Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/6054
DC FieldValueLanguage
dc.contributor楊晴雯zh_TW
dc.contributor溫志煜zh_TW
dc.contributor.advisor歐陽彥杰zh_TW
dc.contributor.author邱傑義zh_TW
dc.contributor.authorChiu, Chieh-Yien_US
dc.contributor.other中興大學zh_TW
dc.date2012zh_TW
dc.date.accessioned2014-06-06T06:37:06Z-
dc.date.available2014-06-06T06:37:06Z-
dc.identifierU0005-0108201111214800zh_TW
dc.identifier.citation[1] Apache Hadoop Project, Available :http://hadoop.apache.org/ [2] Sanjay Ghemawat, Howard Gobioff, and Shun-Tak Leung, ”The Google File System,” SOSP'03, October 19-22, 2003, Bolton Landing, New York, USA.Copyright 2003 ACM 1-58113-757-5/03/0010 [3] J. Dean, S. Ghemawat, “MapReduce: simplified data processing on large clusters,” Proceedings of the 6th conference on Operating Systems Design & Implementation, San Francisco, CA, December 2004, pp. 10-10. [4] F. Chang, J. Dean, S. Ghemawat, W. C. Hsieh, D. A. Wallach, M. Burrows, T. Chandra, A. Fikes, and R. E. Gruer, “Bigtable: A Distributed Storage System for Structured Data,” ACM Transactions on Computer Systems, vol. 26, no. 2,pp. 1-26, Jun. 2008. [5] E. Jaliya, P. Shrideep, and F. Geoffrey, ”MapReduce for Data Intensive Scientific Analyses,” Proceedings of the IEEE Fourth International Conference on eScience, pp. 277-284, December 2008. [6] Tom White, 2009, Hadoop The Definitive Guide , p.4, OReilly. [7] Aaron Kimball, 2009, The Project Split, projsplit2.pdf, Cloudera. [8] Yao-Tsung Wang, 2009, The Trend of Cloud Computing , CloudIntro.pdf, NCHC Cloud Computing Research Group. [9] Welcome to Hadoop Common!, 2010, Welcome to Hadoop Common!, The Apache Software Foundation, Available at : http://hadoop/apache.org/common/. [10] C. Ranger, R. Raghuraman, A. Penmetsa, G. R. Bradski, and C. Kozyrakis, “Evaluating MapReduce for Multi-core and Multi-processor Systems,” Proceedings of the IEEE 13th International Symposium on High Performance Computer Architecture (HPCA), Phoenix, Arizona, Feb. 2007, pp. 13-24. [11] MapReduce Tutorial, 2010, MapReduce Tutorial, The Apache Software Foundation, Available at: http://hadoop.apache.org/mapreduce/docs/r0.21.0/mapred_tutorial.html. [12] Owen O'Malley, Kan Zhang, Sanjay Radia, Ram Marti, and Christopher Harrell, 2009, Hadoop Security Design, security-design.pdf, Yahoo! [13] Chun-Hung Lin, Sheng-Lun Cheng , “Design and implementation of a Hadoop-based secure cloud computing architecture,” Department of Information Management , National Sun Yat-sen University, Tainan, Taiwan. Copyright 2011. [14] POSIX, Portable Operation System Interface for Unix, IEEE Standards Association, Available at : http://standards.ieee.org/develop/wg/POSIX.html. [15] Dai Yuefa, Wu Bo, Gu Yaqiang, Zhang Quan, Tang Chaojing, “Data Security Model for Cloud Computing,” Proceedings of the 2009 International Workshop on Information Security and Application (IWISA 2009), ISBN 978-952-5726-06-0 [16] Kavin Hamlen, Murat Kantarcioglu, Latifur Khan, Bhavani Thuraisingham, “Security Issues for Cloud Computing,” International Journal of Information Security and Privacy, 4(2), 39-51, April-June 2010. [17] Aaron Kimball, 2008, Securing a Hadoop Cluster Through a Gateway, Cloudera, Available at: http://www.cloudera.com/blog/2008/12/securing-a-hadoop-cluser-through-a-gateway/. [18] The Apache Software Foundation, 2009, HDFS Proxy Guide, hdfsproxy.pdf, The Apache Software Foundation. [19] Behrouz A. Forouzan, Introduction to Cryptography and Network Security 4/e, chap18. [20] Garhan Attebury, Andrew Baranovski, Ken Bloom, Brian Bockelman, Dorian Kcira, James Letts, Tanya Levshina, Carl Lundestedt, Terrence Martin, Will Maier, Haifeng Pi, Abhishek Rana, Igor Sfiligoi, Alexander Sim, Michael Thomas, Frank Wuerthwein, “Hadoop Distributed File System for the Grid,” 2009 IEEE Nuclear Science Symposium Conference Record. [21] File System in Userspace. Available: http://fuse.sourceforge.net. [22] C.-Y. Wen and W.A. Sethares, “Automatic decentralized clustering for wireless sensor networks ”.zh_TW
dc.identifier.urihttp://hdl.handle.net/11455/6054-
