本文選題：云計(jì)算 + 多租戶(hù)應(yīng)用��； 參考：《山東大學(xué)》2014年博士論文

【摘要】：軟件即服務(wù)(Software as a Service, SaaS)是云計(jì)算中一種非常重要的服務(wù)交付方式,服務(wù)商負(fù)責(zé)應(yīng)用軟件的維護(hù)、管理、升級(jí)等工作,租戶(hù)通過(guò)網(wǎng)絡(luò)租賃應(yīng)用并按使用付費(fèi),不需要關(guān)心底層復(fù)雜的實(shí)現(xiàn)細(xì)節(jié)。SaaS模式下,成熟的服務(wù)運(yùn)營(yíng)商一般采用單實(shí)例多租賃(Single Instance Multi-Tenancy)的方式,使用同一個(gè)應(yīng)用實(shí)例為不同租戶(hù)提供服務(wù),即多租戶(hù)應(yīng)用。對(duì)于許多中小型企業(yè)來(lái)說(shuō),SaaS是采用先進(jìn)技術(shù)的最好途徑。 在多租戶(hù)應(yīng)用中,租戶(hù)數(shù)據(jù)的存儲(chǔ)和處理都發(fā)生在非完全可信的服務(wù)運(yùn)營(yíng)商端,租戶(hù)對(duì)自己數(shù)據(jù)的控制能力被大大削弱。非完全可信的服務(wù)運(yùn)營(yíng)商有可能會(huì)在租戶(hù)未授權(quán)的情況下,惡意篡改、偽造或者刪除租戶(hù)數(shù)據(jù),破壞租戶(hù)數(shù)據(jù)的完整性。如何防止不可信的云服務(wù)提供商監(jiān)守自盜,破壞租戶(hù)數(shù)據(jù)完整性,是現(xiàn)階段Saas應(yīng)用進(jìn)一步推廣需要解決的重要問(wèn)題。 由于多租戶(hù)應(yīng)用的按需定制、共享存儲(chǔ)、多數(shù)據(jù)節(jié)點(diǎn)等云的特征,面向多租戶(hù)應(yīng)用的數(shù)據(jù)完整性保護(hù)面臨著一系列的新的需求：(1)租戶(hù)感知的數(shù)據(jù)完整性驗(yàn)證結(jié)構(gòu)的構(gòu)建需求。在SaaS多租戶(hù)模式下,成千上萬(wàn)的租戶(hù)共享底層物理數(shù)據(jù)表存儲(chǔ)。在這種情況下,基于已有的完整性保護(hù)方法(如MHT等)直接對(duì)共享數(shù)據(jù)表構(gòu)造完整性驗(yàn)證結(jié)構(gòu)的方式,缺乏對(duì)租戶(hù)的識(shí)別,難以對(duì)租戶(hù)數(shù)據(jù)進(jìn)行區(qū)分。在對(duì)一個(gè)租戶(hù)數(shù)據(jù)進(jìn)行驗(yàn)證時(shí),會(huì)需要表中其他租戶(hù)數(shù)據(jù)來(lái)輔助構(gòu)造驗(yàn)證對(duì)象,使得租戶(hù)間完整性驗(yàn)證過(guò)程中數(shù)據(jù)互相交叉,增加了驗(yàn)證對(duì)象的構(gòu)建復(fù)雜度,降低驗(yàn)證效率。(2)租戶(hù)數(shù)據(jù)完整性問(wèn)題及時(shí)發(fā)現(xiàn)需求。由于租戶(hù)的數(shù)據(jù)和應(yīng)用都托管在了遠(yuǎn)程服務(wù)提供商端,租戶(hù)對(duì)自己數(shù)據(jù)的控制能力大為降低,租戶(hù)對(duì)于及時(shí)發(fā)現(xiàn)數(shù)據(jù)完整性問(wèn)題的需求更為強(qiáng)烈,租戶(hù)不僅需要能夠確認(rèn)自己正在使用的數(shù)據(jù)是正確的完備的,對(duì)于一些使用頻率較低的數(shù)據(jù),租戶(hù)也希望能夠及時(shí)發(fā)現(xiàn)這些數(shù)據(jù)是否被破壞。(3)租戶(hù)數(shù)據(jù)可靠存儲(chǔ)需求。