移动云安全与隐私 云安全

云计算中的数据安全与隐私保护随着云计算技术的快速发展及广泛应用，越来越多的企业和个人将他们的数据存储和处理转移到了云平台上。

然而，与此同时，云计算中的数据安全和隐私问题也越来越受到关注。

本文将探讨云计算中的数据安全和隐私保护问题，并提出一些相应的解决方案。

一、云计算中的数据安全挑战1.1 数据存储安全在云计算中，用户的数据是存储在云服务提供商的服务器上的。

因此，用户需要确保自己的数据能够安全地存储在云端，不受未经授权的访问和篡改。

同时，用户也需要关注云服务提供商的数据备份和灾难恢复机制，以防止数据丢失。

1.2 数据传输安全在数据传输过程中，存在着数据被窃取和篡改的风险。

因此，用户需要采取必要的措施来确保数据在传输过程中的安全性，比如使用加密技术来保护数据的机密性和完整性。

1.3 虚拟化安全云计算基于虚拟化技术，这就带来了虚拟机之间的安全隔离问题。

一旦云平台上的一个虚拟机受到攻击，其他虚拟机的安全性也将受到威胁。

因此，云服务提供商需要采取必要的措施来确保虚拟机之间的安全隔离。

二、云计算中的隐私保护挑战2.1 数据隐私在云计算中，用户将自己的数据存储在云端，可能面临着数据隐私泄露的风险。

云服务提供商可能会访问用户的数据，或者数据被未经授权的第三方获取。

因此，用户需要确保他们的数据能够得到充分的隐私保护。

2.2 数据治理云计算中的数据治理是指对数据进行有效的管理和保护，包括数据的收集、存储、处理和共享等方面。

云服务提供商需要制定相应的数据治理政策和措施，确保用户的数据得到合法、安全、隐私的处理。

2.3 用户认证与访问控制为了确保云平台上的数据安全和隐私保护，用户需要进行身份认证和访问控制。

云服务提供商需要采取必要的措施，包括密码策略、多因素认证等，来确保用户的身份得到有效验证，并对用户的访问进行精细化管理。

三、解决方案3.1 加密技术在云计算中，加密技术是一种非常有效的数据安全和隐私保护手段。

用户可以对自己的数据进行加密，确保数据在存储和传输过程中的机密性和完整性。

云计算安全和数据隐私的保护措施在当今数字化时代，云计算已成为许多企业和个人用户存储和处理数据的首选方法。

然而，随之而来的安全和隐私问题也日益成为人们关注的焦点。

云计算安全和数据隐私保护措施的建立和执行，对于确保用户的数据安全和隐私是至关重要的。

本文将从以下几个方面讨论云计算安全和数据隐私的保护措施：数据加密、访问控制、数据备份与恢复、网络安全、监管与合规。

一、数据加密数据加密是目前常用的保护隐私的技术之一。

在云计算环境中，数据在传输和存储过程中常面临被窃取和篡改的风险。

因此，对敏感数据进行加密处理就变得尤为重要。

通过使用对称加密和非对称加密技术，能够确保数据在传输和存储过程中的机密性和完整性。

此外，定期更换和更新加密密钥也是必要的安全措施。

二、访问控制访问控制是云计算环境中保护数据隐私的另一个重要方面。

合理的访问控制策略可以防止未经授权的访问和使用敏感数据。

身份验证和授权机制应当被实施，以确保只有经过授权的用户才能够访问和处理云上的数据。

此外，为不同用户设置不同的权限级别也是重要的一环，以确保数据只能够在合适的范围内被使用。

三、数据备份与恢复数据备份与恢复是保障数据安全与隐私的一项重要措施。

通过在云计算环境中定期备份数据，并建立可靠的数据恢复机制，即使面临数据丢失、系统崩溃等异常情况，用户的数据也能够得到有效保护。

此外，为了防止数据备份过程中的数据泄露，备份数据应使用加密方法进行存储和传输。

四、网络安全网络安全是确保云计算环境中数据安全和隐私保护的基础。

针对网络攻击和恶意软件等威胁，应采取有效的防护措施，例如入侵检测和防火墙等技术手段。

网络通信过程中应使用安全协议和加密算法，以保障数据在传输过程中的保密性和完整性。

此外，定期进行网络安全漏洞扫描和风险评估，及时修复和更新系统补丁，也是确保网络安全的重要手段。

五、监管与合规监管与合规是确保云计算环境中数据安全和隐私保护的重要支撑。

政府和相关机构应建立相应的法律法规，明确云计算服务提供商的责任和义务，以及用户的权益保障。

车联网移动云安全与隐私保护技术研究作者：林茂伟王达斌梁宇辉来源：《无线互联科技》2015年第05期摘要：智能交通车联网的发展面临着无线网络通信安全与车载用户隐私保护等一系列具有挑战性的难题。

针对该系列问题，文章提出了一种层次化的车联网移动云安全模型，车载移动终端使用其身份证书接入相应层次的云端进行身份认证，以确保获得安全稳定的车联网系统服务。

同时，由于车载单元的快速移动性质，路侧设施难以支撑大密度的车载终端认证过程，结合云端充足的计算资源和强大的服务能力，可降低车载移动终端在身份合法性确认过程对于车联网路侧设施的处理性能要求，而使用匿名认证的方法可保护车辆的安全和位置隐私。

关键词：车联网；云计算；匿名认证；层次化近年来，车辆的剧增引发了一系列引人关注的社会问题，如交通拥堵、交通事故频发等。

随着人们在车辆移动过程中的应用服务及安全性需求日益增长，智能交通领域已成为世界瞩目的研究方向，同时也推动了车辆向网络化、智能化方向发展。

作为物联网在智能交通系统领域的延伸，车联网是智能交通系统的核心组成部分，它通过对道路和交通进行全面感知，实现多个交通系统间大范围、大容量的数据传输和交互，支持对道路车辆的实时控制，从而提升交通安全和交通效率。

车联网系统功能的实现需要搜集大量移动节点信息，并能实时处理海量的相关交通信息，这就需要拥有大规模数据处理能力的平台支撑。

随着近些年云计算技术的不断发展，研究人员通过在车辆和相关路侧设施上搭建车辆云处理平台的方式，使得车辆行驶过程中可以高效利用云端提供的服务。

由于车载网络是通过无线信道进行通信，不可避免地要面临很多威胁和攻击，比如说注入虚假错误的信息、修改或重放以前的信息等等。

对于传输与生命相关的安全信息的车联网而言，这些威胁和攻击会造成严重后果。

车联网隐私保护领域的先驱者Raya曾指出：“VANET能否被接受和推广，安全和隐私保护起着关键性的作用”。

为此，迫切需要对车联网隐私保护进行全面和系统的研究。

云计算的安全与隐私保护一、云计算的安全问题随着大数据时代的到来，云计算已经成为了大公司和企业普遍采用的一种技术。

云计算的出现，极大的提高了公司和企业的效率，但是也带来了一些安全隐患，如：数据丢失、数据泄漏、恶意程序的攻击等等。

下面我们就来分析一下云计算中存在的几种安全隐患。

1. 数据丢失：数据丢失是指数据在云计算过程中可能会丢失或者无法找回的情况。

数据丢失可能主要由于存储器中故障、电网所造成的电力中断，网络中断等引起。

为了解决数据丢失问题，一些云计算服务提供商采用了备份技术，将数据存储在多个地方，确保数据的安全性和真实性。

2. 数据泄漏：随着云计算的普及，越来越多的敏感数据被存储在云上。

然而，如果云计算系统的安全性存在漏洞，那么这些敏感数据将有被人获取的风险。

数据泄漏问题可能源于云计算服务提供商的安全漏洞，也有可能是用户自己的疏忽所致。

为了避免数据泄露，一方面要选择安全性高的云计算服务提供商，另一方面要做好数据的保护和隐私保护工作。

3. 恶意程序的攻击：恶意程序是指那些通过网络或者其他途径侵入云计算系统的程序，可以对云计算系统进行攻击，威胁到云计算系统的安全。

恶意程序包括病毒、蠕虫、木马、间谍软件等等。

要想防止恶意程序的攻击，我们可以采用多种技术，如：防病毒、网络隔离、远程审计等等。

二、云计算的隐私保护1. 个人信息的隐私保护：云计算服务提供商可以通过收集用户的信息提高服务的质量，但是如果用户的个人隐私信息被泄露出去，那么将对用户造成无法估量的损失。

