Cloud computing system security assessment method and device

A system security, computing system technology, applied in the direction of platform integrity maintenance, etc., can solve the problem of lack of specific implementation solutions for security assessment methods

Inactive Publication Date: 2017-10-24
CHINA ACADEMY OF ELECTRONICS & INFORMATION TECH OF CETC
View PDF2 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The technical problem to be solved by the present invention is to provide a cloud computing system security evaluation method and device to overcome the defect that the existing cloud computing system security evaluation method lacks a specific implementation plan

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cloud computing system security assessment method and device
  • Cloud computing system security assessment method and device
  • Cloud computing system security assessment method and device

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0081] In the first embodiment of the present invention, a method for evaluating the security of a cloud computing system, such as figure 1 shown, including the following specific steps:

[0082] Step S101, establishing cloud computing system security evaluation indicators, and assigning corresponding weights to the security evaluation indicators of the evaluated target cloud computing system; the cloud computing system security evaluation indicators include: a set of first-level security evaluation indicators , a set of second-level security assessment indicators and a set of third-level security assessment indicators.

[0083] Specifically, step S101 includes:

[0084] Cloud computing system security evaluation indicators, including a collection of first-level security evaluation indicators: technical requirements evaluation indicators.

[0085] Among them, the score of the technical requirements evaluation index is obtained by the weighted average of the scores of the fol...

no. 2 example

[0115] In the second embodiment of the present invention, a cloud computing system security evaluation device, such as figure 2 shown, including the following components:

[0116] The evaluation index module 100 is used to establish a cloud computing system security evaluation index, and assign corresponding weights to the security evaluation index of the evaluated target cloud computing system; the cloud computing system security evaluation index includes: a first-level security evaluation index A collection of , a collection of second-level security evaluation indicators, and a collection of third-level security evaluation indicators.

[0117] If the security evaluation indicators of the evaluated cloud computing system are independent of each other, then according to the results of repeated cloud computing system security experiments and cloud computing system simulation security experiments, assign the weight of the cloud computing system security evaluation indicators; ...

no. 3 example

[0144] In the third embodiment of the present invention, a method for evaluating the security of a cloud computing system, such as figure 1 shown, including the following specific steps:

[0145] Step S201, establishing a cloud computing system security evaluation index system.

[0146] Specifically, step S201 includes:

[0147]Cloud computing system security evaluation index system, including the first-level security evaluation index set: technical requirements evaluation index and management requirements evaluation index;

[0148] Among them, the technical requirement evaluation index includes a set of second-level security evaluation index: IaaS evaluation index, PaaS evaluation index, SaaS evaluation index and common security evaluation index.

[0149] IaaS evaluation indicators, including a set of third-level security evaluation indicators: physical and environmental security, network security, host system security, virtualization security, and storage security;

[015...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a cloud computing system security assessment method and device. According to the method, cloud computing system security assessment indicators are established, and corresponding weights are allocated to the security assessment indicators of an assessed target cloud computing system; a security score of the assessed target cloud computing system is calculated; and a security assessment conclusion of the assessed target cloud computing system is obtained through comparison of the security score of the assessed target cloud computing system and a preset security assessment standard. Through the cloud computing system security assessment method and device, the complete and scientific cloud computing security assessment indicators are established, and the demands of different service providers, developers and users in different cloud computing platforms are met. A clear and feasible cloud computing platform system-level security assessment technical implementation scheme is proposed, and the construction progress of a high-security cloud computing platform is powerfully promoted.

Description

technical field [0001] The invention relates to the technical field of cloud computing, in particular to a method and device for evaluating the security of a cloud computing system. Background technique [0002] The current information security risk assessment methods in cloud computing include the process of cloud computing system security assessment from the perspectives of cloud computing service providers and customers using cloud computing services. [0003] 1. Cloud computing security assessment from the perspective of service providers [0004] From the perspective of the service provider, that is, from the overall perspective of the cloud computing system, the information security risk assessment is carried out. The current assessment method is based on the traditional information security risk assessment process, and the risk assessment is divided into the security risk assessment preparation stage, asset identification stage, and vulnerability identification. Ther...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
Inventor 王辰雷璟徐心毅焦栋敖乃翔张纬栋李志鹏姜雅文郭静
Owner CHINA ACADEMY OF ELECTRONICS & INFORMATION TECH OF CETC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap