为了保障云端计算环境中任务的计算私密性,防止恶意节点或竞争对手窥探任务的内部逻辑及实现目标,提出一种新颖的基于移动Agent的云端计算安全任务分割与分配算法.算法同时考虑集群服务器节点和用户终端节点的计算能力与各自特点,将任务合理地切分为若干子任务,采用移动Agent来携带子任务的代码和数据部署到适当的任务执行节点上执行.结合实验原型系统对该算法进行性能分析,结果表明其可有效地保障执行子任务的终端节点,即使窥探到分配给它的代码和数据,甚至协同攻击系统,也无法了解该任务的整体执行逻辑和总体目标等.国家“九七三”计划项目(2011CB302903)|国家自然科学基金资助项目(60873231)|国家教育部高等学校博士学科点专项科研基金资助课题(20093223120001)|江苏省科技支撑计划基金资助项目(BE2009158)|江苏省普通高校自然科学研究基金资助项目(09KJB520010)|国家教育部科技发展中心基金资助项目(2009117)|信息安全国家重点实验室开放课题(03-01-1)In order to protect the privacy of the task in the cloud & client computing environment and prevent the malicious nodes or the competitors from prying into the internal logic and objectives of the task, a mobile Agent-based secure task partitioning and allocation algorithm for cloud & client computing is proposed. The new algorithm takes into account the cloud computing cluster server nodes and user terminals nodes together, divides task into a number of appropriate sub-tasks, and utilizes mobile Agent to carry the code and data of sub-tasks to the suitable nodes in accordance with the corresponding task allocation for implementation. The result of developed prototype system shows that, under the protection of the algorithm, the malicious terminal node looking into the code and data of the sub-task assigned to it or even co-attacking the system still can not understand the overall workflow and final objective of the task