个人信息的隐私保护是云计算中非常重要的一部分，我们可以采用简单的加密、数据混淆等技术来加强隐私保护。

2. 敏感数据的删除：在使用云计算过程中，我们经常需要处理一些敏感数据，如用户密码、银行卡信息等等。

如果这些敏感数据不再使用后不及时删除，那么就会存在泄露风险。

为了避免敏感数据的泄露，应当在使用后尽快删除敏感数据，最好使用硬盘擦除等专业技术来彻底删除敏感数据。

云数据中心的安全与隐私保护问题随着互联网技术的发展，云计算已经渐渐成为企业和个人进行数据处理、存储和共享的主要方式。

不同于传统的本地存储方式，云数据中心能够为用户提供更高效、可靠、灵活的数据管理服务，也成为了企业日常运营所必需的重要基础设施。

然而，云数据中心也面临着安全和隐私保护方面许多挑战，如何解决这些问题，成为了云数据中心发展的重要课题。

一、云数据中心的安全威胁随着技术的不断发展，网络安全威胁也日益复杂化。

云数据中心作为网络的基础设施，在安全方面也会面临各种各样的威胁，如以下几种：1.数据泄漏云数据中心中保存着大量的用户隐私和机密信息。

一旦这些数据泄露，将可能造成严重的经济损失和声誉损害。

数据泄露的原因可能是来自内部或外部的攻击，包括黑客攻击、恶意软件的攻击、社会工程学攻击等。

2.数据丢失由于云数据中心存储的数据量非常大，因此不可避免地会出现数据丢失的情况。

这个问题可能来自于云数据中心的设备故障、系统缺陷、操作人员失误等。

3.恶意攻击云数据中心也有可能成为网络攻击的目标，如拒绝服务攻击、恶意软件的攻击、勒索软件的攻击等。

这些攻击可能导致云数据中心的服务瘫痪、数据泄露、用户信息被勒索等问题。

二、保护云数据中心的安全措施为了保障云数据中心的安全，企业应该采取一系列的措施：1.网络安全方案企业可以在云数据中心的入口处部署网络安全设备，包括防火墙、入侵防御系统、反病毒软件等。

