Download - TTLV Duong Phuong Dong
-
HC VIN CNG NGH BU CHNH VIN THNG
---------------------------------------
Dng Phng ng
GII PHP AN NINH TRONG MI TRNG
IN TON M MY
Chuyn ngnh: K thut in t
M s: 60.52.70
TM TT LUN VN THC S
H NI - 2013
-
Lun vn c hon thnh ti:
HC VIN CNG NGH BU CHNH VIN THNG
Ngi hng dn khoa hc: TS V Trng Thnh
Phn bin 1:
Phn bin 2: ..
Lun vn s c bo v trc Hi ng chm lun vn thc s ti Hc vin Cng
ngh Bu chnh Vin thng
Vo lc: ....... gi ....... ngy ....... thng ....... .. nm ...............
C th tm hiu lun vn ti:
- Th vin ca Hc vin Cng ngh Bu chnh Vin thng
-
1
M U
in ton m my (Cloud Computing) ang l xu th ch o ca h tng IT trong
doanh nghip hin nay vi rt nhiu u im. Trong cc quy trnh nh gi h thng hin ti
xy dng mt m my ring hoc chung, bo mt c coi l mt trong nhng vn
quan trng c a ra xem xt u tin. Hiu c cc nguy c tn cng cng nh cc c
ch bo mt phng chng cc nguy c i vi cc h thng in ton m my s gip
ngi qun tr a ra c chin lc ph hp cho in ton m my ca doanh nghip
mnh.
Trong s cc sn phm cho mi trng in ton m my ni ln cc gii php ca
VMware ph hp vi nhiu m hnh khc nhau. Mt trong s l mi trng in ton m
my hng ti ngi s dng u cui (End User) VMware View. y l gii php rt ph
hp trong cc doanh nghip trong thi k kinh t kh khn nh em li nhiu li ch v chi
ph. Ngi dng c th truy cp vo ti nguyn lm vic ti bt c ni u khng nht thit
phi n vn phng m vn m bo hiu qu cng vic. H c th s dng PC ti nh, laptop,
in thoi thng minh, my tnh bng hay thm ch l cc thit b c tn gi l thin client c
th s dng cho mi trng in ton m my vi chi ph bo hnh thp. Mc d c nhiu
li ch nh vy nhng m hnh ny vn cha thc s c trin khai rng ri nht l Vit
Nam, mi ch dng li nhiu phng lab v demo PoC gii php. Mt trong s nhiu vn
m ngi dng cn e ngi l vn bo mt trong mi trng . c nhiu m hnh,
xut bo mt c a ra ti u nhng chng cng cha thc s hiu qu hon ton. Da
trn c s cc xut a ra nh gi a ra mt m hnh ti u hn cho mi trng in
ton m my, c th l m hnh MeMoc. Do khun kh ca lun vn, phm vi ca ti s
tp trung vo p dng chnh trn mi trng o ha ca VMware. y l mi trng c p
dng rt ph bin trong cc mi trng doanh nghip hin nay v c th ly lm chun chung
cho cc gii php.
B cc ca lun vn nh sau:
Chng I: Nghin cu v in ton m my v vic ng dng ti Vit Nam
Chng II: Nghin cu v bo mt trong mi trng in ton m my.
Chng III: Gii php bo mt an ton an ninh trong mi trng in ton m
my.
-
2
CHNG I: NGHIN CU V IN TON M MY V VIC
NG DNG TI VIT NAM
1.1 Mt s khi nim trong in ton m my
in ton m my l mt m hnh cho php truy cp ti nguyn d dng bt c ni
u ty theo yu cu ti cc ti nguyn my tnh gom li thnh mt khi (pool) chia s chung.
Khi ti nguyn ny c c im l c th nhanh chng cung cp v cng nh gii phng
trong khi gim thiu ti a cng sc qun l hoc can thip t nh cung cp dch v. Cc khi
nim c bn di c trch ra t [1].
Cc m hnh trin khai bao gm:
Public Cloud: m my cng cng.
Private Cloud: m my ring.
Community Cloud: m my cng ng.