在SaaS模式下,租戶(hù)可以定制副本數(shù)量并付費(fèi)使用,因此租戶(hù)需要能夠確認(rèn)系統(tǒng)是否可靠地存儲(chǔ)了他們的數(shù)據(jù)副本。但是,采用明文存儲(chǔ)的數(shù)據(jù)副本很容易受到服務(wù)提供商內(nèi)部惡意員工的合謀攻擊,通過(guò)多個(gè)存儲(chǔ)服務(wù)器共享一個(gè)數(shù)據(jù)副本來(lái)節(jié)省存儲(chǔ)空間,嚴(yán)重破壞租戶(hù)經(jīng)濟(jì)利益,降低租戶(hù)數(shù)據(jù)訪(fǎng)問(wèn)效率與可靠性。 因此,本論文以多租戶(hù)應(yīng)用模式中租戶(hù)數(shù)據(jù)完整性保護(hù)為目標(biāo),結(jié)合多租戶(hù)數(shù)據(jù)共享存儲(chǔ)、租戶(hù)隔離、租戶(hù)按需租賃定制其應(yīng)用等特點(diǎn),對(duì)云計(jì)算環(huán)境下面向多租戶(hù)應(yīng)用的數(shù)據(jù)完整性保護(hù)的關(guān)鍵問(wèn)題進(jìn)行研究,主要工作和貢獻(xiàn)包括： (1)提出面向租戶(hù)的完整性驗(yàn)證方法MTAS (Multi-tenant Authentication Structure),在共享存儲(chǔ)模式下,通過(guò)以租戶(hù)為單位分別對(duì)共享表內(nèi)租戶(hù)數(shù)據(jù)構(gòu)造驗(yàn)證結(jié)構(gòu)方法,在租戶(hù)應(yīng)用使用數(shù)據(jù)的時(shí)候,進(jìn)行實(shí)時(shí)完整性檢查,確保多租戶(hù)間數(shù)據(jù)完整性驗(yàn)證過(guò)程互不干擾,提高驗(yàn)證效率。 本文針對(duì)租戶(hù)應(yīng)用處理數(shù)據(jù)的實(shí)時(shí)完整性保護(hù)問(wèn)題,充分考慮租戶(hù)共享存儲(chǔ)、租戶(hù)隔離與個(gè)性化需求等綜合因素,基于Pivot-Universal存儲(chǔ)模式,提出基于復(fù)合MHT的多租戶(hù)數(shù)據(jù)完整性保護(hù)模型MTAS。MTAS在租戶(hù)應(yīng)用數(shù)據(jù)時(shí)對(duì)數(shù)據(jù)進(jìn)行實(shí)時(shí)完整性驗(yàn)證,防止錯(cuò)誤數(shù)據(jù)進(jìn)入租戶(hù)應(yīng)用,并且可以針對(duì)租戶(hù)數(shù)據(jù)以及完整性需求的動(dòng)態(tài)變化,調(diào)整完整性保護(hù)策略,滿(mǎn)足租戶(hù)動(dòng)態(tài)完整性保護(hù)需求。實(shí)驗(yàn)結(jié)果表明,與傳統(tǒng)驗(yàn)證結(jié)構(gòu)相比,MTAS在驗(yàn)證對(duì)象重構(gòu)過(guò)程中,大約節(jié)省了30%的哈希計(jì)算次數(shù),驗(yàn)證對(duì)象大小約為傳統(tǒng)方法的2/3,是一種行之有效的多租戶(hù)數(shù)據(jù)完整性保護(hù)模型。 (2)提出基于抽樣的租戶(hù)數(shù)據(jù)完整性保護(hù)方法TDIC (Tenant-oriented Duplication Integrity Checking Scheme),通過(guò)對(duì)租戶(hù)數(shù)據(jù)進(jìn)行周期性抽樣檢查方法,解決了對(duì)所有租戶(hù)數(shù)據(jù)進(jìn)行實(shí)時(shí)完整性檢查造成的性能浪費(fèi)問(wèn)題。 