这些设备可以起到保护云数据中心防止黑客攻击、病毒侵入等一系列作用。

2.数据备份对于云数据中心所保存的重要数据，企业需要定期进行备份，以避免数据丢失等风险。

3.安全培训企业培养员工安全意识非常重要，这些员工需要了解云数据中心的安全策略、加强账号密码管理、避免泄露信息等相关知识。

三、隐私保护问题除了安全问题外，云数据中心的隐私保护问题也引起了用户关注。

以下是几个隐私保护的问题：1.云中心的位置云数据中心的位置可能会受到一些政策、法律和行业规定的限制。

如何应对云计算的安全和隐私问题当今信息化的时代，计算机、互联网已经成为了人们的生活中不可或缺的重要组成部分。

而云计算，则是当前互联网时代最重要的技术之一。

云计算使得软件、数据和服务可以在互联网上实现动态的统一传输，实现了资源共享和优化利用，大大降低了计算机的使用成本，加速了信息化的进程。

然而，随着云计算技术的不断发展和普及，其所带来的安全和隐私问题也越来越受到人们的重视。

一、安全问题云计算的安全问题是指云计算系统在运行过程中存在的各种安全威胁和漏洞。

云计算的安全问题主要表现在以下几个方面。

1.数据安全云计算所处理的数据都存储在云端服务器上，数据安全很大程度上取决于云端服务器的安全性。

如果云端服务器存在漏洞或者被攻破，则可能会导致用户的数据泄露，造成极大的损失。

另外，云计算所处理的数据很少是单纯的数据，通常还会包括用户用户名、密码等敏感信息，如果这些信息被攻击者获取，则可能会导致更大的损失。

2.网络安全网络是云计算的基础，云计算系统中的数据和服务都是通过网络传输实现的。

因此，网络安全问题是云计算中的重要问题。

云计算系统中存在各种网络安全威胁，例如黑客攻击、病毒、木马等，这些威胁可能会对云计算系统造成严重的影响，破坏系统的正常运行，甚至导致用户的数据被盗窃。

3.身份验证在云计算系统中，用户需要进行身份验证才能访问它的资源和服务。

因此，身份验证是云计算系统中的一个非常重要的问题。

如果云计算系统的身份验证机制存在漏洞，则可能会导致未经授权的用户访问系统资源和服务。

这将危及云计算系统的安全性，也将威胁到用户的数据和隐私。

二、隐私问题云计算的隐私问题是指云计算系统在运行过程中可能存在的用户隐私泄露威胁。

云计算会涉及到用户的个人数据和敏感信息，因此，云计算的隐私问题是云计算安全问题的重要组成部分。

云计算的隐私问题主要表现在以下几个方面。

1.数据隐私云计算涉及到用户的各种数据和信息，其中包括商业机密、个人隐私等重要信息。

云计算技术的安全性与隐私保护云计算是信息技术领域的一项重要技术，以其高效、灵活、可扩展等优势越来越受到人们的关注和应用。

然而，随着云计算技术的发展和应用范围的扩大，人们对于其安全性和隐私保护问题也提出了更高的要求。

本文将重点探讨云计算技术的安全性和隐私保护问题，并介绍一些应对措施。

一、云计算技术的安全性问题云计算技术的安全性问题主要体现在以下几个方面：1. 数据安全性问题云计算中，用户的数据存储在云端，而不再存储在本地设备上。

这就意味着用户的数据可能会面临被未经授权访问、篡改或者泄露的风险。

例如，黑客入侵、恶意软件攻击等行为可能导致用户数据的安全受到威胁。

2. 访问控制问题在云计算环境下，用户可以通过网络远程访问云服务。

因此，云服务提供商需要确保只有经过授权的用户才能够获得访问权限，防止未经授权的用户获取到服务器资源。

同时，用户也需要对自身的账户和密码进行保护，避免密码泄露导致安全问题。

3. 数据传输安全问题在云计算环境下，用户的数据在传输过程中可能会受到窃听、篡改等威胁，因此数据传输的安全性至关重要。

用户和云服务提供商需要使用加密技术保护数据在传输过程中的安全。

二、云计算技术的隐私保护问题隐私保护是指在云计算环境下，用户的个人隐私信息能够得到妥善保护，不被非法获取或滥用。

云计算技术的隐私保护问题主要有以下几点：1. 用户身份识别与隐私泄露问题在云计算环境下，用户的身份信息需要在用户和云服务提供商之间进行传输，因此需要确保用户身份信息的隐私性。

同时，云服务提供商需要采取措施防止用户的个人隐私信息被非法获取和滥用。

2. 数据隐私问题在云计算中，用户的数据存储在云端，用户需要确保自己的数据不被非法获取和滥用。

云服务提供商需要采取必要的措施保护用户的数据隐私，例如数据加密、访问控制等。

三、云计算技术的安全性与隐私保护措施为了保障云计算技术的安全性和隐私保护，需要采取一系列的措施：1. 加强数据加密技术云服务提供商应该采用加密技术对用户的数据进行保护，包括数据传输过程中的加密和数据存储过程中的加密。