Hybrid Cloud: m my lai ghp.
Cc dch v m hnh bao gm:
Software as a Service (SaaS): cung cp phn mm nh mt dch v.
Platform as a Service (PaaS): cung cp nn tng pht trin nh mt dch v.
Infrastructure as a Service (IaaS): cung cp h tng nh mt dch v.
Cc c tnh ca in ton m my bao gm:
Tnh mm do (Rapid Elasticity): c nh ngha l kh nng m rng ti
nguyn theo chiu ln v xung theo yu cu. i vi ngi dng, cloud nh
mt thc th v tn v h c th mua v s dng ti nguyn my tnh nhiu hay
t ty .
Kh nng o m (Measured Service): tt c cc kha cnh ca dch v cloud
c iu khin v gim st bi nh cung cp cloud. y l mt c im cn
thit tnh ton ha n iu khin truy cp, ti u ti nguyn, k hoch lu
tr v cc tc v khc.
Kh nng t phc v theo yu cu (On-Demand Self-Service): ngi dng c
th s dng cc dch v cloud theo yu cu m khng cn thm tc ng no
ca con ngi vi nh cung cp cloud.
-
3
Kh nng truy cp t bt c ni u (Ubiquitous Network Access): cc c tnh
ca nh cung cp cloud sn sng trn mng v c th c truy cp thng qua
cc gii thut chun t cc thit b u cui ngi dng (thick and thin client).
Kh nng gom ti nguyn (Resource Pooling): cho php nh cung cp dch v
phc v ngi dng thng qua nhiu m hnh. Cc ti nguyn vt l v o c
phn b v ti phn b theo yu cu ngi dng. Ngi dng khng c quyn
can thip hay c bit v v tr chnh xc ca cc ti nguyn c cung cp
nhng c th ch nh v tr ti cc mc cao hn (v d t nc, bang, trung
tm d liu)
1.2. Tnh hnh ng dng ca in ton m my
1.2.1 Tnh hnh chung trn ton th gii
T chc IDC l mt t chc kh uy tn trn th thi chuyn v kho st th trng,
phn tch v t vn c bit l trong cng ngh thng tin, vin thng v cng ngh tiu dng.
H c mt s kho st cho thy sc mnh ca in ton m my thc thi trong ngnh cng
nghip IT v gp phn truyn cm hng cho cc nh CSP. Cc kho st bao gm tng trng
ca m my, kha cnh bo mt, m my l u tin s mt vi nh cung cp, bo co li
nhun, mc s dng hin ti v tng lai, v th ca m my vi ngi dng IT v tnh
ph bin ca in ton m my [2]. Kh nng tng trng ca m my. Bng sau cho thy
kh nng tng trng ca m my t nm 2008-2012.
Year 2008 2012 Growth
Cloud IT Spending $ 16 B $42 B 27%
Total IT spending $383 B $ 494 B 7%
Total-cloud spend $367 B $ 452 B 4%
Cloud Total spend 4% 9%
T chc cng c nhng kho st v cc mt khc nhau ca in ton m my bao
gm: bo mt, mc ph bin,..
1.2.2 Tnh hnh ng dng ti Vit Nam
S dng cc dch v trn nn tng in ton m my ang l xu th trn th gii v
Vit Nam cng khng nm ngoi xu th y.
-
4
Hnh 1.8 Mt s nh cung cp dch v in ton m my [3]
C th thy r rt nht l cc dch v in ton m my cng cng m rt nhiu ngi
ang s dng nh Google Apps (in hnh l Google doc, th in t gmail), cc dch v
Window Azure, cc dch v Google App engine cho cc dch v mc PaaS. Dch v cho thu
my ch ca Amazon (Amazon web services) cng l mt dng in ton m my m nhiu
ngi kh quen thuc. Cc dch v in ton m my k trn rt ni ting v quen thuc
vi ngi dng c nhn v doanh nghip nh do chi ph s dng khng cao li em li hiu
qu cng vic ng k. Tuy nhin vi cc doanh nghip ln hn th xu th s dng li l t
xy dng cc h tng in ton m my ni b, sau qu trnh pht trin lu di s dn tin ra
thnh in ton m my cng cng (Public cloud) hoc m my lai (Hybrid Cloud). y l
cch thc gim thiu ph thuc vo cc nh cung cp dch v in ton m my ln v
hin ti ang rt ph hp vi mi trng IT ang trong qu trnh pht trin mnh m Vit
Nam.
