相反,供应商可以提供成本效益高的服务器作为一项大的领域或仓库。大约在同一时间,供应商开始提供SaaS,也就是云计算的起点,SaaS同时也被称为“软件需求”,在SaaS中,客户可以使用被一个组织提供的软件并且以单位支付使用量和测量。有了这项新技术,具有创造性的人才就能发展云计算的理念了。而这个术语如早期提到的是广阔的,包括许多不同的理念和做法,云最基本的理念是更多的计算在服务器端完成。在数据中心,服务器被管理,并且被优化为最高的效率和性能;服 11

务器在提供服务方面扮演了最主要的角色,用户可以体验一个看似及时、更能干、和动态的系统。

2.2 云计算结构

云计算可以被分为两个部分,用户和云。在大多数情况下,用户和云通过因特网连接。对于一个组织,拥有一个私人的云成为了可能,在其中,用户通过因特网被连接。然而,比起对一个私人和公共网络或云的使用,这两种情况都是相同的。用户发送请求给云,云提供服务。

在云里面,一个中央服务器负责管理这个系统,在许多方面,它作为特定云网络的操作系统。它的另外一个名字叫“中介软件”,是一个特殊云的中央服务器。例子包括谷歌应用程序和Amazon公司的EC2。

2.3 云应用程序

云应用程序最常见的形式被称为SaaS,在这种形式下,公司通过网站使用户以某些形式支付的方法来使得一个软件可以使用。著名的SaaS例子包括财务软件,文档软件,而且几乎所有用于私人计算的软件。也有一些免费的软件,例如谷歌应用程序,包括谷歌文档,它使得用户可以完成许多具有桌面发布特征的软件,如微软的办公软件。然后,谷歌文档不提供正如典型的桌面发布之类功能多的软件,但是它确实增加了动态保存材料的功能(每一个更新都被自动保存),所以如果用户和云之间的连接中断,材料也不会丢失。此外,用户可以分享文档并且同时通过网站编辑。这就使得更容易合作,减少了个人编译起草文件的所花费的时间。

2.4刚刚足够的操作系统

在一个趋向于充分利用云计算优势的发展中,许多组织已经开始为用户研发一个操作系统,使用户为了可以使用云计算选择而做的“刚刚足够的操作系统”。这导致了术语刚刚足够的操作系统(JeOS)的产生。JeOS为用户依赖云处理主要任务提供了一个台阶。JeOS是一个新的发展,它可以指导用户仅仅去使用浏览器来运行程序。通过使用浏览器,不管任何语言的所有应用程序都可以被识别,只要服务器能够把它转换成一个浏览器格式。未来电脑安全的研究可以集中在以浏览器为基础的安全上。

2.5云操作系统

建立与JeOSs的发展上,云操作系统已经被发展。最近,谷歌已经发布了笔记本上的Chrome OS,作为一个试验项目命名为CR-48。基本上说,Chrome OS是JeOS的一种形式,提供了一种仅仅处理一些必要请求的操作系统,它可以使用户使用谷歌浏览器来运行云的应用程序。预计在市场上JeOS的使用将会变得更加普遍,因为消费者能够低价购买那些用于非云操作系统的硬件。同时,如前面提到的,这种类型的安装降低了组织的费用,因为它不需要去购买操作系统或支付维护服务器的费用。

3.安全问题

正如之前提到的,在云计算的使用方面有许多安全问题。这些安全问题包括传统计算机的安全问题,以及云计算特有的安全问题。同样的,也有些安全问题是既影响客户 12

又影响供应商的。当涉及到计算机安全问题时,大部分人都认为是对用户计算机上的攻击。然而,一个很重要的顾虑就是每个人都可以滥用云计算去产生一个虚拟的bot-network。

3.1 XML标签

在SOAP中一个确保数据真实性的方法就是去建立标签。从本质上讲,一个XML标签被加到XML片段上是为了证明数据的真实性和完整性。然而,一个非常有名的攻击叫“包装攻击”,可以使攻击者在XML片段上,诸如一个复制品,添加额外的代码导致计算机去做额外的不必要的任务。正如其名字所暗示的那样,攻击者将标签注入恶意代码中,然后传播它,好像真实的一样。对于云计算,在系统之间分享信息XML是非常必要的。包装攻击作为一个潜在的途径可以造成恶意问题,供应商必须提供一种有创意的方法来成功阻止包装攻击。包装攻击是不常见的而且也不是很可能,因为它们不常用于商业应用。