云计算环境中的数据安全与隐私保护在当今信息化的时代，云计算已经成为了企业和个人数据存储与处理的主要方式之一。

然而，随着云计算的普及和应用，数据安全和隐私保护问题也日益凸显。

本文将探讨云计算环境中的数据安全和隐私保护，并提供一些有效的解决方案。

在云计算环境中，数据的安全性是一个核心问题。

首先，数据在传输过程中可能会受到未经授权的访问和窃取的威胁。

为了解决这个问题，最好的方法是使用加密技术来保护数据的安全。

通过对传输数据进行加密，可以确保即使数据被窃取，也无法被恶意使用者所利用。

同时，采用安全传输协议如HTTPS也是一个必要的步骤，确保数据在传输过程中的安全。

其次，数据在云端存储时也面临着安全风险。

云服务提供商需要采取各种措施来保护存储在他们服务器上的数据。

首先，他们应该使用高级的防火墙和入侵检测系统来监控和阻止未经授权的访问。

另外，定期进行系统漏洞扫描和安全性评估也是必要的，以及时发现并修复潜在的安全漏洞。

此外，身份认证和访问控制也是云计算环境中数据安全的重要方面。

云服务提供商需要确保只有经过身份验证的用户才能访问存储在云端的数据。

为了做到这一点，可以采用多重身份验证的方式，如密码和指纹识别等。

同时，控制权限和限制用户的操作范围也是一个有效的措施，以防止恶意用户滥用数据。

除了数据安全外，隐私保护也是云计算环境中需要考虑的一个问题。

在云计算中，个人和企业的数据可能被存储在共享的云服务器上，因此必须采取措施来保护数据的隐私。

首先，采用数据匿名化技术可以有效地隐藏用户的身份信息，确保数据不会被滥用。

此外，限制对敏感数据的访问和使用，只允许授权用户访问，也是一个重要的措施。

此外，云服务提供商需要制定严格的隐私政策，并遵守相关的法律法规，以保护用户的隐私权益。

在用户使用云服务之前，应该明确知晓云服务提供商的数据隐私政策，并充分了解自己的权利和义务。

最后，用户也应该提高自身的安全意识，保护个人和企业数据的安全与隐私。

Privacy Security Issues under Mobile CloudComputing ModeYan Yan1, 2, Xiaohong Hao21School of Electrical and Information Engineering, Lanzhou University of Technology, Lanzhou 730050, China 2School of Computer and Communication, Lanzhou University of Technology, Lanzhou 730050, China*************,****************Abstract - The paper introduced the basic concept and background of Mobile Cloud Computing, analysed the inevitability and necessity to provide mobile internet services based on cloud computing technology, proposed the service framework for mobile cloud computing, analysed potential security issues and relevant technologies to protect privacy information of users under mobile cloud computing environment.Index Terms- mobile cloud computing, privacy security, framework, mobile internet, cloud security1.IntroductionCloud computing technology has been widely considered to be an important growth point of the IT industry after the prosperity of Internet. It is based on the thinking that "the network is the computer" and connected large number of computing resources, storage resources and software resources together to form a huge scale shared virtual resource pool. Cloud computing has broken the traditional one-to-one service model and was able to provide unlimited, scalable, and easy access to IT resources and services for remote computer users, which achieved the real allocation of resources according to needs. According to the estimates of Gartner Company, the revenue of global cloud computing is expected to reach $ 148.8 billion in 2014.With the rapid development of mobile communication technology and the growing popularity of intelligent terminals, there is an urgent need to get information and services from the Internet at anytime and anywhere even during the movement. The urgent needs of information and services promoted the incorporation of Internet technology and mobile communication technology, and finally formed the Mobile Internet. According to "2013-2017 China Mobile Internet Industry Market Outlook and Investment strategic planning analysis report" [1], up to the end of June 2012, the number of Internet user in China has reached 538 million, of which the cellphone netizen has reached 388 million. The proportion of Internet user accessed by mobile phones increased from the previous year's 69.3% to 72.2%, and this change is still growing. China has entered a rapid development of the Mobile Internet era.The continued development and integration of Cloud Computing and Mobile Internet result in a new application model—Mobile Cloud Computing (MCC). Mobile Cloud Computing transferred the storage, computing and other resources from local area to the "cloud". Users can achieve varied forms of services such as file storage, mobile navigation, voice searching, cellphone maps by intelligent mobile device with client terminal. Mobile Cloud Computing brought unprecedented entertainment experience to users, but at the meanwhile its security problem has become even more prominent, which becomes one of the technical difficulties that must be solved.2.Mobile Cloud ComputingA. Concept and CharacteristicAccording to the definition of cloud computing, mobile cloud computing refers to the delivery and using patterns of infrastructure, platform, software (or application) of IT resource (or information) by mobile network according to the real demand and in a scalable way, it is the application of cloud computing technology in the mobile Internet [2]. The connotation of mobile cloud computing is to store and process data beyond the terminal device, which not only solved the insufficient computing resources of mobile terminals effectively, but also improved data acquisition capabilities greatly, benefited management of distributed hardware.The advantages of mobile cloud computing technology can be summarized into the following aspects. Firstly, it breaks through the hardware limitation of terminals and facilities data acquisition. Compared to desktop computers, the significant problem of mobile terminals is lack of resources, mainly reflected in less screen area, limited computing capability, shortage of storage resource and restriction of battery capacity etc. Generally, mobile cloud computing is considered to be a Software-as-a-Service (SaaS) cloud, it transferred the calculation and processing functions of application from the terminal to the cloud. Mobile terminals are able to use the computing resources, storage space and variety of software applications supplied by cloud service providers without doing much work but to send commands and receive data through the browser to the "cloud". Secondly, mobile cloud computing reduces the requirements of network and simplifies the way to realize business. For example, when users need to view a file, it is not necessary to send them the entire file but only give them the part they needs. This helps to provide different users with different service experiences in accordance with actual needs under the limited bandwidth circumstances. Since the application is implemented and deployed on the powerful server side, terminals are not aware of the specific implementation method, thus it is much easier to extend the application and realize interaction with users in a uniformInternational Conference on Computer, Communications and Information Technology (CCIT 2014)manner (for example, through a browser) on terminals. Finally, thanks to the huge resource pool of cloud computing, users of mobile cloud computing can buy services on their demand, just like purchasing water, electricity and gas. The versatility of "Cloud" reduces the cost of managing and using, and increases the utilization of resource significantly.B. Inevitability and NecessityThe development of information technology impelled the changing needs of users, traditional services such as SMS, MMS, downloads etc. can not meet the needs of mobile phone users. Mobile Internet provides good communication architecture for users from the terminal to the data center, with the popularity of smart phones and increasing variety of applications, terminals need to do more and more computing work, which is a major constraint for a mobile terminal with limited resources. Use cloud computing technology to carry out remote computing and data storage, this problem will be solved. Cloud computing