A Study on Security Mechanisms of Cloud Computing Applications

• Main Authors: Jun-Chao Lu, 呂俊超
• Other Authors: Jinn-Ke Jan
• Format: Others
• Language: en_US
• Published: 2013
• Online Access: http://ndltd.ncl.edu.tw/handle/03751048022903325675

博士 === 國立中興大學 === 資訊科學與工程學系所 === 101 === A cloud computing providing on-demand services on the Internet has a collection of servers. The contributed resources, such as storage and computing power, from servers are implicitly merged as one huge resource and shared among users. Many IT shops will begin to take a hard look at cloud computing on their capabilities and operations in their next round of infrastructure improvements in an incremental fashion. Cloud computing may offer such significant and easily accessed economic advantages that it has a good chance of being adopted a bit faster than usual. However, sensitive data processed outside the companies brings with an inherent level of risk, because outsourced services bypass the “physical, logical and personnel controls” over in-house programs. Not all the cloud services provide enough flexibility or security control. We proposed the related security mechanisms, which provide security protection of cloud computing with efficiency and practically. For a user, we propose a cloud authentication architecture to provide a trust authentication infrastructure. In this design, user’s sensitive information will not leak to services provider. Moreover, user can roaming in various services providers without re-registration and re-authentication. This design is a foundation for meshing-up a trust and anonymous cloud. For the business, we presents a secure negotiable transactions model based on the infrastructure of mobile agent technology on the cloud. This study reviews the security issues of the mobile agent paradigm for electronic commerce applications. And overcome this disadvantage by a trusted agent home to protect privacy. Moreover, a fair contract negotiation is discussed in this study, that it can effective reduce the risk of online service transaction. For the medical cloud, we propose an electronic health record sharing and integration system in medical clouds and analyze the arising security and privacy issues in access and management of electronic health records. Sharing medical information can provide professional medical programs with consultancy, evaluation, and tracing services can certainly improve accessibility to the public receiving medical services or medical information at remote sites. Cloud computing paradigm is one of the popular health IT infrastructures for facilitating electronic health record sharing and integration. Our design proposed a method to make authorized doctor can get the patient’s medical record on the cloud. This design improve the security and privacy on the medical cloud.