At present, many enterprises have expressed interests in private clouds and have an optimistic attitude about the future prospects of private clouds. And more and more enterprises want to have their own private cloud computing center or the data center to optimize operation and save money. But there are many technical problems that need to be considered in the framework of the enterprise private cloud platform, such as protecting sensitive data, which has become the focus of the enterprise. In order to protect business sensitive data not to leak, this paper carries on a deep research to the main file encryption system and introduces the aggregate signature authentication into the private cloud. A secure private cloud encryption system combined with the overall architecture of the private cloud system is implemented. This system is run on the system environment of ubuntu10.04 of the enterprise private cloud file storage server. This solution achieves the security of storage resource by using eCryptfs file system non-interactively and solves the main security and efficiency problems that private cloud system face in large scale application environment.%目前,越来越多的企业想拥有自己的私有云计算中心或数据中心来优化运营和节省资金.然而在架构企业私有云平台时,有大量的问题需要考虑,其中保护企业敏感数据安全成为企业关注的热点.为了保护企业敏感数据不被泄漏,对主流的文件加密系统进行了深入的研究,结合私有云系统的整体架构,将聚合签名的身份认证引入到私有云,提出了一种基于聚合签名认证的eCryptfs私有云加密系统解决方案,经过分析拥有较高的安全性和效率.该系统运行在ubuntu10.04的操作系统环境下,通过非交互方式挂载eCryptfs文件加密系统来实现存储资源的安全,并对系统平台进行了测试.测试结果表明,这种解决方案保证了企业私有云存储服务的安全性,解决了在大规模应用环境下企业私有云系统面临的主要安全及效率问题.
展开▼