brings the huge computing and storage capacity of companies into play, correspondingly, performance bottlenecks of terminal will gradually disappear. Another benefit of cloud computing is more convenient and efficient data sharing, for business users, the use of cloud storage can greatly coordinate the progress of work, and achieve collaboration of mobile computing and desktop computing.On the other hand, cloud computing technology aggregates the telecommunication and Internet capabilities into the “cloud”and is open to developers, this will help to change the situation that mobile services provider has low level of participation in mobile internet business, and enhance the position of mobile services provider in the chain of industry by operating the platform. Therefore, to provide mobile internet services based on cloud computing technology is an important method and inevitable choice for telecom services providers to increase competitiveness and avoid becoming mere "pipe".C. Framework of Mobile Cloud ComputingThe large scale of computation and shared mode of storage resources of cloud computing has brought significant influence to the whole architecture of the mobile Internet. The application framework of mobile internet including cloud computing can be divided into three levels, involves "terminal", "network" and "cloud", shown in Fig.1. "Terminal" refers to the mobile terminal equipment of users, it is the platform to display various businesses and interact with users, which can be smart phones, laptops or PDA. "Network" involves the total part of the mobile internet, including the access network and the Internet. Since the terminals have different types, there are different kinds of access methods for mobile internet, such as GPRS, 3G, Wi-Fi, etc. "Cloud" refers to the comprehensive system composed by infrastructure, platform and application software, which provide IaaS (Infrastructure-as-a- Service), PaaS (Platform-as-a- Service) and SaaS (Software-as-a- Service) services. The infrastructure consists of parallel distributed computing systems, servers, storage devices, databases and other components. Platform includes operating platform, supporting platform, development platform etc., while application software includes various kinds of software, data and information.3.Threats of Private Security under Mobile Cloud ComputingThe combination of cloud computing and mobile internet will not only face the double security threats from traditional internet and mobile communication network, but also introduced the security risks of cloud computing technology, which brings unprecedented data security challenges to user’s data under mobile cloud computing environment. On one hand, the right of ownership and management of user data will be separated in the model of mobile cloud computing, user has to transmit, access, store and use their data through the mobile internet and cloud platforms. How to prevent user’s data from lost, stolen, tampered during network transmission? How to ensure cloud computing service provider has did correct storage, manage, access and destruction? That is the major problems for the security of user data. On the other hand, the property, location, movement trajectory, using habits and other private information of users have also become highly sensitive data under the mobile cloud computing model. How to prevent illegal positioning, tracking, privacy mining have become an important issue related to the safety of users.According to the framework of mobile cloud computing, security of user data under mobile cloud computing environment should run through the different levels of network system, including the security of mobile terminals, security of mobile internet and security of cloud computing platform.A.Security Issue of TerminalMobile terminal is the most important part to distinguish the mobile internet with the fixed internet, and it has become a part of people’s modern life. The high sticky degree of mobile terminal to people and its always-on feature is likely to attract eavesdropping and surveillance problems, leading to higher sensitivity of user data and more dangerous when information has been revealed. Operation systems of intelligent terminals nowadays are not perfect, and there are many security vulnerabilities yet to be resolved. As the client-side of applications under mobile cloud computing environment, browsers still have some software vulnerabilities. What’s more, users of mobile internet are lack of safety awareness while using cloud services compared to PC users. It is easy to be infected with the virus or intrusion while receiving SMS, MMS or browsing mobile web, downloading and installing software, result in data leakage (lost address book, local files, phone-call and internet records, location information, schedules, various network accounts and banking passwords, etc.), equipment damage (terminal crash, slow down, function failure, system formatting, frequent automatic restart, etc.) and economic losses (pirate the call, malicious ordering the SP business, send MMS, etc.).Fig. 1 Framework of mobile cloud computingB. Security Issue of NetworkCompare with the traditional internet, users of mobile cloud computing need to get resources and services via the wireless communication network. Because mobile internet has increased the wireless access method, and introduced a large number of WAP gateway, IMS equipment into the IP network, many new security threats emerged in the mobile internet [3]. The nature of wireless transmission decided mobile cloud computing has some security risks in connection authentication and data protection aspects. Among them, access to the network illegally by breaking the wireless interface and monitoring, stealing, attacking the message transmitted on the air interface is particularly prominent. Secondly, as a part of the internet, mobile internet is also faces the threats of virus and security challenges from the internet. Differently to the traditional internet, mobile internet has introduced NAT (network address translation) technology because of the limited IP address resources of IPv4. Although it has solved the shortage of address resources effectively, it has also destroyed the transparent "end to end" architecture of internet. Finally, the real-name system of mobile phones has not yet popularized in China, which provides the opportunity for criminals. Illegal terminals may enter into the wireless communication network by a fake identity and carry through variety of destructive activities, making the mobile internet to become one of the main roads to carry out cyber crime. C. Security Issue of CloudThe new security risks introduced by cloud computing to the mobile internet are mainly reflected in the end of cloud services [4]. Firstly, virtualization technology brings scalable features to cloud computing, but virtual machines of different users might be running on the same physical storage device, if the software of virtual machine has some security vulnerabilities, the user's data may be accessed by other users running on the same physical storage devices. If the physical host has some problems, then all the virtual machines runningon