本文選題：云計算 + 多租戶應用　； 參考：《山東大學》2014年博士論文

【摘要】：軟件即服務(Software as a Service, SaaS)是云計算中一種非常重要的服務交付方式,服務商負責應用軟件的維護、管理、升級等工作,租戶通過網(wǎng)絡租賃應用并按使用付費,不需要關(guān)心底層復雜的實現(xiàn)細節(jié)。SaaS模式下,成熟的服務運營商一般采用單實例多租賃(Single Instance Multi-Tenancy)的方式,使用同一個應用實例為不同租戶提供服務,即多租戶應用。對于許多中小型企業(yè)來說,SaaS是采用先進技術(shù)的最好途徑。 在多租戶應用中,租戶數(shù)據(jù)的存儲和處理都發(fā)生在非完全可信的服務運營商端,租戶對自己數(shù)據(jù)的控制能力被大大削弱。非完全可信的服務運營商有可能會在租戶未授權(quán)的情況下,惡意篡改、偽造或者刪除租戶數(shù)據(jù),破壞租戶數(shù)據(jù)的完整性。如何防止不可信的云服務提供商監(jiān)守自盜,破壞租戶數(shù)據(jù)完整性,是現(xiàn)階段Saas應用進一步推廣需要解決的重要問題。 由于多租戶應用的按需定制、共享存儲、多數(shù)據(jù)節(jié)點等云的特征,面向多租戶應用的數(shù)據(jù)完整性保護面臨著一系列的新的需求：(1)租戶感知的數(shù)據(jù)完整性驗證結(jié)構(gòu)的構(gòu)建需求。在SaaS多租戶模式下,成千上萬的租戶共享底層物理數(shù)據(jù)表存儲。在這種情況下,基于已有的完整性保護方法(如MHT等)直接對共享數(shù)據(jù)表構(gòu)造完整性驗證結(jié)構(gòu)的方式,缺乏對租戶的識別,難以對租戶數(shù)據(jù)進行區(qū)分。在對一個租戶數(shù)據(jù)進行驗證時,會需要表中其他租戶數(shù)據(jù)來輔助構(gòu)造驗證對象,使得租戶間完整性驗證過程中數(shù)據(jù)互相交叉,增加了驗證對象的構(gòu)建復雜度,降低驗證效率。(2)租戶數(shù)據(jù)完整性問題及時發(fā)現(xiàn)需求。由于租戶的數(shù)據(jù)和應用都托管在了遠程服務提供商端,租戶對自己數(shù)據(jù)的控制能力大為降低,租戶對于及時發(fā)現(xiàn)數(shù)據(jù)完整性問題的需求更為強烈,租戶不僅需要能夠確認自己正在使用的數(shù)據(jù)是正確的完備的,對于一些使用頻率較低的數(shù)據(jù),租戶也希望能夠及時發(fā)現(xiàn)這些數(shù)據(jù)是否被破壞。(3)租戶數(shù)據(jù)可靠存儲需求。在SaaS模式下,租戶可以定制副本數(shù)量并付費使用,因此租戶需要能夠確認系統(tǒng)是否可靠地存儲了他們的數(shù)據(jù)副本。但是,采用明文存儲的數(shù)據(jù)副本很容易受到服務提供商內(nèi)部惡意員工的合謀攻擊,通過多個存儲服務器共享一個數(shù)據(jù)副本來節(jié)省存儲空間,嚴重破壞租戶經(jīng)濟利益,降低租戶數(shù)據(jù)訪問效率與可靠性。 因此,本論文以多租戶應用模式中租戶數(shù)據(jù)完整性保護為目標,結(jié)合多租戶數(shù)據(jù)共享存儲、租戶隔離、租戶按需租賃定制其應用等特點,對云計算環(huán)境下面向多租戶應用的數(shù)據(jù)完整性保護的關(guān)鍵問題進行研究,主要工作和貢獻包括： (1)提出面向租戶的完整性驗證方法MTAS (Multi-tenant Authentication Structure),在共享存儲模式下,通過以租戶為單位分別對共享表內(nèi)租戶數(shù)據(jù)構(gòu)造驗證結(jié)構(gòu)方法,在租戶應用使用數(shù)據(jù)的時候,進行實時完整性檢查,確保多租戶間數(shù)據(jù)完整性驗證過程互不干擾,提高驗證效率。 本文針對租戶應用處理數(shù)據(jù)的實時完整性保護問題,充分考慮租戶共享存儲、租戶隔離與個性化需求等綜合因素,基于Pivot-Universal存儲模式,提出基于復合MHT的多租戶數(shù)據(jù)完整性保護模型MTAS。