Cloud security is a system engineering problem. A common approach to address the problem is to adapt existing Trusted Network Connection (TNC) framework in the cloud environment, which can be used to assess and verify end clients’ system state. However, TNC cannot be applied to network equipment attached to the cloud computing environment directly. To allow the network devices to access the trusted network devices safely and reliably, we first developed a Trusted Network Equipment Access Authentication Protocol (TNEAAP). We use the BAN logic system to prove that TNEAAP is secure and credible. We then configure the protocol in an attack detection mode to experimentally show that the protocol can withstand attacks in the real network. Experiment results show that all the nine goals that decide the protocol’s security have been achieved.

Traffic analysis and traffic abnormality detection are emerged as an efficient way of detecting network attacks in recent years. The existing approaches can be improved by introducing a new model and a new analysis method of network user’s traffic behaviors. The description dimensions to network user’s traffic behaviors in the current approaches are high, resulting in high processing complexity, high delay in differentiating an individual user’s abnormal traffic behavior from massive network data, and low detection rate. To improve the detection rate and efficiency, we develop a new method of establishing user’s traffic behavior analysis system based on a new model of network traffic monitoring. First, we establish a more complete feature set based on the characteristics of network traffic to describe massive network user’s behaviors. Then, we define a feature selection rule based on the relative deviation distance to select the optimized feature set. We use the selected feature set to locate the abnormality moment and the users who produce the abnormal traffic behavior. Finally, a traffic behavior analysis method based on prediction is developed to improve efficiency of the system. This new method is applied to evaluate the mobile users on mobile cloud. The experimental results show that the proposed method has a higher detection rate and lower delay in the analysis of abnormal user’s traffic behavior than that of the existing approaches.

Software Defined Network (SDN) architecture has been widely used in various application domains. Aiming at the authentication and security issues of SDN architecture in autonomous decentralized system (ADS) applications, securing the mutual trust among the autonomous controllers, we combine trusted technology and SDN architecture, and we introduce an authentication protocol based on SDN architecture without any trusted third party between trusted domains in autonomous systems. By applying BAN predicate logic and AVISPA security analysis tool of network interaction protocol, we can guarantee protocol security and provide complete safety tests. Our work fills the gap of mutual trust between different trusted domains and provides security foundation for interaction between different trusted domains.