針對(duì)實(shí)時(shí)的數(shù)據(jù)完整性檢查容易忽略掉租戶(hù)長(zhǎng)期不用的數(shù)據(jù)的完整性保護(hù)問(wèn)題,提出面向租戶(hù)副本數(shù)據(jù)的抽樣檢查機(jī)制TDIC,通過(guò)對(duì)租戶(hù)副本內(nèi)數(shù)據(jù)進(jìn)行周期性隨機(jī)抽樣的方式,來(lái)降低服務(wù)提供商端驗(yàn)證對(duì)象的生成代價(jià),消除對(duì)租戶(hù)副本數(shù)據(jù)全部進(jìn)行實(shí)時(shí)驗(yàn)證的資源浪費(fèi)。同時(shí),TDIC結(jié)合租戶(hù)元組的同態(tài)標(biāo)簽與輔助驗(yàn)證樹(shù)結(jié)構(gòu),使得租戶(hù)可以在不泄露租戶(hù)數(shù)據(jù)內(nèi)容的前提下,委托可信第三方對(duì)租戶(hù)副本進(jìn)行抽樣檢查。分析與實(shí)驗(yàn)結(jié)果表明,如果租戶(hù)邏輯視圖中包含10000個(gè)數(shù)據(jù)元組時(shí),在元組破壞率為1%的情況下發(fā)現(xiàn)數(shù)據(jù)被破壞的隨機(jī)抽樣數(shù)目最大約為元組總數(shù)的5%,相對(duì)全部驗(yàn)證的方法極大地降低了系統(tǒng)資源浪費(fèi)。 (3)提出防合謀刪除的多副本數(shù)據(jù)混淆存儲(chǔ)TD2O (Tenant Duplicate Data Obfuscation)模型,通過(guò)基于元組屬性值的數(shù)據(jù)混淆對(duì)租戶(hù)副本進(jìn)行區(qū)別存儲(chǔ),抵御服務(wù)提供商內(nèi)部惡意人員的合謀刪除問(wèn)題。 針對(duì)租戶(hù)副本數(shù)據(jù)明文存儲(chǔ)情況下容易被服務(wù)提供商合謀刪除問(wèn)題,提出基于線(xiàn)性隱藏的的數(shù)據(jù)混淆模型TD2O,通過(guò)混淆使得存儲(chǔ)相同數(shù)據(jù)的租戶(hù)副本具有不同的數(shù)據(jù)表現(xiàn)內(nèi)容,防止服務(wù)提供商為節(jié)省存儲(chǔ)空間,整個(gè)刪除租戶(hù)不常用副本,保證租戶(hù)數(shù)據(jù)完整性,并基于Monte Carlo隨機(jī)單調(diào)函數(shù)對(duì)TD2O模型進(jìn)行拓展,制定關(guān)鍵字保序策略,實(shí)現(xiàn)租戶(hù)副本數(shù)據(jù)關(guān)鍵字的保序,提高混淆副本的查詢(xún)效率。實(shí)驗(yàn)結(jié)果表明擴(kuò)展的TD2O模型在保序關(guān)鍵字上具有較好的查詢(xún)性能。
[Abstract]:Software as a Service ( SaaS ) is a very important service delivery way in cloud computing . The service provider is responsible for the maintenance , management and upgrade of the application software . The tenant uses the network rental application and pays for the use . It does not need to care about the underlying complex implementation details . In the SaaS mode , the mature service operator uses Single Instance Multi - tenancy . The same application instance provides services to different tenants , i.e . multi - tenant applications . For many small and medium enterprises , SaaS is the best way to adopt advanced technology .