Trin khai m my ni b s lm gia tng ng k hiu nng lm vic ca doanh
nghip do vng i ca dch v m my l rt d dng qun l, ngoi ra n cn gim bt
gnh nng qun tr, nhn s. Cc hng ln trong lng cng ngh nh VMware, IBM, HP,
Oracle, u cung cp cc ty chn sn phm in ton m my ni b n cc doanh
nghip. Tt c nhng sn phm ca cc hng ny cng c cc doanh nghip ti Vit Nam
s dng vi s lng mc tng i. Trin khai cc dch v ny cng ch nhm mc ch
c th no ch vn cha c cc doanh nghip ch trng a vo p dng cho ton b
h tng IT ca mnh. Ngn sch cng l mt vn nh hng n quyt nh trin khai dch
v nhng vn c bn v to ln hn l in ton m my vn c nhng c tnh khin
-
5
ngi dng cha an tm, hoc do cng ngh cha hon thin, hoc do ngi dng cha lm
ch c cng ngh nn cn rt r trong vic la chn.
1.3. Cc vn trong in ton m my
Trong vi nm qua, in ton m my pht trin t l mt khi nim kinh doanh
ha hn mt trong nhng phn on pht trin nhanh nht ca ngnh cng nghip CNTT.
Hin ti, cc cng ty chu nh hng suy thoi kinh t ang ngy cng nhn ra rng ch n
gin khai thc vo cc m my, h c th truy cp nhanh chng vo cc ng dng kinh doanh
quan trng cng nh pht trin ti nguyn h tng vi gi c phi chng. Nhng khi c ngy
cng nhiu thng tin c nhn v doanh nghip c t trn m my, ngy cng c nhiu
mi lo n vic mi trng an ton n mc no [1].
1.3.1 Bo mt
D liu u s c bo mt hn, trn a cng ni b hay trn cc my ch vi
kh nng bo mt cao trn m my? Mt s cho rng d liu ngi dng s bo mt hn nu
c qun l ni b, trong khi lung kin cho rng nh cung cp dch v m my s c
trch nhim khi phi duy tr mc tin cy v thc thi cc mc bo mt cao hn. Tuy
nhin, trong m my, d liu s c phn phi trn cc my tnh tnh n l m khng quan
tm n vic kho cha d liu thc s c lu tr u. Cc tin tc c th tn cng gn nh
tt c cc my ch, v c cc thng k cho thy 1/3 cc hu qu b mt mt d liu t vic
b trm hoc mt laptop v cc thit b khc v t vic v d liu b pht tn trn mng,
trong c n 16% l do cc tin tc t bn trong.
1.3.2 Kh nng ring t (Privacy)
Khc vi m hnh in ton m my truyn thng, in ton m my tn dng cc
cng ngh my tnh o ha, d liu ngi dng c th tri u trn cc trung tm d liu o
hn l trn cng mt v tr vt l, thm ch vt qua cc bin gii quc gia, v , vic bo
v kh nng ring t ca d liu s phi i mt vi xung t t cc h thng php l khc
nhau. Mt khc, ngi dng c th b r r thng tin b n khi h truy cp dch v in ton
m my. Tin tc c th phn tch cc tc v quan trng ca ngi s dng.
-
6
1.3.3 tin cy (Reliability)
Cc my ch trn m my c cng cc vn ging nh cc my ch ni b thng
thng. Cc my ch m my cng phi c cc thi gian tm ngng v tm dng, v iu
khc bit ch l ngi dng c s ph thuc ln hn vo nh cung cp dch v in ton m
my (Cloud Service Provide - CSP). C mt khc bit ln trong m hnh dch v ca CSP,
l khi chn mt CSP c th, ngi dng s b b hp quyn li, dn n cc ri ro bo
mt pht sinh.