it will have problems. Secondly, the data of different user's is stored and managed centrally under the cloud computing environment. How to ensure the security management and access control mechanisms of cloud service providers are accord with the security needs of customers? How to implement an effective security audit and monitor the safety of data operation? How to avoid the potential risks of coexistence multi-users under cloud computing environment? These are all serious problems waiting to be solved. Thirdly, user's data and service application are located in the cloud computing system, their business processes will depend on the services provided by cloud computing providers, which proposed new challenges to the service continuity of cloud platform, SLA and IT processes, security policies, event handling and analysis. When the cloud system goes wrong, how to recover user data rapidly has become an important issue. Finally, cloud platform is easily to become the target of hackers due to the highly concentrated users and information resources. Destructive consequences caused by denial of service (DoS) attacks will significantly worse than that on traditional network.4. Protection Strategy of Private SecuritySecurity of privacy data is the most important issue that user concerned about under mobile cloud computing environment, it will directly affect the development of variety of business. The security of user data should be considerate from many aspects such as transmission, storage, isolation, encryption, data access and etc. According to the three levels framework of mobile cloud computing, and take the security safeguards for internet and cloud computing for example, protection of privacy data under mobile cloud computing should be carried through from the following aspects. A. Terminal SecurityTo protect user information on the mobile terminals, prevention is more important than technical method. Passwordcan be set on the terminals to authenticate the user’s identity and to prevent the leakage of user data on the terminals when it is lost or stolen. In addition, the lost data on mobile terminals can be erased by some devices or remote server in order to prevent private information falling into evildoer. Improvement of using habits, enhance the awareness of virus prevention, install anti-virus software are all the effective manners to prevent malicious software attacks. Select legitimate location server and appropriate location privacy protection method will maximize the protection of private information such as location, trajectory and using habits while using the location-based services.work SecurityOn the side of network, the work is to enhance the access and transmission security of mobile internet. Take the technical advantages of the authentication and traceability of mobile internet and bind the user address and identity, so that authentication can be traced to fully play its deterrent effect and strengthen the control of user’s behaviours, the overall strength of the network security will be improved [5]. In addition, besides the transmission of data needed by services, there has more data transmission caused by dynamic adjustment of data under the mobile cloud computing environment. The biggest threat for this kind of data transmission is to be transmitted directly in clear text without any measure of encryption. Therefore, adopt secure transport protocols and “end-to-end” encryption method can effectively ensure the confidentiality and integrity of information during transmission.C.Cloud SecuritySecurity mechanisms on the side of cloud platform should be considered from the storage of data, isolation, encryption, access control and etc. Take Amazon for example, data storage process in S3 system will generate an MD5 hash automatically, eliminated the burdensome work of using additional tools to generate verify result and ensured data integrity effectively. IBM designed the "ideal lattice" mathematical objects, using homomorphic cryptography mechanism to accomplish data operation in the state of encryption without disclose the private information, which is a good solution to the privacy problem of user data in cloud computing. In cloud computing environment, the physical security boundary of system will gradually disappear, replaced by the logical security boundary. Cloud computing systems widely use "Multi-Tenancy" architecture, and data of all users are shared in the "cloud". In order to ensure the effective isolation of data, Shared Schema Multi-Tenancy, Separated Database or Shared Database Separated Schema can be used to solve the problem of data isolation. Finally, strengthen the access control of user data and system business within mobile cloud computing [6], through unified authentication technology, resource certification, collaborative certification, and authentication between different security domains or multiple authentication methods [7], may prevent unauthorized access to user data and illegal modification or interruption of business processes.5.ConclusionMobile cloud computing is the inevitable product of the integration of mobile communications, internet and cloud computing technology. The evolution trends of intelligent terminals should not just be a micro-PC. Application of cloud computing combined with 3G bandwidth and reasonable rates, microphone of intelligent terminals will become the ear of user, the camera will become the eye, GPS chip will become the guide…. Take full advantage of these features, the mobile internet will bring user excellent experience far beyond the traditional internet. For the future development of mobile cloud computing, "cloud" will be the core of the service, terminal is the carrier and presentation platform, privacy security is the main restrict problem affecting the popularization of all kinds of business.AcknowledgmentThis work is supported by the National Natural Science Foundation of China (61363078) and Natural Science Foundation of Gansu Province (2013GS09563).References[1]Huatai business research institution, “2013-2017 China Mobile InternetIndustry Market Outlook and Investment Analysis Report and Strategic Planning”, 2013.[2]Ruyue Deng, Chuan Qin, Xianzhong Xie, “Application status andproblem analysis of mobile cloud computing”, Journal of Chongqing University of Posts and Telecommunications (Natural Science Edition), Vol.24, no. 6, pp. 716-723, Dec. 2012.[3]Bingyi Fang, Yunyong Zhang, Jun Wu, “Analysis on mobile internetapplication security issues based on the cloud computing mode”, Telecommunications Science, 29(3), PP.41-47, 2013.[4]Zissis Dimitrios, Lekkas Dimitrios, “Addressing cloud computingsecurity issues”, Future Generation Computer Systems, 28(3), pp.583-592, 2012.[5]Fang Ming, Yaxiong Peng, “Security and strategy of mobile internet”,Communications Technology, Vol.46, No.04,pp.19-21, 2013.[6]Tiande Tong, Xudong Liu, Taofeng Guo, et al, “Analysis and practice ofcloud computing information security”, Telecommunications Science, 29(2), pp.135-141, 2013.[7]Elisa Bertino, Federica Paci, Rodolfo Ferrini, “Privac y-preserving DigitalIdentity Management for Cloud computing”,/articles/Engineering/2009/BODE-09-vol-32-1-3.pdf.。

