摘要： 数据中心内的文件服务存在未授权访问等安全威胁。针对该问题，提出一种基于会话的安全Web文件服务模型，通过分离文件资源数据及其原数据，实现计算资源与存储资源的独立计算，并建立相应的安全模型和安全协议。利用BAN逻辑对协议进行安全性分析，结果证明其可以抵御多种常见攻击。基于Apache的性能测试结果表明，该模型具有较高的安全性及实用性。

关键词: Web文件服务, 文件服务模型, 安全模型, 形式化方法

Abstract: Some security threats exist in file services of data center, such as access without authorization. A session-based secure Web file service model is established. It is described and analyzed in formal. To separate computing and storage resources, the idea of separating the meta-data from file resource data is introduced. According to the threats of the model, corresponding security model and protocol are established. Performance test based on Apache show the model has higher security and better practicability.

Key words: Web file service, file service model, secure model, formal methods

中图分类号: 

• TP302