1.3.4 Cc vn php l (Legal Issues)
B ngoi tai cc n lc em p dng cc vn php l, nm 2009 nh cung cp nh
Amazon Web Services cung cp mt th trng ch cht bng cch pht trin mt mng hn
ch v ngi dng la chn cc vng kh dng (availability zones). Mt khc, cc mi lo
gn lin vi cc thc o an ton v tnh cn mt theo tt c cc cch thc thng qua cc cp
lp php.
1.3.5 Chun m
Cc chun m rt quan trng ti vic pht trin ca in ton m my. Hu ht cc
nh cung cp m my u a ra cc giao din lp trnh ng dng (API) di dng cc ti
liu mang tnh c trng vi phng thc trin khai ca h v khng mang tnh m. Mt s
nh cung cp pht trin kh nng tng thch vi cc API khc v c mt s lng cc
chun m ang c pht trin, bao gm OGFs Open Cloud Computing Interface. Tp on
Open Cloud Consortium (OCC) ang lm vic thc y s thng nht trn cc chun v
thc t trin khai m my.
1.3.6 Tnh thc thi
Mt s cc quy nh lin quan n lu tr v vic s dng cc d liu i hi cc bo
co nh k v gim st vt, nh cung cp m my phi cho php ngi dng thc thi mt
cch tng thch vi cc quy nh ny. Qun l tnh thc thi v bo mt cho in ton m
my, CSP tp trung vo cch nhn tng th top-down trn tt c ti nguyn IT trong mt khu
vc m my c th mang n kh nng qun l mnh hn v tht cht cc chnh sch thc
thi. Cng vi cc yu cu vi i tng khch hng, cc trung tm d liu duy tr bi CSP
cng c th l i tng vi cc yu cu thc thi.
-
7
1.3.7 Tnh t do (Freedom)
in ton m my khng cho php ngi dng kim sot trc tip h tng lu tr d
liu m cng vic c chuyn cho CSP. Ngi dng s tranh lun rng quyn c bn l
h phi c kh nng lu tr bn sao d liu di dng ty theo kh nng la chn ca h sao
cho n bo v c cc yu t tn cng ngoi tm kim sot ca h trong khi nhn nhn cc
li ch m in ton m my mang n.
1.3.8 Kh nng tn ti di hn
Ngi dng c th chc chn rng d liu t trn m my s khng bao gi b v
hiu ha ngy c khi CSP b ph sn hoc thu tm bi cc cng ty ln hn. Gartner ni rng
Hy hi cc nh cung cp tim nng v vic lm sao ly li d liu v cu tr li s l bn
c th nhp d liu vo mt ng dng thay th khc.
1.4. Kt lun chng
Chng ny tm hiu mt s khi nim c bn v in ton m my bao gm m
hnh trin khai v cc loi hnh cung cp dch v. Cc li ch c c t m hnh in ton
m my l khng th ph nhn c v iu ny c th hin trong cc kho st v th
trng trn th gii cng nh Vit Nam. Tuy nhin c th hon thin c cc c tnh
ca in ton m my th cn mt bi ton lu di. Vn c rt nhiu mi lo ca ngi dng
v cc vn ca mi trng in ton m my, v in hnh trong l vn bo mt.
Chng 2 s i su vo phn tch hn vn bo mt trong in ton m my.
CHNG 2: NGHIN CU V BO MT TRONG MI TRNG
IN TON M MY
2.1. Bo mt trong in ton m my
in ton m my em li cho doanh nghip phng thc qun l ti nguyn my
tnh mt cch hiu qu, linh ng v hp l chi ph. Tuy nhin, cc tin tc cng nh cc nh
nghin cu bo mt ch ra rng m hnh ny c th b li dng bi tin tc v khng hon
ton 100% an ton. Trong in ton m my, vn bo mt c chia s gia nh cung
cp dch v v ngi dng in ton m my. Hai bn cn phi c s tin tng v tha thun
vi nhau t nng cao tnh bo mt. Rt nhiu mi e da bo mt ny sinh t bn trong
-
8
hoc bn ngoi mi trng nh cung cp/ngi dng v c phn loi thnh cc dng e
da t bn trong, tn cng nguy hi t bn ngoi, mt mt d liu, cc vn lin quan n
a chc nng, mt quyn kim sot v gin on dch v.