MTAS在租戶應用數(shù)據(jù)時對數(shù)據(jù)進行實時完整性驗證,防止錯誤數(shù)據(jù)進入租戶應用,并且可以針對租戶數(shù)據(jù)以及完整性需求的動態(tài)變化,調(diào)整完整性保護策略,滿足租戶動態(tài)完整性保護需求。實驗結(jié)果表明,與傳統(tǒng)驗證結(jié)構(gòu)相比,MTAS在驗證對象重構(gòu)過程中,大約節(jié)省了30%的哈希計算次數(shù),驗證對象大小約為傳統(tǒng)方法的2/3,是一種行之有效的多租戶數(shù)據(jù)完整性保護模型。 (2)提出基于抽樣的租戶數(shù)據(jù)完整性保護方法TDIC (Tenant-oriented Duplication Integrity Checking Scheme),通過對租戶數(shù)據(jù)進行周期性抽樣檢查方法,解決了對所有租戶數(shù)據(jù)進行實時完整性檢查造成的性能浪費問題。 針對實時的數(shù)據(jù)完整性檢查容易忽略掉租戶長期不用的數(shù)據(jù)的完整性保護問題,提出面向租戶副本數(shù)據(jù)的抽樣檢查機制TDIC,通過對租戶副本內(nèi)數(shù)據(jù)進行周期性隨機抽樣的方式,來降低服務提供商端驗證對象的生成代價,消除對租戶副本數(shù)據(jù)全部進行實時驗證的資源浪費。同時,TDIC結(jié)合租戶元組的同態(tài)標簽與輔助驗證樹結(jié)構(gòu),使得租戶可以在不泄露租戶數(shù)據(jù)內(nèi)容的前提下,委托可信第三方對租戶副本進行抽樣檢查。分析與實驗結(jié)果表明,如果租戶邏輯視圖中包含10000個數(shù)據(jù)元組時,在元組破壞率為1%的情況下發(fā)現(xiàn)數(shù)據(jù)被破壞的隨機抽樣數(shù)目最大約為元組總數(shù)的5%,相對全部驗證的方法極大地降低了系統(tǒng)資源浪費。 (3)提出防合謀刪除的多副本數(shù)據(jù)混淆存儲TD2O (Tenant Duplicate Data Obfuscation)模型,通過基于元組屬性值的數(shù)據(jù)混淆對租戶副本進行區(qū)別存儲,抵御服務提供商內(nèi)部惡意人員的合謀刪除問題。 針對租戶副本數(shù)據(jù)明文存儲情況下容易被服務提供商合謀刪除問題,提出基于線性隱藏的的數(shù)據(jù)混淆模型TD2O,通過混淆使得存儲相同數(shù)據(jù)的租戶副本具有不同的數(shù)據(jù)表現(xiàn)內(nèi)容,防止服務提供商為節(jié)省存儲空間,整個刪除租戶不常用副本,保證租戶數(shù)據(jù)完整性,并基于Monte Carlo隨機單調(diào)函數(shù)對TD2O模型進行拓展,制定關(guān)鍵字保序策略,實現(xiàn)租戶副本數(shù)據(jù)關(guān)鍵字的保序,提高混淆副本的查詢效率。實驗結(jié)果表明擴展的TD2O模型在保序關(guān)鍵字上具有較好的查詢性能。
[Abstract]:Software as a Service ( SaaS ) is a very important service delivery way in cloud computing . The service provider is responsible for the maintenance , management and upgrade of the application software . The tenant uses the network rental application and pays for the use . It does not need to care about the underlying complex implementation details . In the SaaS mode , the mature service operator uses Single Instance Multi - tenancy . The same application instance provides services to different tenants , i.e . multi - tenant applications . For many small and medium enterprises , SaaS is the best way to adopt advanced technology .