In multi - tenant applications , the storage and handling of tenant data occurs at the end of a non - completely trusted service operator . The ability of tenants to control their own data is greatly impaired . Non - fully trusted service operators may tamper with , forge or delete tenant data without authorization of the tenant , destroying the integrity of tenant data . How to prevent non - trusted cloud service providers from guarding against theft and destroying tenant data integrity is an important issue at this stage of the application of Saas application further .

Data integrity protection for multi - tenant applications is faced with a series of new requirements due to demand customization , shared storage , multi - data nodes , etc .

Therefore , this paper studies the key problems of data integrity protection for multi - tenant applications under cloud computing environment by using tenant data integrity protection in multi - tenant application mode as the target , combining multi - tenant data sharing storage , tenant isolation , tenant - on - demand lease and customizing the application , and the main tasks and contributions include :

( 1 ) An integrity verification method MTAS ( Multi - tenancy Authentication Structure ) for a tenant is proposed . In the shared storage mode , a real - time integrity check is carried out on the tenant data structure in a shared table in a shared storage mode , so as to ensure that the data integrity verification process between the multi - tenancy is not interfered with each other , and the verification efficiency is improved .

In this paper , based on Pivot - Universal storage model , MTAS . MTAS , which is based on multi - tenant data integrity protection model MTAS - MTAS based on composite MHT , is proposed for real - time integrity protection of tenant application processing data , which is based on the Pivot - Universal storage model . The results show that MTAS saves about 30 % of hash calculation times in the process of verifying object reconstruction , and verifies that object size is about 2 / 3 of traditional method . It is an effective multi - tenant data integrity protection model .

( 2 ) A sampling - based method TDIC ( Tenant - oriented Integrity Checking Scheme ) is proposed to solve the problem of performance waste caused by the real - time integrity check of all tenant data by periodically sampling the tenant data .

According to the real - time data integrity check , it is easy to ignore the integrity protection problem of the long - term unused data of the tenant , propose a sampling inspection mechanism TDIC for the tenant copy data , reduce the generation cost of the service provider end verification object by periodically random sampling the data in the tenant replica , and eliminate the resource waste of all real - time verification of the tenant copy data .

( 3 ) Put forward the multi - copy data confusion storage TD2O ( Tenant Duplicate Data Obfuscation ) model deleted by anti - collusion , and make the difference storage to the tenant copy by data confusion based on the tuple attribute value , and resist the collusion deletion problem of the malicious personnel inside the service provider .

The paper proposes a data confusion model TD2O based on linear hiding under the condition of plaintext storage of tenant replica data , and proposes a data confusion model TD2O based on linear hiding , which prevents the service provider from saving the storage space . The whole deletion tenant does not use a common copy to ensure the data integrity of the tenant , and develops the keyword preserving strategy based on the Monte Carlo random monotone function to improve the query efficiency of the duplicated copy . The experimental results show that the expanded TD2O model has better query performance on the order - preserving keyword .
【學(xué)位授予單位】：山東大學(xué)
【學(xué)位級(jí)別】：博士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TP393.09;TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前6條

1 張敏;洪澄;陳馳;;一種服務(wù)器透明的外包數(shù)據(jù)庫(kù)查詢(xún)驗(yàn)證方法[J];計(jì)算機(jī)研究與發(fā)展;2010年01期

2 咸鶴群;馮登國(guó);;外包數(shù)據(jù)庫(kù)模型中的完整性檢測(cè)方案[J];計(jì)算機(jī)研究與發(fā)展;2010年06期

3 張坤;李慶忠;史玉良;;面向SaaS應(yīng)用的數(shù)據(jù)組合隱私保護(hù)機(jī)制研究[J];計(jì)算機(jī)學(xué)報(bào);2010年11期

4 孔蘭菊;李慶忠;史玉良;王學(xué);;面向SaaS應(yīng)用基于鍵值對(duì)模式的多租戶(hù)索引研究[J];計(jì)算機(jī)學(xué)報(bào);2010年12期

5 徐劍;周福才;楊牧洲;李福祥;朱志良;;面向分布式查詢(xún)認(rèn)證的分層Hash鏈表[J];計(jì)算機(jī)研究與發(fā)展;2012年07期

6 王正飛,汪衛(wèi),施伯樂(lè);基于商用數(shù)據(jù)庫(kù)管理系統(tǒng)的字符串?dāng)?shù)據(jù)的加密存儲(chǔ)與查詢(xún)[J];小型微型計(jì)算機(jī)系統(tǒng);2005年11期

相關(guān)博士學(xué)位論文 前1條

1 孔蘭菊;SaaS應(yīng)用交付平臺(tái)中多租戶(hù)云數(shù)據(jù)管理關(guān)鍵技術(shù)研究[D];山東大學(xué);2011年

，

本文編號(hào)：1909833