Wikipedia nh ngha bo mt trong in ton m my nh sau Bo mt in ton
m my (gi tt l bo mt m my) l mt lnh vc ang pht trin thuc bo mt my
tnh, bo mt mng v rng hn c l bo mt thng tin. N cp n mt tp rng cc chnh
sch, cng ngh v cc quyn iu khin c trin khai bo v d liu, ng dng v h
tng tch hp ca in ton m my. Bo mt in ton m my y khng ch cp
n cc sn phm phn mm bo mt cho m my nh cc phn mm antivirus, antispam,
anti-DDOS, m cn bao hm rng hn th. Cc vn bo mt c tng hp kh chi tit
trong [4].
2.1.1 Cc vn bo mt
Cc mi e da t bn trong
Cc tn cng nguy hi t bn ngoi
Mt mt d liu
Gin on dch v
Cc vn a nhim
Mt quyn kim sot
H tng o ha ca m my rt phc tp v mang tnh ng do vic a x l, lu tr
o, v nhiu ngi qun l, nhiu ng dng chy ti cng thi im. Ngoi ra c mt s lng
ln ngun lu lng vo v ra khi mi my ch vt l hay my o. Do , h tng o ha
ca m my xa nha bin gii vt l truyn thng s dng trong vic nh ngha, qun l
v bo v ti sn ca doanh nghip trong trung tm d liu truyn thng. Tuy vy n dn n
vic h tng o ha s tr nn phc tp v bn thn n s c bo v khi cc mi e da
bt k t bn trong hay bn ngoi.
Cc gii php bo mt tng thch trong mi trng m my s dng bo v h
tng o ha m my l mt thch thc ln i hi vic nghin cu su v nhiu hng tn
cng v cc c tnh ring bit, em li bo v chnh xc v kp thi. Cc c tnh chnh
bao gm:
-
9
Tnh sn sng v hiu nng
Nguy hi t bn trong
Tn cng t bn ngoi
Gin on dch v
a nhim
Mt quyn iu khin
2.1.2 Cc hng nghin cu bo mt cho in ton m my
C kh nhiu thch thc trong m my c m t v c th thy mt m my c
bo mt l bt kh thi tr khi mi trng o ha gm h tng, my o, cc giao din, cc
ngun pht lu lng mng c bo mt. Nhu cu mi trng o ha i hi nhiu hn so
vi cc gii php bo mt truyn thng, vn khng ph hp vi mi trng o ha do c
tnh phc tp v ng ca in ton m my. tin ln mt bc cao hn, cc nh cung
cp v khch hng phi hp tc cung nhau nh ngha cc yu cu v cc ch nh. Rt hin
nhin rng cc gii php bo mt mi tnh n o ha nn c thc thi m bo bo mt
u tin trn h thng tng th. Cc gii php bo mt m my phi c c ch thng minh
t phng th v c kh nng cung cp gim st, pht hin thi gian thc v ngn chn cc e
da bit cng nh cha bit.
Nhiu doanh nghip khng hiu r vic h ang t cc thng tin hay dch v quan
trng ca h theo cch bt li nhm mun tn dng li ch ca in ton m my m khng
quan tm n vic chi ph u t theo cch no l ph hp nht. Nu khng c ci nhn nghim
tc v trin khai bo mt th s tr nn v ngha khi a cc thng tin ln m my. thit
lp cc vng tin cy trn m my, cc my o phi c t bo v, chuyn i mt cch hiu
qu vng bo v ti my o. Vnh ai bo mt ca doanh nghip s bao gm tng la, cc
phn on mng, cc h thng pht hin v phng trnh thm nhp, cc thut ton gim st
v cnh bo cng cc chnh sch bo mt kt hp khc.
