Work place: School of EECS, Peking University, Beijing, China
E-mail: chen@infosec.pku.edu.cn
Website:
Research Interests: Software Creation and Management, Computer systems and computational processes, Embedded System, Information Security, Network Security, Enterprise Information System
Biography
Zhong Chen is currently a professor of School of EECS, Peking University, and director of the Network and Information Security Research Group of the Software Institute. He received his B.S. and Ph.D. degrees from Peking University, in 1983 and 1988 respectively. He has wide interests in network and information security, system software and embedded system, SW/HW co-design methodology and domain-specific software engineering.
He is IEEE and Computer Society Member, Senior Member of Chinese Institute of Electronics since 1996, Managing Director of Directorate of China Software Industry Association since 1998, Co-chair of professional committee of Information Security and Privacy of China Computer Federation since 2002, Expert of Technical Auditing Committee of securities online trading, China Securities Regulatory Commission, and Vicechairman of Editorial Committee of the Journal of Network Security Technologies and Application since 2001.
By Jianbin Hu Yonggang Wang Cong Tang Zhi Guan Fengxian Ren Zhong Chen
DOI: https://doi.org/10.5815/ijcnis.2011.03.01, Pub. Date: 8 Apr. 2011
In current cloud services, users put their data and resources into the cloud so as to enjoy the on-demand high quality applications and services. Different from the conventional services, users in cloud services lose control of their data which is instead manipulated by the large-scale cloud. Therefore, cloud service providers (CSP) guarantee that the cloud which they provide is of high confidence in accuracy and integrity. Traditional penetration test is carried out manually and has low efficiency. In this paper, we propose FPTC, a novel framework of penetration test in cloud environment. In FPTC, there are managers, executors and toolkits. FPTC managers guide FPTC executors to gather information from the cloud environment, generate appropriate testing scenarios, run matched tools in the toolkit and collect test results to do evaluation. The capacity and quality of the toolkit is a key issue in FPTC. We develop a prototype in which FPTC is implemented and the experimental results show that FPTC is helpful to automatically carry out penetration test in cloud environment.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals