跳到主要內容

簡易檢索 / 詳目顯示

回結果列表
研究生: 王小玲
Siao-ling Wang
論文名稱: 基於Xen之雲端虛擬網路自動建置與管理研究-以CSEP雲端安全實驗平台為例
On Automatic Installation and Management of Xen-based Cloud Virtual Networks—A Case Study on the Cloud Security Experimental Platform
指導教授: 陳奕明
Yi-ming Chen
口試委員:
學位類別: 碩士
Master
系所名稱: 管理學院 - 資訊管理學系
Department of Information Management
論文出版年: 2014
畢業學年度: 102
語文別: 中文
論文頁數: 75
中文關鍵詞: 雲端虛擬網路圖形化自動化雲端安全實驗平台認知負荷
外文關鍵詞: Cloud Virtual Network, Graphics, Automation, Cloud Security Experiment Platform, Cognitive Load
相關次數: 點閱:9下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 雲端運算眾所皆知提供了資料儲存和運算能力的擴充,但漸漸的也開始尋找新的應用情境,尤其是建立基於雲端的虛擬網路服務(Cloud-based Virtual Networks,簡稱CVN),亦稱為網路即服務(Network as a Service,簡稱NaaS)或虛擬私有雲(Virtual Private Cloud,簡稱VPC)。然而目前提供雲端虛擬網路建置與管理服務的平台,主要是針對網路管理人員等,具有網路管理及設定相關知識的使用者,對於大多數的使用者來說不論在使用的操作上,或是學習上都造成了不必要的負擔。
    為了降低使用者需額外學習其他知識的負擔及降低使用者因操作不易可能導致設定錯誤的情況發生。本研究以CSEP雲端安全實驗平台為例,提出一雲端虛擬網路自動建置與管理機制,透過圖形化的網路拓樸編輯介面及建置與管理功能的自動化,讓使用者能以更便利、更直覺的方式來建置雲端虛擬網路環境,以降低使用者的內、外在認知負荷。
    本研究之雲端虛擬網路自動建置與管理機制,經實驗證明可正確的為使用者進行Routing Table及IP的設定,即使使用者並不懂得如何設定也能在短時間內建置出可用的網路環境,降低使用者需額外學習其他知識的負擔。並且從實驗中也可明確得知,本研究之雲端虛擬網路自動建置與管理機制相較於多數人採用的Command Line Interface,所花費的時間大幅的降低了41.04%,大大提升了使用者體驗。

    Cloud computing provides a well-known data storage and computing capacity expansion, but gradually began to find new applications scenarios, especially the establishment of Cloud-based Virtual Network Services (CVN), also called the Network as a Service ( NaaS) or Virtual Private Cloud (VPC). However, currently available in the cloud to install and manage virtual network services platform, mainly for network management personnel, who has network management knowledge and know how to set up a network. Therefore, for most users, whether on the operation, or the study have caused unnecessary burden.
    In order to reduce the burden of need additional knowledge and learning to reduce the degree of operating difficulty and reduce configuration error happens when the user don't know how to use it. Therefore, we use Cloud Security Experiment Platform (CSEP) as an example, proposed a cloud virtual network automatic installation and management mechanism, through a graphical interface and network topology automatic installation and management functions, make it more convenient and intuitive way to install cloud virtual network environment for users, and reduce user’s Intrinsic Cognitive Load and Extraneous Cognitive Load.
    The study of cloud virtual network automatic installation and management mechanism, after the experiment proved to be correct for conduct IP and routing table settings, even if the users do not understand how to set up, they also can install a network environment in a short time that reduce the burden of users. In this study, we also proved from the experiments that the cloud virtual network mechanism automatic installation and management mechanism compared to the majority of people using the Command Line Interface (CLI), the time it takes to dramatically reduce 41.04%, greatly enhance the user experience.