3.2浏览器安全

对于诸如Chrome OS的云操作系统,于用户来说浏览器是主要的输入输出资源。在云的浏览器中有许多面临安全的问题存在。浏览器的第一个常见防线就是服务器要使用相同的起源政策(SOP),当请求被发送时,如果请求来自同一个地址就只接受请求,它就是服务器用来监控浏览器的初始地址的。然而,这个已经被证明是一个不足够的安全形式。第三章讨论浏览器的主要问题是它不能够利用XML标签或加密技术,并且把这种能力整合到未来的浏览器中。没有使用XML标签和加密技术的能力,浏览器就使用传输层安全(TLS)或“安全插口层”,它有两层:记录层和TLS信号交换。这种服务被作为浏览器最初的安全形式。然而,它需要服务器有数字证书而且不是所有的页面都是安全的。TLS协议的缺点是“网络钓鱼”,用户被一个恶意网站或通过获取用户登录名而有意图的个人所欺骗。一旦攻击者访问到数据库,那么TLS在保护数据上就不起作用了。这是许多不特定的用户数据安全问题中的第一个。

3.3 洪泛法

一种类型的攻击被称为DOS攻击。在这种类型的攻击下,一个黑客感染电脑使其所有都连接到一个特别的网站,重载请求的服务器,使得服务器陷入不希望的状态中,不能有效发挥。在传统的服务器中,对物理服务器的使用能力有个限度。然而,在这样一个情形下,处于云下的网站,用户通过用途来支付,对于服务器好像有一个看似无限的数量。如果一个DOS针对一个云基础服务器,那个网站有可能面临被控诉为一个无耻的数额,正如云提供了越来越多的资源以供被DOS所引发的其他服务器所要解决的需求。除了加大了业主成本,其他云的用户也会被DOS影响,因为共享资源被使用在处理DOS的站点,不是在未被影响的站点上。另一个可能性是,云可能会试图把资源从其他节点或者从会引起被DOS攻击人群数量广泛传播的云片段中分离出来。

3.4信誉命运的共享

对几个用户共享一个硬件片的负面影响是使用同一个硬件片的所有个人的信誉都 13

会被互相影响。因为信誉命运共享所造成的重大受害者有两个特别真实的例子。第一,在攻击者成功侵入了Amazon EC2并且造成了大量的SPAM从Amazon云里被发送之后不久,结果,国际反垃圾邮件组织将Amazon的EC2的IP地址列入黑名单里。Amazon被迫改变其政策,并且需要为用户提供其他的安全措施。第二个事件是有关对FBI数据中心的一个入侵,这个数据中心是管理工厂内部硬件的费用数据。结果,当FBI机构查找他们正致力于的cybercrime案例的证据时,很多无辜用户的操作受到了影响。事实上,流言报道说一些公司遭受了严重的损失但却又不能做任何事去挽回那些损失。这种类型的安全风险影响了多重当事人,也是云被用户辱骂的结果。虽然这些安全风险是非常重要的,但是事实是比起个人来说,数据中心更有能力处理这些安全问题。问题是,当一个数据中心安全漏洞被暴露时,很多受害者将会受到影响,甚至那些有过安全风险经历的人。

14

3.5侧边通道

在一个有多个虚拟机的硬件中,资源是被共享的,它可以被作为一种方式从一个虚拟机到另一个虚拟机去侧边引导数据来使用。这种攻击是基于在相同硬件片内的虚拟机的共享资源。如果成果依附在了一个目标的临近,那么一个攻击者就可以使用多种方法去拦截被其他虚拟机发送和接受的数据了。这种形式的安全危机已经被记录,并且有很多方法防止这种类型的攻击。

正如前面所说,在云里有很多安全漏洞,记得这时存在很多不同形式的安全危机是非常重要的。有一个争议性的问题是:数据中心能够提供优于普通个人能够提供给他们自己的安全性。例如,如果一个安全漏洞被发现,就会采取调查研究来阻止或修复漏洞并且更新软件。然而,传统的用户不可能去继续维持他们的系统,保持它最新的安全更新。然而,数据中心,能够去安装,立即实现安全更新,也可以在同一时间把额外的安全加注于所有的虚拟机上。

3.6松散的数据控制

也许对于阻止来自云计算和云操作系统的公司和个人的最重要的原因是用户松散的控制数据。在传统电脑或公司或个人的服务器上,建立了一个决定数据的存储,权限和备份政策的控制。对于云计算,数据被存储在服务器上,第三方公司负责决定详细的数据存储。同样,在用户和供应商之间需要一个信任程度。用户必须信任供应商能够潜在地机密地存储私密或敏感数据。当我们不能找到具体的证明组织和第三方组织非法分享数据的证据时,假设用户将有责任去允许供应商去使用分析或者甚至被存储用来招揽广告的数据,这是为了用户去接受免费的服务。谷歌的商业模型集中在为用户提供免费的服务,当用户使用有益于广告的信息时。很有可能,组织和个人不愿意把他们的数据挖掘出来给广告商。这就要求用户去选择服务,这种服务需要费用但却能提供高的保密性,也不会把数据卖给广告商。

