Abstract
In the view that the traditional PC desktop management model can not meet the demand of teaching resources in colleges and universities, this paper introduces the cloud desktop technology into the teaching resource management of colleges and universities to improve the utilization rate of the teaching resources and the management level of the staff. In this paper, the author builds a 900-point cloud desktop system platform by using the cloud server and thin terminal of Huawei. Based on the virtualization technology and cloud computing security model, it realizes the unity of cloud desktop, resource sharing and ensures the security and remote control of data. The test application was carried out in the teaching and management of the training center on the cloud. Result of application indicates that cloud desktop is more efficient, convenient and safer than traditional PC in resource utilization, network requirements, hardware configuration, energy saving management and use of the model, and it also has a huge development advantages.
You have full access to this open access chapter, Download conference paper PDF
Similar content being viewed by others
Keywords
1 Introduction
The cloud desktop is a solution which is used to the replace PC. Desktop computing terminals are no longer using computer hosts, instead of computing power. The cloud desktop realizes the unity of the desktop and the sharing of resources through the cloud computing software. Therefore, the use of display and cloud terminal devices can achieve login, office, teaching and etc. [18]. In the view of virtual desktop overall system point, the client, transmission network, server, storage and other aspects, will have a security risk. Ignoring any details can lead to information loopholes in the entire system. As cloud computing provides maximum convenience for users and enterprises to use storage resources, software resources, and computing resources at a low cost, the biggest challenge to it, or the problem of it, comes from security. Security issues such as security boundaries, application security, cloud computing abuse, abuse, denial of service attacks, insecure interfaces and APs, shared technology issues, data leakage, account numbers, and service hijacking are particularly important.
The desktop cloud platform provides desktop services to end users through the virtual desktop architecture [7] VDI is a combination of remote desktop connectivity and virtualization technology. Through server virtualization technology, it runs multiple virtualized hosts on a physical server. Each virtualized host has independent computing, network, software and other resources, installing and running their own client operating system. Such as Windows 7, Windows XP or Linux. Each virtual machine is independent of each other without affecting.
Users connect to the virtual machine remotely via the desktop transport protocol and get their desktop environment users local terminals or PCs only by running a remote desktop connection client program to get complete computer software and systems and other resources [32]. Cloud desktop in the performance of centralized management, resource sharing, high efficiency operating advantages at the same time, its complex system management problems, the problem of the resources are difficult to effectively use, security issues, also plagued IT administrators. The author analyzes the construction, operation management and maintenance of cloud desktop in the virtual simulation training center of Changchun University of Finance and Economics, summarizes the mainstream cloud desktop security management technology at home and abroad and designs the corresponding cloud management model according to the unit’s own situation [33].
2 The Key Technologies of Cloud Desktop Management
Technology of cloud desktop management involves in Web technology, cloud computing virtualization technology, data mining and other technologies. Therefore, the cloud desktop management technology has many problems to study, the most basic is the platform monitoring technology, resource optimization technology and security technology. The following is a brief introduction to the three aspects combined with the Institute of practical training center [3].
2.1 Monitoring the Desktop Virtual Terminal, Simplifying the Management Model
The desktop system is more complex and consists of several components, such as server, storage, and network. There are multiple management terminals, each of which is difficult to have a clear understanding of the system; Fault location is difficult, and it is necessary to analyze multiple systems to solve the problem.
The virtualization technology of cloud desktop uses the background cloud server to perform the monitoring and management of the performance of the CPU, memory, terminal, network and other aspects of the virtual terminal. Through detailed data monitoring, it can effectively manage the resource utilization problems existing in terminal use, ensure that the cloud desktop platform has the maximum limit and optimal use system resources. when using the CPU resource footprint, insufficient memory and the virtual hard disk space in the platform virtual desktop, it can quickly make the intuitive response to the purpose of the warning. Platform monitoring interface shown in Fig. 1.
The cloud desktop platform monitoring of the Institute training center
2.2 Monitoring the Virtual Desktop Environment to Improve Utilization of Resource
It is difficult to management the desktop cloud resource: resource allocation is difficult to do effective management. With a long time running of the cloud desktop system, virtual resources can not be effectively used. For example: If cloud desktop does not shut down for a long time, virtual resources can not been recycled, resources are not enough to be allocated for a large part of other virtual desktops, resulting in a serious resource idle and waste.
Monitoring the usage of the virtual host, storage, virtual machine through the background management terminal and analyzing statistics, resource recycling is carried out by the virtual machine that distributes the resources in excess, the resource allocation is increased to the virtual machine with insufficient resource allocation, and the overall environment and the user experience is improved. Virtualization resource management interface is shown in Fig. 2.
Virtualization resource management of the Institute training center
2.3 Auditing the User Behavior of the Virtual Desktop, Ensuring System Security
It is difficult for desktop cloud security audit: It is difficult to audit illegal login behavior, as virtual desktop login behavior is lack of control.
Virtual desktop operating behavior lacks control, it is difficult to audit illegal operation behavior.
When the operator operates the key equipment (server, secret machine), he will record the operation of the screen image recording; while the screen element information is also recorded at the same time; Auditors are audited on the server by looking at audit records. Log audit management records for system run are shown in Fig. 3.
The user behavior audit log management of the Institute training center
3 The Build and Design Scheme of Cloud Desktop Platform
3.1 The Overall Architecture and Planning of the Platform
Based on the Center’s teaching and office planning, we will plan to build the cloud desktop system platform of the 900-points in the center. The platform adopts Huawei’s cloud server and cloud thin terminal, the user goes through the terminal and protocol of the desktop display to access address or portal of the cloud desktop, the access address or portal generally preload the load balancing device [20]. The user manage server, going through management system of the user, to verify the user identity usually by Microsoft’s AD (Active Directory), the request is directed to a random or custom cloud desktop after the authentication. Then the user logs in the cloud desktop, he or she visits the business system as if he logged on to the local desktop [34]. According to the above plan described the infrastructure shown in Fig. 4.
Schematic diagram of the cloud desktop infrastructure
3.2 The IP Address Design of Overall Network Planning and Information
Based on the number of the above-mentioned architecture and information points to plan the network topology of the planning center, for each information thin terminal allocation of resources and fixed IP address so that the background cloud server-side seamless docking. Network topology planning specific description:
-
(1)
All terminals can access the Internet, going through core switch of the campus network leads to an interface to connect the export firewall of the training center, all the address of the training center will be interconnected with campus network and Internet by the default route.
-
(2)
The uplink of internal core switch of the training center is connected with the firewall, and the downlink is connected to the access switch of each terminal directly through the multimode fiber link. At the same time, the CE5855 switch is connected with the 10GE port, and the CE5855 switch is connected with the service interface of each server.
-
(3)
Two CE5855 switches to be stacked, are interconnected with the core switch at the same time, and configure the link aggregation.
-
(4)
Network management software to manage all the network equipment. The network topology scheme is shown in Fig. 5.
Fig. 5. 
The cloud desktop platform network topology diagram of Changchun University of Finance and Economics
3.2.1 The Design of Platform System IP Address
According to the network topology planning program, processing IP address design, and information and IP address are allocated for the thin terminal client. The VLAN number only valid in the training building; is forwarded by three-way routing after arriving on the campus network. The specific allocation plan in Table 1.
3.2.2 Set up a Cloud Desktop
According to the above program for the IP and network and user configuration, to build the cloud desktop landing interface of the college training center and compared with the traditional PC desktop, as shown in Fig. 6.
Cloud desktop and traditional PC login interface in college training center
4 Cloud Desktop Management Plan, Algorithm and Resource Scheduling Strategy
4.1 The Advantages of Cloud Desktop Compared with Traditional PC
In the resource utilization, network requirements, hardware configuration and energy saving, efficient and convenient management and operating model of cloud desktop has a greater advantage than the traditional PC. Taking training room construction and traditional laboratory construction in training center of Changchun University of Finance and Economics as an example: the current standard laboratory rooms to accommodate about 96 sets of computer equipment cost about 850,000 yuan, while through the introduction of cloud terminal training room of cloud service to accommodate The number of terminals to accommodate more than 120 cost 400,000 yuan, which saves the cost and greatly enhance the efficiency of use. In the traditional room each room needs an administrator, while in the training room the entire building needs two administrators to meet the management requirements. Table 2 gives a detailed comparison.
4.2 Virtual Resource of Cloud Desktop Management
The key technologies of cloud data center Virtual resource management: resource virtualization, the virtual machine deployment provided by resource, resource scheduling, and virtualized migration. The structure of its resource management is shown in Fig. 7.
The virtual resource management structure of cloud desktop
4.3 Resource Allocation Strategy and Scheduling Algorithm of Cloud Desktop Management
4.3.1 The Allocation Strategy of Cloud Resource
Cloud computing technology enables the allocation of resources on demand and increases the system utilization and overall performance. Resource allocation strategies need to meet the various parameters, such as throughput, delay, response time and so on. Due to the limited resources, heterogeneity of resources, geographical constraints, the dynamics of the environment and resource requirements, we need an effective resource allocation system to provide users with the best resources. To this end, we propose a model of cloud resource allocation [22].
For the free resource there are N user requests, the t (1 ≤ t ≤ n) user requests the cloud system to provide K (t) VMs so that R (t) is the maximum of network distance between the virtual machines for the t user, the network diameter \( {\text{R}}\left( {\text{t}} \right) = { \hbox{max} }\left\{ {\left| {{\text{eij}}\left( {\text{t}} \right)} \right|: \, 1\, \le \,{\text{i}},{\text{ j}}\, \le \,{\text{K}}\left( {\text{t}} \right)} \right\} \) is optimized to minimize the sum of the virtual machine network diameters of each user. The objectives are as follows:
4.3.2 Cloud Resource Allocation Algorithm
Here we study a cloud resource allocation method based on “ant colony algorithm” [19]. Ant colony algorithm is a kind of bionic algorithm which is similar to the path of the natural ants. The ant colony algorithm illustrates the optimal allocation strategy of resources by describing the question how the ants find the optimal route. The optimal allocation model of resource allocation is constructed by using the optimal allocation solution of the ant colony algorithm. The algorithm is applied to the problem of cloud service resource allocation. The effective allocation of terminal resources is solved effectively by the cloud server, avoiding the waste of resources.
5 Construction and Application of Cloud Security Management Model
5.1 Building a Management Model of Cloud Security
The relationship between cloud computing models depends on its three basic core architectures: IaaS virtualization technology, PaaS distributed technology, and SaaS online software technology. These three core architectures together constitute the basic cloud computing security reference model, at all levels play an important role. The relationship between them is shown in Fig. 8 [1].
The security reference model of cloud computing
IaaS covers hardware platforms such as servers, networks, storage, and infrastructure. PaaS is located above IaaS and is provided to current users through the Internet using distributed software development, testing, and deployment environments as services [9]. PaaS can be built on virtualized resource pools in IaaS and also can be built on physical infrastructure in data centers. SaaS is based on the Internet to provide a software service application model that passes the server software to users through the browser, which can be used by users online [4]. The cloud security architecture is important at all levels, and its core needs remain the protection of the confidentiality, integrity, availability, and privacy of applications and data [2]. The content of cloud computing in the three security layers of data, application and virtualization (see Table 3), and its corresponding coping strategies and technologies are worthy of in-depth study [10].
5.2 The Cloud Applications of Teaching and Management in the Training Center
Combined with the training center operation of Changchun University of Finance and Economics, through the cloud terminal management platform, teachers and students can undertake courses and make an appointment through the management platform, such as training room use appointment and opening time booking and other functions. The teacher can also conduct student attendance in the platform, which greatly facilitates the development of teaching and meets the needs of the management of the training room. In the security management, cloud server unified security configuration and risk prevention through cloud server, avoiding the problem of low efficiency of traditional single investigation and killing. Cloud server by customizing all kinds of templates compared with the traditional way of computer room clones to be more efficient, for example: for the paperless examination system template issued to cloud desktop, on the normal teaching system template issued back to the state of the class. The use of teaching software greatly improves students’ practical ability and manipulative ability, such as: cloud server saves a lot of time for software installation; there are dozens or more of the teaching software installed on the server side; it is more intuitive to access online teaching through the cloud desktop in B/S mode. In summary, cloud desktop is widely used in both teaching and management, which makes up for some disadvantages of traditional PC desktop. See Fig. 9 for details.
The applications of cloud laboratory management platform and simulation teaching software
6 Summary and Outlook
Through the construction of the actual training room and the research of some problems that may exist during the use of virtual simulation training center in colleges and universities, the paper give practice from cloud desktop platform construction, the key technology of cloud desktop management, cloud desktop management strategy, algorithm and scheduling and the construction of cloud security model from several aspects, the test application was carried out through the cloud in the teaching and management of the training center. Research and test results show that the use of cloud desktop technology can effectively solve the traditional PC mode to the disadvantages of the teaching and management, cloud desktop technology for teaching and curriculum design provides a great convenience in resource management, risk monitoring, behavior management etc. By introducing a cloud desktop technology, to engage in a variety of training rooms B/S software teaching makes the university keep ahead in the same level of colleges, at the same time to save cost and improve the quality of teaching play an important role.
In the future, the research should focus on remote control management of cloud servers, cloud network security, dynamic allocation and recycling of cloud resources. Apply cloud security protection to campus network security management, and make efforts to become more intelligent and platform.
References
Wenchao, S., Ye, W., Yong, H., Zengshou, L.: Simulation of cloud intrusion detection model in cloud computing network under large data environment. West China Sci. Technol. 08, 86–88 (2015)
Lin, C., Su, W., Meng, K., Liu, Q., Liu, W.: Cloud computing security: architecture, mechanism and model evaluation. J. Comput. Sci. 36(09), 1765–1784 (2013)
Xu, Y., Gao, F., Shang, F., Zhu, J.: New cloud security solution and its key technology. Huazhong Univ. Sci. Technol. (Nat. Sci. Ed.) (S1), 74–78 (2012)
Ji, Y., Kang, J., Pan, Q., Kuang, Z.: A cloud computing security model and architecture design research. Inf. Netw. Sec. (06), 6–8+22 (2012)
Chengqing, G.: Based on artificial intelligence network intrusion detection system design. J. Nanning Vocat. Tech. Coll. 05, 98–100 (2009)
Yuan, Y.: Artificial intelligence and network security. Neijiang Technol. 12, 103+172 (2009)
Xiao, T., He, H., Liang, R.: Desktop cloud in the university computer laboratory application. Lab. Sci. (01), 82–84+88 (2015)
Xiangyan, N., Shunyi, Z.: Network security status and technology development. J. Nanjing Univ. Posts Telecommun. (Nat. Sci. Ed.) 05, 49–58 (2012)
Muthurajan, V., Narayanasamy, B., Huang, X.: An elliptic curve based Schnorr cloud security model in distributed environment. Sci. World J. 2016, 1–8 (2016)
Xue, H., Zhang, Y., Guo, Z., Dai, Y.: A multilevel security model for private cloud. Chin. J. Electron. 02(02), 232–235 (2014)
Dongxing, H.: Based on artificial intelligence information network security situational awareness technology. Inf. Commun. 06, 80–81 (2012)
Chu, M.-F.: Study on key technology of network security management based on artificial intelligence theory. Comput. CD-ROM Softw. Appl. 23, 95+108 (2012)
Gao, Z.: Design and implementation of campus network security management system in grid environment. J. Univ. Electron. Sci. Technol. China
Wenhua, H., Zhigang, C.: Network security status analysis and development trend. Commun. Technol. 10, 30–33 (2007)
Basak, D., Toshniwal, R., Maskalik, S., Sequeira, A.: Virtualizing networking and security in the cloud. ACM SIGOPS Oper. Syst. Rev. 4(44), 86–94 (2010)
Chang, Y., Zhang, Z., Wang, J.: A security protocol for trusted access to cloud environment. Recent Adv. Electr. Electron. Eng. 02(08), 1 (2015)
Wang, T., Liu, S.: Cloud desktop technology in the construction of educational information. Comput. CD-ROM Softw. Appl. 18(02), 228+230 (2015)
Wu, Y.: Cloud desktop technology in the computer room management application. Jilin Univ. Eng. Technol. (10), 94–96 (2015)
Miao, P.: Ant colony optimization algorithm in cloud computing resource allocation on the application. Shandong Normal University (2015)
Han, X.Y.: Design and implementation of cloud desktop management platform based on virtualization. Beijing Jiaotong University (2015)
Addis, B., Ardagna, D., Panicucci, B., Squillante, M.S., Zhang, L.: A hierarchical approach for the resource management of very large cloud platforms. IEEE Trans. Depend. Sec. Comput. 05(10), 253–272 (2013)
Zhang, J., Xu, Z.J., Li, Y.: An optimal resource allocation method for aircraft subassembly system based on graphic ant colony algorithm. Adv. Mater. Res. 156(1035), 1397–1403 (2011)
Li, H., Wang, L.P., Li, G.S., Liu, Z.X.: The industry management system based on virtualization and cloud computing. Adv. Mater. Res. 488(1693), 782–786 (2012)
Yan, T., Li, D.: Virtual cloud desktop technology research and implementation. J. Chengdu Univ. (Nat. Sci. Ed.) (02), 145–147+155 (2013)
Pan, F.: Cloud computing security model and management. Electron. Technol. Softw. Eng. 16, 250–251 (2013)
Jiang, Z.: On cloud computing security model and management. Electron. Technol. Softw. Eng. 16, 253 (2013)
Hua, X., Chung, J., Hu, W.: Ant colony optimization based on cloud computing environment resource allocation algorithm. J. East China Normal Univ. (Nat. Sci. Ed.) (01), 127–134 (2010)
Huang, J., Wang, Q., Zhi-Qin, L., Wang, Y.: Ant colony algorithm is based on resource state of cloud computing task allocation. Comput. Eng. Des. (9), 3305–3309 (2014)
Liu, S.P.: Research on cloud computing strategy based on security model. Appl. Mech. Mater. 644(3468), 1835–1839 (2014)
Zhao, G., Rong, C., Jaatun, M.G., Sandnes, F.E.: Reference deployment models for eliminating user concerns on cloud security. J. Super Comput. 61(2), 337–352 (2012)
Deboosere, L., Vankeirsbilck, B., Simoens, P., Turck, F., Dhoedt, B., Demeester, P.: Efficient resource management for virtual desktop cloud computing. J. Supercomput. 62(2), 741–767 (2012)
Jiang, F.J.: Cloud desktop technology in the application of the computer teaching management in colleges and universities. Donghua University (2016)
Wang, R.N.: Cloud desktop platform based on virtual technology in the teaching the application. J. Foshan Inst. Sci. Technol. (Nat. Sci. Ed.) 3, 56–60 (2016)
Wu, J.H.: Analyze the cloud desktop technology application in university training rooms management. J. Electron. Technol. Softw. Eng. 10, 178 (2016)
Wang, Z.G., Gao, Y., Wang, C.Y.: A desktop cloud build campus network office platform based on the application study. J. Netw. Sec. Technol. Appl. (10), 103–104 (2016)
Acknowledgement
The authors wish to express their gratitude to the national spark program project: Precise operation technology integration and demonstration of corn (No. 2015GA660004) for its generous support of this work.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 IFIP International Federation for Information Processing
About this paper
Cite this paper
Jia, H., Chen, G. (2019). Research and Application of Safety Management for Virtual Desktop in Colleges and Universities. In: Li, D., Zhao, C. (eds) Computer and Computing Technologies in Agriculture XI. CCTA 2017. IFIP Advances in Information and Communication Technology, vol 545. Springer, Cham. https://doi.org/10.1007/978-3-030-06137-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-06137-1_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-06136-4
Online ISBN: 978-3-030-06137-1
eBook Packages: Computer ScienceComputer Science (R0)