dc.description.abstract隨著雲端運算的發展,使用者可以不受時間與空間的限制,隨時隨地享用雲端運算的各項服務,例如Gmail、PPStream、Facebook、Office Live、Adobe Connect、Amazon Web Server...等,當此類雲端運算服務,進入使用者的生活層面的同時,確保個人資料隱私與安全的管理機制,更加顯得重要,而此一管理機制也勢必相對加入更多安全管理技術。 現有的各種安全管理技術,例如Kerberos、SSL/TTL、VPN、資料加密...等,需要藉助雲端服務的安全機制基礎建設,以提供使用者隱私與資料安全的功能,但同時增加安全機制主機的重要性與風險,當安全機制主機發生功能異常、失聯、或甚至功能失效當機時,導致系統失效或可用性下降,使用者將無法使用及存取各項雲端運算服務;因此集中式安全管理機制,將形成雲端運算的明顯『弱環』。 透過探討各種安全管理機制理論與研究,並在NAS系統上完成Hadoop雲端平台的建置,同時加入Kerberos安全認證機制,傳輸過程以VPN形式完成。並研究及探討當有效管理個體失效或失能時,系統自動進入時序投票機制(Clustering Algorithm via Waiting Timer, CAWT),重新建立雲端平台伺服器機制研究。 在NAS雲端平台上,配合Hadoop系統建立動態具強健性容錯能力安全主機管理機制,使其同時具備集中式管理的效率性與分散式管理的調節及適應性,以降低單一主機的風險,確保雲端基礎建設的穩定運作與提高其整體服務的可用性及可靠度。zh_TW
dc.description.abstractNAS (Network Attached Storage) plays an important role in cloud computing that can be a bridge cache for the local cloud storage and the remote public cloud for mass data storage. Because of the network bandwidth limitation, instant of keeping all the information on the remote storage, NAS can store a copy of information on local site efficiently. The use of NAS provides another option that can also be considered as a secure private cloud for those companies that don't need to build a large data center or they don't like to put their data on the public cloud. The main target for this project is to implement a security mechanism for the HDFS (Hadoop Distribution File System) on NAS. We implement HDFS onto NAS and use Kerberos as the authentication system to strengthen the security level. The Apache Hadoop project develops open-source software for our initial need. We also adopted an open source software on the NAS servers which were provided by the Promise Technology Crop. Centralized control security server may be damage therefore a backup server selection mechanism is necessary. A dynamic cluster head selection algorithm were deveopmented for this purpose.en_US
dc.description.tableofcontents致謝辭…………………………………………………………………………………... i 摘要…………………………………………………………………………………….. ii Abstract……………………………………………………………………………….. iii 目次………………………………………………………………..…………………... iv 表目次………………………………………………………………..…………………vi 圖目次………………………………………………………………..……………….. vii 第一章 緒論 1.1 簡介………………………………………………………………..………….1 1.2 研究動機………………………………………………………………..…….2 1.3 論文架構………………………………………………………………..…….3 第二章 相關技術背景 2.1 雲端運算Cloud Computing………...………..……………...………………4 2.2 對稱式鑰匙協議……………………………………………………………..6 2.2.1 Diffie-Hellman鑰匙交換法………………………………………..6 2.2.2 Station-to-Station鑰匙交換法……………………………………..9 2.3 資料流加密法……………………………………………………………….10 2.3.1 RC4………………………………………………………………..11 2.3.2 A5/1……………………………………………………………….13 2.4 時序投票機制(Clustering Algorithm via Waiting Timer, CAWT)...………..15 第三章 Hadoop分散式檔案系統HDFS 3.1 Hadoop………………………………………………………………………19 3.2 Hadoop Common.…….…...………………………………………………..20 3.3 HDFS(Hadoop Distributed File System)………...………………………..21 3.4 MapReduce……....………………………………………………………….24 3.5 安全問題分析……………………………………………………………….25 3.6 相關研究分析………………………………………………………………26 第四章 安全性Hadoop分散式檔案系統HDFS架構 4.1 系統儲存服務架構………………………………………………………….29 4.2 系統安全環境架構………………………………………………………….30 4.2.1 使用者身分認證…………………………………………………….30 4.2.2 虛擬私有網路……………………………………………………….31 4.3 個人資料安全與備份保全機制…………………………………………….38 4.4 主機強健容錯能力與擴充性管理機制…………………………………….39 第五章 實驗結果與比較 5.1 實驗環境…………………………………………………………………….42 5.2 系統架構與流程…………………………………………………………….43 5.3 實驗結果…………………………………………………………………….44 5.4 效能分析…………………………………………………………………….46 第六章 結論與未來展望 6.1 結論………………………………………………………………………….50 6.2 未來展望…………………………………………………………………….50 參考文獻………………………………………………………………..…………..….51zh_TW
dc.language.isoen_USzh_TW
dc.publisher電機工程學系所zh_TW
dc.relation.urihttp://www.airitilibrary.com/Publication/alDetailedMesh1?DocID=U0005-0108201111214800en_US
dc.subjectcloud computingen_US
dc.subject雲端運算zh_TW
dc.subjectClustering Algorithm via Waiting Timeren_US
dc.subjectHadoopen_US
dc.subjectHadoop Distribution File Systemen_US
dc.subjectsecurityen_US
dc.subjectKerberosen_US
dc.subject雲端安全機制zh_TW
dc.subject動態自我組態zh_TW
dc.subject適應性調節zh_TW
dc.subject分散式拓樸控制zh_TW
dc.subject時序投票機制zh_TW
dc.subjectKerberoszh_TW
dc.subjectHadoopzh_TW
dc.title以Hadoop分散式檔案儲存及安全管理為基礎之研究並實現於NASzh_TW
dc.titleAn Implementation of A Secure Authentication Scheme on NAS using HDFSen_US
dc.typeThesis and Dissertationzh_TW
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.languageiso639-1en_US-
item.openairetypeThesis and Dissertation-
item.grantfulltextnone-
item.fulltextno fulltext-
item.cerifentitytypePublications-
Appears in Collections:電機工程學系所
Show simple item record
 

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.