臺灣博碩士論文加值系統

　　近年來雲端運算的發展已經是科技產業的一個趨勢，政府與企業亦規劃了許多開發計畫。雲端運算運用在企業資訊架構中，能夠大幅縮減硬體設備的採購成本與維護時間，並可將其重心放置於提升企業核心競爭力。然而當企業專注於雲端運算的佈署時，潛在的安全問題亦隨之浮現。不同的雲端服務皆有許多不同的安全性問題存在，而資料的安全性便是每一個雲端服務層會出現的議題。
　　對於一般的個人電腦來說，當使用者進行文件的刪除時，實際上並沒有真正的刪除該文件，而只是將檔案系統中的文件路徑刪除，該文件仍然存在於實體硬碟中，我們稱此為資料殘留(Data remanence)。將此資料殘餘的問題轉移至雲端運算當中，便可能產生雲端上資料的安全性問題。本計畫主要為探討雲端運算中資料儲存與刪除之安全，透過第三方信任中心 (TTP ,Trusted Third Party)設立之監控中心，對於雲端客戶運行於雲端服務提供商(CSP ,Cloud Service Provider)的整體資料生命週期來實施監控機制，並針對殘餘資料的部分進行資料消除(Data sanitization)。

　　In recent years, as cloud computing becomes popular, it has been attracted more and more attention by governments and enterprises. In the perspective of information technology, cloud computing not only gives a chance to divest infrastructure management of enterprises, but also enhances their core competencies. However, when enterprises focus on the development of cloud computing, the potential security issues emerge gradually. Cloud services will have a variety of security issues, and the subject of data security emerges in every type of service. The emerging cloud computing technology needs the assurance of data security, otherwise most of customers/organizations do not dare to adopt it. As well known, only after the security requirements of cloud computing could be managed and guaranteed, the prospects of the cloud services are brightening.
　　Our research proposes an infrastructure to solve one of the security problems, i.e. data sanitization. Data sanitization is the method to solve the problem of data remanence. Most people do not know when they delete the file, the file still exists in hard disk. We call this problem is data remanence. It will enormously complicate the issue of data remanence in cloud. We propose a novel infrastructure in cloud computing environment which assures the data sanitization after the customers decide to delete them. The data that customer stores on the Cloud Service Provider (CSP) can be monitored by Trusted Third Party (TTP), and TTP implements the monitoring mechanism to control the data lifecycle. We focus on the problem of data remanence to simulate the mechanism of data sanitization in cloud, and we analyze the mechanism performance and security.

Contents
1.Introduction 1
　1.1 Background 1
　　1.1.1 Cloud Computing 1
　　1.1.2 Cloud Security 2
　　1.1.3 Personal Data Protection Act 3
　1.2 Motivations 3
　　1.2.1 Data Remanence 3
　　1.2.2 Issue about PDPA 4
　1.3 Research Problems and Objectives 4
2.Related Works 5
　2.1 Cloud Computing Framework 5
　2.2 Virtual Hard Disk 6
　2.3 TTP in Cloud Computing 7
　2.4 Public-Key Infrastructure 7
　2.5 Monitoring Approach for Cloud 8
　2.6 Data Security Lifecycle 9
　2.7 Data Sanitization 11
　　2.7.1 Definition 11
　　2.7.2 Overwriting 11
3.Proposed Mechanism 14
　3.1 Trust Model 14
　3.2 Monitoring Data Framework Design 15
　　3.2.1 Files Monitoring Software 16
　　3.2.2 Data Conversion Interface 17
　　3.2.3 Sanitization Center 19
　3.3 Data Sanitization Scheme 21
　　3.3.1 Data Sanitization Process 21
　　3.3.2 Data Sanitization by Overwriting 22
4.Experiment and Analysis 23
　4.1 System Establishment and Implementation 23
　　4.1.1 Development of Cloud Environment 23
　　4.1.2 System Establishment 26
　4.2 Analysis 29
　　4.2.1 Performance Analysis 29
　　4.2.2 Process Analysis 31
　　4.2.3 Cloud Security Analysis 36
5.Conclusion & Future Work 40
　5.1 Conclusion 40
　5.2 Future Work 41
References 42

Table List
Table 1.1 Cloud computing security issues　2
Table 2.1 Hard disk drive management levels　6
Table 2.2 Lifecycle control phases　10
Table 2.3 Sanitization types　11
Table 2.4 Introduction to current overwrite method　12
Table 3.1 Notation table　18
Table 3.2 Log server’s files contents storage in Sanitization Center　20
Table 3.3 iSCSI‘s log file storage in Sanitization Center　20
Table 4.1 Performance analysis of Sanitization method comparison table　31
Table 4.2 Packet size of sanitization request　33
Table 4.3 Packet size of report　34
Table 4.4 Statistics analysis of transmission time of report　35
Table 4.5 The achievement of nine major security　37

Figure List
Fig. 2.1 VMware vSphere architecture　5
Fig. 2.2 fsstat command content　6
Fig. 2.3 Public-key infrastructure model　8
Fig. 2.4 McAfee database activity monitoring architecture　9
Fig. 2.5 Data security lifecycle　10
Fig. 2.6 Eraser operation interface　13
Fig. 3.1 Trust model　14
Fig. 3.2 Monitoring data flow diagram　16
Fig. 3.3 Conversion Interface deployment process　17
Fig. 3.4 Data flow diagram of Sanitization Center　19
Fig. 3.5 Data sanitization implements process　21
Fig. 4.1 Simulation architecture diagram of cloud environment　23
Fig. 4.2 vSphere Cloud OS management Console　25
Fig. 4.3 StarWind Management Console　25
Fig. 4.4 Conversion Interface Configuration Console　26
Fig. 4.5 Sanitization Center Console　27
Fig. 4.6 Monitor files view　27
Fig. 4.7 Data sanitization UI　28
Fig. 4.8 Data security lifecycle report　28
Fig. 4.9 Data log file schematic diagram　29
Fig. 4.10 Gutmann sanitization performance　30
Fig. 4.11 Schneier sanitization performance　30
Fig. 4.12 US DoD 5220-22.M sanitization performance　30
Fig. 4.13 VSITR sanitization performance　31
Fig. 4.14 Data sanitization process flowchart　32
Fig. 4.15 Simulation of packet transmission　33
Fig. 4.16 Simulation of transmission time of request　33
Fig. 4.17 Simulation of report transmission　35
Fig. 4.18 Simulation of transmission time of report　36
Fig. 4.19 TTP SMT of user account simulation diagram　38
Fig. 4.20 TTP SMT of trust relationship simulation diagram　39

AltheideC., & CarveyH. (2011). Digital Forensics with Open Source Tools. USA: Elsevier Inc.
Chang, R. (2012). Personal data protection act goes into effect, though certain clauses exempted. Retrieved from Taipei Times: http://www.taipeitimes.com/News/taiwan/archives/2012/10/
CSA. (2011). Security guidance for critical areas of focus in cloud computing v3.0. USA: Cloud Security Alliance. Retrieved from CSA: https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
CSA. (2013). Top Threats Working Group The Notorious Nine Cloud Computing Top Threats in 2013. USA: Cloud Security Alliance (CSA).
DoD, DoE, NRC, & CIA. (1995). DoD 5220.22-m, National Industrial Security Program Operating Manual. Washington: U.S. Government Printing Office.
Eaton, C., DeRoos, D., Deutsch, T., Lapis, G., & Zikopoulos, P. (2012). Understanding Big Data. USA: IBM.
GutmannP. (1996). Secure deletion of data from magnetic and solid-state memory. Paper presented at the Sixth USENIX conference on Security Symposium Proceedings, California. 6th conference on USENIX Security Symposium. 6, Page 8 - 8. CA: Creative Commons.
Hintemann& Faßnacht, C.R.,. (2008). Leitfaden zum Sicheren Datenlöschen Vers. 2.0. Bundesverband Informationswirtschaft. Albrechtstraße: BITKOM.
HonanM. (2012). How Apple and Amazon Security Flaws Led to My Epic Hacking. Wired.
KisselScholl, M., Skolochenko, S., & Li, X.R.,. (2006). Guidelines for media sanitization. National Institute of Standards and Technology . Gaithersburg, MD: U.S. GOVERNMENT PRINTING OFFICE .
Kortchinsky, K. (2009). Cloudburst: A VMware Guest to Host Escape Story. Black Hat.
Lombardi& Di Pietro, R.F.,. (2011). Secure virtualization for cloud computing. Journal of Network and Computer Applications, 4(34), Page 1113-1122.
Manzoor& Nefti, S.U.,. (2009). An agent based system for activity monitoring on network – ABSAMN. Expert Systems with Applications, 36, Page 10987–10994. Dayton, OH.
MarinescuDan C. (24 May 2013). Cloud Computing : Theory and Practice. USA: Elsevier Inc.
McAfee. (2012). Database Security in Virtualization and Cloud Computing Environments. CA: McAfee, Inc. Retrieved from McAfee: http://www.mcafee.com/tw/
McAfee. (2011). Database Security in Virtualization and Cloud Computing Environments. McAfee.
Mell, P., & Grance, T. (2011). The NIST Definition of Cloud Computing. Retrieved from NIST: http://www.nist.gov
NicolaeB., & CappelloF. (2013). BlobCR: Virtual disk based checkpoint-restart for HPC applications on IaaS clouds. Journal of Parallel and Distributed Computing, 5(73), Page 698–711.
RistenpartTromer, E., Shacham, H., & Savage, S.T.,. (2009). Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. Proceedings of the 16th ACM conference on Computer and communications security.
SchneierB. (2004). Secrets & Lies : Digital Security in a Networked World. USA: John Wiley & Sons Inc.
Shao, J., Wei, H., Wang, Q., & Mei, H. (2010). A Runtime Model Based Monitoring Approach for Cloud. IEEE International Conference on Cloud Computing, (pp. 313-320).
Stallings, W. (2011). Cryptography and Network Security, Principles and Practices (Fifth ed.). Prentice Hall.
Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), pp. 1-11.
VMware. (2011). VMware vSphere 5 Competitive Reviewer's Guide. Retrieved from VMware: www.vmware.com
WangTao, J., Ranjan, R., Marten, H., Streit, A., Chen, J., & Chen, D.L.,. (2012). G-Hadoop: MapReduce across distributed data centers for data-intensive computing. Future Generation Computer Systems, 29(3).
White, T. (2012). Hadoop: The Definitive Guide (Third ed.). USA: O'Reilly.
YangMoore, P., & Chong, S.K.X.,. (2009). Intelligent products: From lifecycle data acquisition to enabling product-related services. Computers in Industry, 60(3), Page 184-194.
Zhou, M., Mu, Y., Susilo, W., Yan, J., & Dong, L. (2012). Privacy enhanced data outsourcing in the cloud. JournalofNetworkandComputerApplications, 35(4), pp. 1367-1373.
Zhu, Y., Hu, H., Ahn, G.-J., & Yau, S. (2012). Efficient audit service outsourcing for data integrity in clouds. The Journal of Systems and Software, 85(5), pp. 1083-1095.
Zissis& Lekkas, D.D.,. (2012). Addressing cloud computing security issues. Future Generation Computer Systems, 28(3), Page 583-592.