Dynamic game-based service openness and security control assessment method of cloud service environment

Abstract

The invention discloses a dynamic game-based service openness and security control assessment method of a cloud service environment. The method includes the following steps that: 1, equalization strategies in the aspects of service and security of the cloud service environment are coordinated, so that an external subsidy condition for ensuring the complete service openness of a provider and an internal security condition for guaranteeing complete control on the normal use of a user; and 2, a service sensitive type and prudent type service openness assessment method is constructed based on the external subsidy condition, and a security control assessment method is constructed based on the internal control condition and according to Bayesian formula. With the method of the invention adopted, the service openness and security control of the cloud service environment can be assessed quantitatively, and the service openness and security control results of the cloud service environment under optimal security investments and optimal external subsidies can be obtained, and therefore, guidance can be provided for the cloud service provider in the formulation of service openness and security control coordinated operation strategies, and the healthy growth, security and stability of cloud services can be promoted.

Description

technical field [0001] The invention relates to the field of cloud computing services, in particular to a method for evaluating service openness and security control of a dynamic game-based cloud service environment. Background technique [0002] At present, the Internet industry with cloud computing technology as the core, and various "Internet +" service products generated from it combined with various new Internet business models have become an important driving force for the national economy. Due to the characteristics of cloud computing technology, such as resource deployment by service, flexibility and scalability, and rapid response, it has become the underlying technology of Internet services (Mell P, Grance T. The NIST definition of cloud computing [J]. Communications of the Acm, 2015, 53 (6 ):50-50.), while cloud computing services (referred to as cloud services) have been deeply integrated into everyone's daily life and the operation and management of various indu...

AI Technical Summary

Problems solved by technology

However, this kind of security detection is not perfect. There are false positives in which users with normal usage behaviors are judged as abnormal behaviors and thus refuse to use them, and there are also two possibilities of false positives in which users with abnormal usage behaviors are judged as normal behaviors and services are provided ( Gao X, Zhong W, MeiS. Agame-theory approach to configuration of detection software with decision errors [J]. Reliability Engineering & System Safety, 2013, 119: 35-43.), so how to construct can control the normal use of cloud services by users without Security technology to take abnormal usage behavior is very critical

[0005] Based on the above content, the service openness and security control of the cloud service environment are the two most fundamental factors indispensable to its benign operation. The existing research on the openness of cloud services is mostly qualitative feature description and conceptual The exploration of influencing factors does not involve the quantitative measurement of the openness of cloud services

However, the existing research on cloud service security mainly appears in two aspects. One is the research on security intrusion technology itself, and the other is from the perspective of information security economics, using game theory and other methods to combine security and cloud security. Combining the economic benefits of services, discussing the optimal benefits and security risk control of cloud service companies under various conditions (Gao X, Zhong W, Mei S. Security investment and information sharing under an alternative security breach probability function[J].Information Systems Frontiers,2015,17(2):423-438.), the results are mostly the optimal value exploration under assumptions, and it does not involve the quantitative measurement of security levels for user behavior control

At the same time, most of the above technologies start from the openness or security of a single cloud service, and do not involve the coordination of the two, so they cannot adapt to the actual application environment.

Images