云计算环境下的数据安全与隐私保护1. 云计算的普及和发展，使得大量的数据被存储和处理在云端平台上，给人们的生活带来了极大的便利。

然而，随之而来的数据安全和隐私保护问题也成为了人们关注的焦点。

2. 在云计算环境下，数据的安全性是至关重要的。

数据的泄露不仅可能导致个人隐私的泄露，还可能对企业和社会造成严重的经济损失和社会影响。

3. 为了保证在云计算环境下数据的安全性，首先需要加强对数据的加密保护。

通过对数据进行加密处理，可以有效地防止数据在传输和存储过程中被非法获取。

4. 另外，在云计算环境下，数据在传输和存储过程中也可能受到中间人攻击的威胁。

因此，建立起安全的传输通道和访问控制机制也是非常关键的。

5. 除了加强对数据的加密保护和建立安全传输通道外，用户在选择云服务提供商时也需要考虑其安全性和隐私保护措施。

选择有信誉和专业的云服务提供商可以有效降低数据泄霁的风险。

6. 此外，在云计算环境下，合规性和监管也是保障数据安全和隐私保护的重要手段。

建立严格的数据管理规范和监管机制，确保数据的使用和存储符合法律法规，对于维护数据安全至关重要。

7. 在云计算环境下，用户的数据隐私也是需要得到充分保护的。

在数据处理和分析过程中，需要严格遵守数据保护法规，对用户的个人信息进行隐私脱敏处理，以保护用户的隐私权益。

8. 除了加强对数据的隐私保护外，用户在使用云服务的过程中也需要注意自身的数据安全意识和保护措施。

不轻易泄露个人隐私信息，定期更新密码和加强账户安全措施都是保护个人数据安全的重要手段。

9. 总的来说，在云计算环境下的数据安全和隐私保护是一个综合性的问题，需要各方共同努力才能够有效解决。

只有加强对数据的保护和管理，才能够在云计算时代实现数据的安全和隐私保护。

10. 随着云计算的快速发展和普及，数据的安全和隐私保护问题也变得越来越重要。

只有充分认识到数据安全和隐私保护的重要性，采取有效的措施和手段，才能够有效保障用户的数据安全和隐私权益。