In multi - tenant applications , the storage and handling of tenant data occurs at the end of a non - completely trusted service operator . The ability of tenants to control their own data is greatly impaired . Non - fully trusted service operators may tamper with , forge or delete tenant data without authorization of the tenant , destroying the integrity of tenant data . How to prevent non - trusted cloud service providers from guarding against theft and destroying tenant data integrity is an important issue at this stage of the application of Saas application further .

Data integrity protection for multi - tenant applications is faced with a series of new requirements due to demand customization , shared storage , multi - data nodes , etc .

Therefore , this paper studies the key problems of data integrity protection for multi - tenant applications under cloud computing environment by using tenant data integrity protection in multi - tenant application mode as the target , combining multi - tenant data sharing storage , tenant isolation , tenant - on - demand lease and customizing the application , and the main tasks and contributions include :

( 1 ) An integrity verification method MTAS ( Multi - tenancy Authentication Structure ) for a tenant is proposed . In the shared storage mode , a real - time integrity check is carried out on the tenant data structure in a shared table in a shared storage mode , so as to ensure that the data integrity verification process between the multi - tenancy is not interfered with each other , and the verification efficiency is improved .

In this paper , based on Pivot - Universal storage model , MTAS . MTAS , which is based on multi - tenant data integrity protection model MTAS - MTAS based on composite MHT , is proposed for real - time integrity protection of tenant application processing data , which is based on the Pivot - Universal storage model . The results show that MTAS saves about 30 % of hash calculation times in the process of verifying object reconstruction , and verifies that object size is about 2 / 3 of traditional method . It is an effective multi - tenant data integrity protection model .

( 2 ) A sampling - based method TDIC ( Tenant - oriented Integrity Checking Scheme ) is proposed to solve the problem of performance waste caused by the real - time integrity check of all tenant data by periodically sampling the tenant data .

According to the real - time data integrity check , it is easy to ignore the integrity protection problem of the long - term unused data of the tenant , propose a sampling inspection mechanism TDIC for the tenant copy data , reduce the generation cost of the service provider end verification object by periodically random sampling the data in the tenant replica , and eliminate the resource waste of all real - time verification of the tenant copy data .

( 3 ) Put forward the multi - copy data confusion storage TD2O ( Tenant Duplicate Data Obfuscation ) model deleted by anti - collusion , and make the difference storage to the tenant copy by data confusion based on the tuple attribute value , and resist the collusion deletion problem of the malicious personnel inside the service provider .

The paper proposes a data confusion model TD2O based on linear hiding under the condition of plaintext storage of tenant replica data , and proposes a data confusion model TD2O based on linear hiding , which prevents the service provider from saving the storage space . The whole deletion tenant does not use a common copy to ensure the data integrity of the tenant , and develops the keyword preserving strategy based on the Monte Carlo random monotone function to improve the query efficiency of the duplicated copy . The experimental results show that the expanded TD2O model has better query performance on the order - preserving keyword .
【學位授予單位】：山東大學
【學位級別】：博士
【學位授予年份】：2014
【分類號】：TP393.09;TP309

【參考文獻】

相關(guān)期刊論文 前6條

1 張敏;洪澄;陳馳;;一種服務器透明的外包數(shù)據(jù)庫查詢驗證方法[J];計算機研究與發(fā)展;2010年01期

2 咸鶴群;馮登國;;外包數(shù)據(jù)庫模型中的完整性檢測方案[J];計算機研究與發(fā)展;2010年06期

3 張坤;李慶忠;史玉良;;面向SaaS應用的數(shù)據(jù)組合隱私保護機制研究[J];計算機學報;2010年11期

4 孔蘭菊;李慶忠;史玉良;王學;;面向SaaS應用基于鍵值對模式的多租戶索引研究[J];計算機學報;2010年12期

5 徐劍;周福才;楊牧洲;李福祥;朱志良;;面向分布式查詢認證的分層Hash鏈表[J];計算機研究與發(fā)展;2012年07期

6 王正飛,汪衛(wèi),施伯樂;基于商用數(shù)據(jù)庫管理系統(tǒng)的字符串數(shù)據(jù)的加密存儲與查詢[J];小型微型計算機系統(tǒng);2005年11期

相關(guān)博士學位論文 前1條

1 孔蘭菊;SaaS應用交付平臺中多租戶云數(shù)據(jù)管理關(guān)鍵技術(shù)研究[D];山東大學;2011年

，

本文編號：1909833