3.7因特网的依赖性

随着云的使用越来越普遍以及应用程序的增加,对因特网的依赖性也呈指数增长。随着越来越多的用户依赖服务器来完成他们的大多数应用程序和数据的存储,这变成了事实。尤其是当用户使用云操作系统,例如谷歌Chrome OS,对于任何形式的计算,用户都完全依赖与因特网。在一个事件中如灾难性的病毒事件,恐怖袭击或其他的自残实践中,对于大量的个体和生产,因特网将严重失去作用。例如,如果一个水公司选择去外包服务器和把虚拟机服务器托管的电脑,那么公司和客户端都可能松散了水的控制。

4.指定用户安全标准化

在分析了上诉材料后,用以最大限度的保证安全性的很多项目都应该被关注。因为 15

这个原因,我们已经开发了一系列的项目,所有使用云的个人在决定是否去使用云之前都应该意识到并且复习。然而,第一,我们引入了一个思想:分配安全性到项目中的标准化。

4.1标准化的安全级别

云计算包括多个服务器和数据中心,通过互联网提供服务,并且形成了一个几乎无限大的计算能力。正如这篇文章所讨论的,安全是一个主要的焦点,在云里它面临着许多挑战。我们建议:应该发展一个标准化的安全级别贯穿整个云,所有的参与者都要跟随。服务器将会根据指定的级别来执行具体的安全措施。这个标准化允许用户对不同的信息指定特殊的安全级别。例如,一个从事研究和发展的组织可能对工程上的信息设置了高的安全级别,这些信息不允许被发布或引入到市场。一旦数据被发布需要去保证安全,这个同样的虚构组织也可以不查看数据,

因此可以设置一个较低的级别。理论上,通过允许对不同的项目设置适合其的安全级别,那么工作量和安全级别可能仅仅被集中到项目的所需要的安全级别上。此外,供应商可以依据对数据所需要的安全级别而进行或多或少的改变。

允许用户设置安全级别,在某些方面可能会引起一些问题。这可能造成不必要的安全防范被加入到数据中,将不会被安全性的处理。这将会浪费资源,而且比起目前的系统和方法它的效率低。同时,通过用标签记录项目是否安全,黑客可以更好的集中注意在被指定在安全的信息上。这将大大的减少了黑客的包袱,黑客将会检查敏感信息,因为他们将会有一个方法去针对它们。

4.2 每个人都应该知道的

用户在选择去使用云计算或云操作系统之前,应该意识到并且考虑有一个可争辩的无限数目的项目。我们试图列出几个这类项目,不以任何方式表明这份清单是完整的。同样地,任何人看这个列表都应该意识到安全性,尤其是一些动态的云计算,是不断变化和成长的,他或她应该追求更多的项目。

对于黑客而言,社会工程学可能是获取私密资料最简单的方法。当个人询问你登录信息,密码或机密信息时,总是检查任何形式邮件,或来电的可靠性。如果有问题,直接进入这个组织网站,登录,不要通过第三方资源去登录。

云计算有安全漏洞,不过传统的计算机也有。在任何形式的计算上,都有安全漏洞。主要的决定因素是一个人为了得到你的信息,是多么努力的去挑战安全漏洞。每个用户都应该意识到没有任何形式的计算机是安全的,不管采取了什么方法去降低暴露的机会。

对于大多数用户来说,云计算比传统的计算机更安全。在云里,专家负责维护信息安全和被服务器操作的日期。大多数人不具备相应的技术,也不愿意在他们家里的电脑上做最新的安全更新。因为这个原因,许多人认为云计算和云操作系统实际上比传统计算机更安全。

意识到你数据的保密性,并且据此行事。再多的安全特性也不能保护那种公然的在 16

不安全的或公共的场所同坐因特网投放保密信息的人。大部分的安全是在用户的手中。相似地,一个用户应该意识到数据保密程度的等级,这个经常被用来决定应该使用什么服务器。例如,一个用户打算创建一个博客,不想让他帖子被保护和隐藏,因为作者想让人们去读他的帖子。相反,一个组织负责维护一系列社会安全号码必须确保社会安全号码不被提供给公众,并且阻止被恶意攻击。大多数的服务器提供云上的或多或少的仪器,它不是典型的安全敏感。

如果你打算只使用云计算作为社会事例,并且不贴任何应该远离公众的东西,那么你不应该担心使用云计算。然而,如果数据是安全敏感的,那么云提供的长远评价就应该被评估。

最后,最后一项就是去使用云里著名的公司,研究你不熟悉公司以减少受到网络钓鱼的欺诈或假的东西。

5. 总结

本文介绍了云计算和云操作系统面临的众多安全性问题。集中于用户的问题和服务器的安全性可能对用户会产生间接的影响。本文同样还讨论了一个新奇的想法就是云上的标准化的安全级别,所有的服务器都要遵守。经过进一步的讨论,发现这个想法是需要更多的额工作和熟思的,已达到未来发展成有用的东西。同样,也讨论了几个关键的安全问题,当决定是否使用云的时候,所有的用户和组织都应该有所意识。

6. 参考文献

【1】Y. Chen, V. Paxson, and R. Katz.《关于云计算安全,什么是新的?》

科技报道UCB/EECS,2010.5 Berkeley, 2010

【2】Jensen, M., Schwenk, J., Gruschka, N., and Iacono, L. 2009.

云计算中的技术安全问题. IEEE云计算的国际会议

【3】Ertaul, L. and Singhal, S. 2009. 云计算中的安全挑战

California State University, East Bay.Academic paper

.pdf

17

更多相关推荐:
英文毕业论文摘要范例

摘要喜福会是华裔作家谭恩美于20世纪80年代末创作的小说讲述了四位中国移民母亲与他们在美国成长的女儿们的故事本文主要研究米切尔的女性理论在作品喜福会中的体现以女性在家庭和社会中的地位为切入点深入分析了女性所承受...

英文摘要范文samples ABSTRACT

February20xxChineseVicePresidentXiJinpingvisitedtheUnitedStatesAboutfortyyearsagoUSPresidentNixonvisitedChinawhicha...

中英文摘要范例

河南机专华为3Com网络学院网站设计与开发摘要以就业为导向以能力培养为主线运用现代网络技术构建新型高级技能型人才培养平台实现高校人才培养模式与国际著名厂商的职业技能教育及认证接轨是一种提高高校教学质量和增强学生...

英文论文题目及摘要、报告写作

英文论文题目及摘要写作英文题名和英文摘要是学术类和技术类科技期刊论文的重要组成部分是国际间传播学术交流与合作的桥梁和媒介有其特殊的意义和作用好的英文题名和英文摘要对于增加期刊和论文的被检索和引用机会吸引读者扩大...

英文论文摘要

OnCulturalGapsandUntranslatabilityinChineseVersionofTheLifeandStrangeSurprizingAdventuresofRobinsonCrusoe...

论文英文摘要

TheDifferencesofNonverbalCommunicationinCrosscultureCommunicationbetweentheChineseandtheAmericansAbstractTherapidde...

英文摘要范文

AbstractAppearsprogrammablecontrollermicrocontrollerPLCetcnotonlymakelifemoreconvenientforsomeapplicationsbutalsogr...

英语专业本科毕业论文 中文摘要范本

AThesisSubmittedinPartialFulfillmentoftheRequirementsfortheDegreeofBachelorofArts中文摘要语境在交际活动中对意义的理解起着决定性作...

中外期刊文科论文英语摘要调查研究

中外期刊文科论文英语摘要调查研究摘要论文摘要是学术论文的一个重要组成部分为促进国际学术交流方便资料查询目前国内权威刊物大多要求论文附有相应的英语摘要国际一流刊物对英语摘要的要求更高然而目前国际和国内对文科论文英...

中外期刊文科论文英语摘要调查研究

中外期刊文科论文英语摘要调查研究摘要论文摘要是学术论文的一个重要组成部分为促进国际学术交流方便资料查询目前国内权威刊物大多要求论文附有相应的英语摘要国际一流刊物对英语摘要的要求更高然而目前国际和国内对文科论文英...

英语专业毕业论文格式要求及范本

外语外贸学院英语专业毕业论文格式要求与格式样本一毕业论文格式要求1毕业论文应依次包括如下页面1中文封面2英文封面3作者声明4致谢5英文摘要和关键词6中文摘要和关键词7正文8注释如无尾注可省略9参考文献10附录2...

广告英语论文范文

摘要为了实现广告的特殊的劝说功能广告商用尽各种策略修辞则是其中重要策略之一修辞作为一门劝说的艺术能帮助广告商实现其预期的目标文章从心理语言学的角度探讨多种修辞格运用的心理语言学基础关键词广告英语修辞格心理语言A...

英语论文摘要(52篇)