Nghin cu tp trung vo vic pht trin chin lc bo mt cho m my mt cch
ton din v c kh nng bo v h tng m my v cc lp khc nhau (gm kt ni mang,
d liu lu, d liu chuyn pht, cc ng dng v my o) chng li cc e da pht sinh t
bn trong cng nh bn ngoi mng nh cung cp. Chin lc d nh tn dng cc cng
-
10
ngh bo mt sn c (adhoc) v s dng vo trong mi trng m my ng v hay bin
i.
Chin lc bo mt c thc thi p ng in ton m my l mt tin trnh nhiu
bc v lin quan n:
m bo cc ng dng c xy dng trn cc thut ton bo mt trnh bt c
trn b m, thm nhp SQL v tn cng no.
S dng tip cn bo mt a lp gim st cc e da v m bo khi mt lp
ngoi/trong b tn cng, vn c lp khc d phng.
Vi cc tn cng bn trong, cn m bo nhn vin c o to, tun th cc
quy nh v c cng c ngn cc e da pht sinh (nh Antivirus, IPS, HIPS, tng la
ni b, tch mng, gim st)
Vi cc tn cng tc thi hay gin on dch v, phi c cc gii php bo mt
nh cc mng t bo v, cc yu t bo mt lin quan n m my (NAC, dot1x, ..) ti ch.
Hn th na, cc k thut bo mt trung tm d liu thng thng nh cc vnh ai tng
la, IPS, ACL cng cn phi c tn dng.
m bo rng cc h thng c cch ly tt, thm ch c trn cng phn cng
vn nn c tng la v cc lut h tr cc tin trnh bo mt ca ngi dng n. C th gia
c thm s dng cc gii php ng nhp n nh gi cc tin trnh.
Cc khch hng s dng m my (t chc, doanh nghip) nn c cch hiu tt
v cc tin trnh bo mt v cc mc tha thun dch v ca nh cung cp. iu ny gip
gim thiu bt c s khng ng nht no gia nh cung cp v khch hng.
thng k cc ri ro bn ngoi cn c m hnh bo mt phn lp t vnh ai
n mc cc my o trong.
Khch hng nn c mt k hoch d phng thng k bt c gin on dch
v no t nht l vi cc ng dng hoc dch v tri t cc h thng cnh bo n gin cho
ti cc ni lu tr cc ng dng ti ch.
2.2 Mt s hng nghin cu in hnh cho bo mt trong in ton m my
2.2.1 Phn tch theo quan im v vng i d liu
C nhiu vn bo mt lin quan n in ton m my v chng c th c nhm
li theo cc phng din khc nhau. Theo phn tch ca Gartner, trc khi a ra la chn
-
11
nh cung cp m my, ngi dng nn hi nh cung cp by vn an ton c th sau:
quyn truy cp ngi dng, tun th quy nh, v tr d liu, phn tch d liu, h tr nghin
cu v kh nng duy tr lu di. Nm 2009, t chc nghin cu Forrester Research Inc nh
gi cc thc nghim ring t v bo mt ca mt s nh cung cp m my hng u (nh
Salesforce.com, Amazon, Google v Microsoft) theo ba thng s chnh: bo mt v ring t,
kh nng tun th v cc vn hp php v tnh hp ng. T chc Cloud Security Alliance
(CSA) tin hnh tp trung cc nh cung cp gii php, phi li nhun v c nhn vo din n
tho lun v thc t s dng tt nht hin ti v tng li cho vic m bo thng tin trong
m my. CSA nhn dng 13 min quan tm trn bo mt in ton m my.
2.2.1.1 Cc vn bo v ring t v bo mt d liu
Ni dung ca vic bo v ring t v bo mt d liu trong m my tng t nh vic
bo v ring t v bo mt d liu truyn thng. N cng lin quan ti tt c giai on ca
vng i d liu. Nhng do c tnh m v a nhim ca m my, ni dung vic bo v
ring t v bo mt d liu trong m my c nhng c tnh ring.