    論文摘要 i 英文摘要 ii 誌謝 iii 目錄 iv 圖目錄 vi 表目錄 viii 第一章 緒論 1 1-1 研究背景 1 1-2 研究動機與目的 6 1-3 研究貢獻 8 1-4 章節架構 8 第二章 相關研究 9 2-1 雲端虛擬網路自動建置與管理之定義 9 2-1-1 虛擬網路與網路虛擬化 9 2-1-2 雲端虛擬網路 11 2-1-3 自動建置與管理 11 2-2 雲端虛擬網路建置與管理相關研究 12 2-4-1 中華電信hicloud VPC 12 2-4-2 Amazon VPC 13 2-4-3 DeterLab 15 2-4-4 Testbed@TWISC 18 2-3 雲端安全實驗平台與雲端服務提供者(SAMEVED)簡介 20 2-3-1 雲端安全實驗平台(CSEP)現況 20 2-3-2 SAMEVED 23 2-4 小結 25 第三章 雲端虛擬網路自動建置與管理機制 27 3-1 雲端虛擬網路自動建置與管理機制的架構與流程設計 27 3-2 雲端虛擬網路自動建置與管理機制的功能詳述 30 3-2-1 雲端虛擬網路建置頁面 30 3-2-2 解析拓樸 33 3-2-3 圖形轉API 38 3-2-4 CVN建置 39 3-2-5 設為CVN樣本映像檔 40 3-2-6 Routing Table與IP自動配置 43 3-3 雲端虛擬網路自動建置與管理機制的適應性 45 第四章 實驗設計與結果討論 46 4-1 實驗設計 46 4-1-1 實驗一:Routing Table與IP自動配置之功能驗證 46 4-1-2 實驗二:雲端虛擬網路自動建置與管理機制對使用者的影響 48 4-2 實驗結果與討論 50 4-2-1 實驗一:Routing Table與IP自動配置之功能驗證 50 4-2-2 實驗二:雲端虛擬網路自動建置與管理機制對使用者的影響 54 4-3 小結 57 第五章 結論與未來研究 58 5-1 研究結論與貢獻 58 5-2 研究限制 59 5-3 未來研究 59 參考文獻 61

    [1] 毛文波、邊瑞鋒和李芳,「雲計算網絡虛擬化原理與實現」,CCISA(資訊安全通訊)期刊,第20卷,第1期,10~30頁,2014年1月。
    [2] D. Taylor and J. Turner, “Towards a diversified internet,” White Pap. Novemb., 2004.
    [3] J. S. Turner and D. E. Taylor, “Diversifying the internet,” in Proceedings of the Global Telecommunications Conference, 2005. GLOBECOM’05. IEEE, Vol. 2, p. 6–pp, 2005.
    [4] N. M. Chowdhury and R. Boutaba, “A survey of network virtualization,” Comput. Netw., Vol. 54, No. 5, pp. 862–876, 2010.
    [5] R. Zalenski, “Firewall technologies,” Potentials IEEE, Vol. 21, No. 1, pp. 24–29, 2002.
    [6] G. Rouskas, “Network Virtualization: A Tutorial,” in Proceedings of the Optical Fiber Communication Conference, p. OW1A–1, 2012.
    [7] N. M. K. Chowdhury and R. Boutaba, “Network virtualization: state of the art and research challenges,” Commun. Mag. IEEE, Vol. 47, No. 7, pp. 20–26, 2009.
    [8] R. G. Patricio and J. Celestino, “Hephaestus: A cloud-based environment to virtual network automation,” in Proceedings of the Computers and Communications (ISCC), 2013 IEEE Symposium on, pp. 000567–000571, 2013.
    [9] I. Ayadi, N. Simoni, and G. Diaz, “NaaS: QoS-aware Cloud Networking Services,” in Proceedings of the Network Computing and Applications (NCA), 2013 12th IEEE International Symposium on, pp. 97–100, 2013.
    [10] P. Costa, M. Migliavacca, P. Pietzuch, and A. L. Wolf, “NaaS: Network-as-a-Service in the Cloud,” in Proceedings of the 2nd USENIX conference on Hot Topics in Management of Internet, Cloud, and Enterprise Networks and Services, Hot-ICE, Vol. 12, pp. 1–1, 2012.
    [11] T. Choi, N. Kodirov, T.-H. Lee, D. Kim, and J. Lee, “Autonomic management framework for cloud-based virtual networks,” in Proceedings of the Network Operations and Management Symposium (APNOMS), 2011 13th Asia-Pacific, pp. 1–7, 2011.
    [12] Y.-M. Chen, C.-E. Chuang, H.-C. Liu, C.-Y. Ni, and C.-T. Wang, “Using Agent in Virtual Machine for Interactive Security Training,” in Security Technology, Springer, pp. 65–74, 2011.
    [13] X. Li and Z. Zhan, “Visio-Based Method for User Mapping Topology Graph in Network Management System,” in Proceedings of the Biomedical Engineering and Computer Science (ICBECS), 2010 International Conference on, pp. 1–4, 2010.
    [14] Y. LI and W. LIU, “Analysis of the Shortest Route in Network on Dijkstra Algorithm,” Microcomput. Appl., Vol. 3, p. 007, 2004.
    [15] S. D. Sorden, “A cognitive approach to instructional design for multimedia learning,” Informing Sci. Int. J. Emerg. Transdiscipl., Vol. 8, pp. 263–279, 2005.
    [16] M.-X. Chen and K.-L. Mei, “Mechanism of Automatic Deployment for Virtual Network Environment,” in Proceedings of the Parallel Processing (ICPP), 2013 42nd International Conference on, pp. 1061–1066, 2013.
    [17] D. Kakadia and V. Varma, “Network Virtualization Platform for Hybrid Cloud,” in Proceedings of the Cloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on, Vol. 2, pp. 69–74, 2013.
    [18] J. B. Siu and Z. S. Guo, “Web-based network configuration management system,” in Proceedings of the Communication Technology, 2000. WCC-ICCT 2000. International Conference on, Vol. 1, pp. 487–491, 2000.
    [19] M. Hibler, R. Ricci, L. Stoller, J. Duerig, S. Guruprasad, T. Stack, K. Webb, and J. Lepreau, “Large-scale Virtualization in the Emulab Network Testbed.,” in Proceedings of the USENIX Annual Technical Conference, pp. 113–128, 2008.
    [20] D. Nurmi, R. Wolski, C. Grzegorczyk, G. Obertelli, S. Soman, L. Youseff, and D. Zagorodnov, “The eucalyptus open-source cloud-computing system,” in Proceedings of the Cluster Computing and the Grid, 2009. CCGRID’09. 9th IEEE/ACM International Symposium on, pp. 124–131, 2009.
    [21] T. Benzel, “The science of cyber security experimentation: the DETER project,” in Proceedings of the 27th Annual Computer Security Applications Conference, pp. 137–148, 2011.
    [22] P.-W. Tsai, Y.-T. Lai, P.-W. Cheng, C.-S. Yang, and M.-Y. Luo, “Design and develop an OpenFlow Testbed within virtualized architecture,” in Proceedings of the Network Operations and Management Symposium (APNOMS), 2013 15th Asia-Pacific, pp. 1–3, 2013.
    [23] S.-J. Chen, J.-Y. Huang, C.-T. Huang, and W.-J. Wang, “SAMEVED: A System Architecture for Managing and Establishing Virtual Elastic Datacenters,” Int. J. Grid High Perform. Comput. IJGHPC, Vol. 5, No. 2, pp. 27–42, 2013.
    [24] “Dropbox for Business security: A Dropbox whitepaper.” [Online]. Available: https://www.dropbox.com/static/business/resources/Security_Whitepaper.pdf.
    [25] “hicloud VPC產品介紹,” hicloud VPC. [Online]. Available: http://hicloud.hinet.net/vpc/products.html.
    [26] “Amazon Virtual Private Cloud,” Amazon Virtual Private Cloud. [Online]. Available: http://aws.amazon.com/cn/vpc/.
    [27] “Introducing Amazon Virtual Private Cloud (VPC),” Amazon Web Services Blog. [Online]. Available: http://aws.typepad.com/aws/2009/08/introducing-amazon-virtual-private-cloud-vpc.html.
    [28] “Amazon web services白皮書,” Amazon. [Online]. Available: http://media.amazonwebservices.com/AWS_Risk_and_Compliance_Whitepaper.pdf.
    [29] “私有雲架構,” MiCloud. [Online]. Available: http://micloud.tw/ch/component/k2/item/241-private-cloud.
    [30] “Virtual Private Cloud-as-a-Service: Extend Enterprise Security Policies to Public Clouds.” [Online]. Available: http://www.cisco.com/web/strategy/docs/gov/46113_cloud.pdf.
    [31] “Azure 虛擬網路,” Microsoft Azure. [Online]. Available: http://azure.microsoft.com/zh-tw/services/virtual-network/.
    [32] “Secure Data Connector,” Google Developers. [Online]. Available: https://developers.google.com/secure-data-connector/docs/1.3/overview.
    [33] “中華電信hicloud虛擬私雲 成功協助桃園國際機場建置混合雲,” NetAdmin. [Online]. Available: http://www.netadmin.com.tw/article_content.aspx?sn=1307180001.
    [34] 劉慈明, “台大、神通、基龍米克斯 三方合作研發 國內第一朵生技雲誕生.” [Online]. Available: http://www.mitac.com.tw/pdf/%E7%94%9F%E6%8A%80%E9%9B%B2.pdf.
    [35] “企業建置雲端辦公環境 私有雲商機日增,” DIGITIMES. [Online]. Available: http://www.digitimes.com.tw/tw/dt/n/shwnws.asp?CnlID=13&packageid=6151&id=0000287907_XPX8068I1T3KGF6B3NV8W&cat=50&ct=1.
    [36] “DeterLab,” The Deter Project. [Online]. Available: http://deter-project.org/about_deter_project.
    [37] “中央大學雲端安全實驗平台(Cloud Security Experimental Platform),” 中央大學雲端安全實驗平台. [Online]. Available: http://csep.mgt.ncu.edu.tw/.
    [38] “SAMEVED,” OpenFoundry. [Online]. Available: http://www.openfoundry.org/of/projects/2313.
    [39] “ISO 9241-210,” ISO. [Online]. Available: http://www.iso.org/iso/catalogue_detail.htm?csnumber=52075.
    [40] “automatic,” Oxford Learner’s Dictionaries. [Online]. Available: http://www.oxfordlearnersdictionaries.com/definition/english/automatic_1.
    [41] “ISO/IEC 7498-4.” ISO. [Online]. Available: http://www.iso.org/iso/catalogue_detail.htm?csnumber=14258.
    [42] “Amazon Web Services CLI Tools,” Amazon Web Services CLI Tools. [Online]. Available: http://docs.aws.amazon.com/general/latest/gr/GetTheTools.html.
    [43] “Amazon Virtual Private Cloud CLI Tools,” Amazon Virtual Private Cloud CLI Tools. [Online]. Available: http://awsdocs.s3.amazonaws.com/VPC/latest/vpc-qrc.pdf.
    [44] “Emulab,” Emulab.Net. [Online]. Available: http://www.emulab.net/.
    [45] “NS Script,” Emulab. [Online]. Available: https://wiki.emulab.net/wiki/Tutorial.
    [46] “Emulab Client GUI (Alpha),” Emulab. [Online]. Available: http://www.emulab.net/netlab/client.php3.
    [47] “Testbed@TWISC,” Testbed@TWISC. [Online]. Available: http://testbed.ncku.edu.tw/index.php3.
    [48] “About POX.” [Online]. Available: http://www.noxrepo.org/pox/about-pox/.
    [49] “Netbuild,” Netbuild. [Online]. Available: http://icl.cs.utk.edu/netbuild/index.html.
    [50] “Critical Patch Updates, Security Alerts and Third Party Bulletin,” ORACLE. [Online]. Available: http://www.oracle.com/technetwork/topics/security/alerts-086861.html.

    QR CODE
    :::