Yuxiang Dong’s research while affiliated with China Mobile Group Design Institute Co. Ltd. and other places

A hybrid cloud becomes the preferred solution when enterprises deploy cloud service. Using new technology such as software-defined network (SDN) and network virtualization to form a network will be the trend of the future. This paper introduces the new safety protection opportunities brought by new network technologies, and analyzes the challenges and risks of hybrid cloud system using these technologies. Finally, it puts forward the corresponding solution.

Hybrid cloud is composed of enterprise private cloud and public cloud tenant network. It has effectively reduced construction cost, improved enterprise IT construction efficiency and expansibility of private cloud, and brought security risk such as fuzzy boundary at the same time. This thesis studies the common access control means used in current hybrid cloud and has proposed a unified strategy control mechanism to address hybrid cloud. By applying software-defined network and network function virtualization, the mechanism has succeeded in multi-granularity of flow in east-west direction and in north-south direction of virtual network, realized internally unified access strategy, and improved the efficiency and flexibility of access control.