Khi nim ring t rt khc nhau cc t nc, vn ha hoc php l khc nhau.
nh ngha tng thch bi t chc hp tc v pht trin kinh t OECD l mi thng tin lin
quan ti vic nhn dng hoc cc c th c th nhn dng (i tng d liu). Mt nh ngha
ph bin khc cung cp bi t chc AICPA v CICA trong chun GAPP l cc quyn v
ngha v ca c nhn v t chc vi vic tn trng thu thp, s dng, duy tr v thng co
thng tin c nhn. Ni chung, ring t c kt hp vi vic thu thp, s dng, thng co,
lu tr v ph hoi d liu c nhn (hay thng tin nhn dng c nhn PII). Vic nhn dng
thng tin c nhn ph thuc vo cc kch bn ng dng ch nh v lut, o l nhim v c
bn ca bo v ring t.
Phn tip theo phn tch vn bo v ring t v bo mt d liu trong m my theo
quan im vng i d liu c tham kho trong [5].
2.2.1.2 Vng i d liu
Vng i d liu nhc n ton b qu trnh t lc pht sinh n lc ph hy ca d
liu. Vng i d liu c chia thnh by giai on:
Giai on 1: Pht sinh (Generation)
-
12
Giai on 2: Truyn ti (Transfer)
Giai on 3: S dng (Use)
Giai on 4: Chia s (Share)
Giai on 5: Lu tr (Storage)
Giai on 6: Lu tr th cp (Archival)
Giai on 7: Kt thc d liu (Destruction)
Theo cc m hnh truyn ti dch v, cc m hnh trin khai v cc c tnh cn thit
ca in ton m my, cc vn bo v ring t v bo mt d liu l cc vn chnh cn
phi c gii quyt sm nht c th. Cc vn ring t v bo mt d liu tn ti trong tt
c cc lp ca m hnh truyn ti dch v SPI v trong mi giai on ca vng i d liu.
Thch thc trong bo v tnh ring t c chia s d liu trong khi bo v thng tin
c nhn. Cc h thng in hnh yu cu bo v ring t v cc h thng thng mi in t
lu tr cc thng tin v th tn dng v h thng chm sc sc khe vi cc s liu v sc
khe. Kh nng iu khin thng tin no c bc l v ai c th truy cp thng tin trn
mng tr thnh mt vn c quan tm chnh. Cc quan tm ny bao gm vic liu
thng tin c nhn c th c lu tr hay c bi bn th 3 m khng cn s ng , hay liu
cc bn th 3 c th ln vt cc trang web m ngi dng gh thm. Vn quan tm khc
l liu cc website c gh thm thu thp, lu tr v chia s thng tin c nhn v ngi
dng. Cha kho cho vic bo v tnh ring t trong mi trng m my l s phn chia gt
gao d liu nhy cm v d liu khng nhy cm bng cc cch thc m ha thnh phn.
Theo cc phn tch cho cc vn bo v ring t v bo mt d liu, mt gii php
bo mt ton din v tch hp p ng yu cu phng th chuyn su l cn thit. Lin quan
n bo v ring t, vic nhn dng v cch ly d liu ring t l cc cng vic chnh. Chng
nn c nh gi trong sut qu trnh thit k ng dng da trn m my.
Vi cc vn bo v ring t v bo mt d liu, cc thch thc c bn l vic phn
tch d liu ngy cm v iu khin truy cp. Mc ch l thit k mt tp cc nn tng bo
v ring t v qun l nhn dng trn cc ng dng hay cc dch v in ton m my. Do
c tnh di ng ca ngi dng trong t chc l kh ln, h thng qun l nhn dng cn
phi c kh nng t ng v cung cp/gii phng ti khon ngi dng nhanh chng m
-
13
bo khng c truy cp tri php no vo ti nguyn m my ca t chc bi mt s ngi
dng ri khi t chc. Cc gii thut iu khin truy cp v cp quyn nn t n mt m
hnh iu khin truy cp c kh nng m rng, ti s dng v hp nht p ng yu cu ca
cp quyn truy cp hp php. Cc gii thut bo v ring t da trn tnh ton s t c cc
ch dn thi gian thc v ng, cp quyn v gim st ch s hu d liu khi d liu ring t
ca h c truy cp.
