Abstract:
Most of the cloud workflow systems work in the static and homogeneous environment, which will not only lead to fault propagation, reducing the fault tolerant capability of the system, but also make it easier for attackers to acquire the system environment information, helping them to launch accurate attacks. To solve the problem, the task scheduling method for cloud workflow security is proposed. On the basis of the multi-level task division mode in the workflow system, this method employs the task scheduling to avoid the consistent attacks on specific tasks. In order to effectively prevent the attackers from detecting the task execution environment, the diverse operating system images are used to build the heterogeneous task executors, and then the task execution environment is switched dynamically based on these heterogeneous executors, ensuring the randomness of the system environment of cloud workflow. Furthermore, in order to improve the security gain of the heterogeneous systems, the heterogeneity degrees of the executors are quantified, and the quantization results are mapped to the scheduling selection probability, ensuring a significant difference in task execution environments before and after the scheduling. In the experiment, three kinds of attack methods are simulated to test the security of the improved cloud workflow system, and experimental results demonstrate that this method can effectively improve the security of the cloud workflow systems.