2.2.2 Phn tch theo quan im p t m hnh chnh sch chung
Nn tng bo mt ca IBM c pht trin m t bo mt di dng cc ti nguyn
kinh doanh cn c bo v, v n nhn vo cc min ti nguyn khc nhau t quan im
kinh doanh.
Da trn nn tng bo mt ca IBM v cc tho lun vi cc khch hng ca IBM,
phn sau m t mt danh sch cc yu cu bo mt chnh trong mi trng in ton m
my cho cc tp on hin nay c tham kho trong [6].
2.2.2.1 Qun l bo mt, qun l ri ro v tnh tun th
Cc t chc yu cu c ci nhn tng quan vo bc tranh bo mt trong m my ca
h. N bao gm tm nhn rng vo qun l thay i, hnh nh v cc ri ro, cng nh cc bo
co s c cho nhng ngi dng v d liu gim st, log cho ngi dng ch nh.
2.2.2.2 Con ngi v vic nhn dng
Cc t chc cn phi m bo ngi dng c cp quyn c kh nng truy cp ti d
liu v cng c h mun, khi h cn trong khi tt kha tt c cc truy cp khng c php
khc. Cc mi trng m my thng h tr mt lng ln cng ng ngi dng, cc
iu khin ny thm ch quan trng hn. Thm vo , cc m my gii thiu mt tng cc
ngi c cp quyn: cc nh qun tr lm vic cho nh cung cp m my. Nhng ngi
ny gim st, bao gm vic ghi log li cc hot ng, tr thnh mt yu cu quan trng. Vic
gim st ny bao gm c gim st vt l v nn tng.
2.2.2.3 D liu v thng tin
Hu ht cc doanh nghip cho bit bo v d liu l vn bo mt quan trng nht
ca h. Cc quan tm in hnh bao gm cch thc d liu c lu tr v cc yu cu truy
cp, tun th v gim st, v cc vn kinh doanh lin quan n chi ph sa cha cc l
-
14
hng d liu, cc yu cu cnh bo v thit hi ti gi tr tng th chung. Tt c d liu c
quy nh hoc nhy cm cn phi c tch bit hp l trn h tng lu tr m my, bao gm
sao lu th cp d liu.
2.2.2.4 ng dng v tin trnh
Ngi dng thng nh gi cc yu cu bo mt ng dng m my di dng bo
mt hnh nh. Tt c cc yu cu bo mt ng dng in hnh vn p dng cho cc ng dng
trong m my, nhng chng cng mang ti cc hnh nh cha cc ng dng . Nh cung
cp m my cn phi theo v h tr tin trnh trin khai bo mt. Thm vo , yu cu
ngi dng m my h tr cho ngun gc hnh nh v cho vic chng nhn v iu khin
s dng. Vic dng v hy cc hnh nh phi c tin hnh cn thn, m bo d liu nhy
cm c cha trong cc hnh nh khng b phi by trc nguy hi.
2.2.2.5 Mng, my ch v im cui
Trong mi trng m my chia s, ngi dng mun m bo tt c cc min ngi
dng c cch ly thch hp v khng c kh nng tn ti d liu hoc giao dch no b ly
t mt min ny sang mt min khc. gip t c iu ny, ngi dng cn kh nng
cu hnh cc min o tin cy hoc cc vng bo mt da trn chnh sch.
2.2.2.6 H tng vt l
H tng m my gm my ch, b nh tuyn, thit b lu tr, ngun cung cp v
cc thnh phn khc h tr cc hot ng phi c bo mt v mt vt l. Cc c ch bo
v gm iu khin v gim st tng thch truy cp vt l s dng cc thc o iu khin
truy cp sinh hc v cc mn hnh gim st mch ng (CCTV). Nh cung cp cn gii thch
r rng cch thc truy cp vt l c qun l i vi cc my ch cha ti ngi dng v h
tr d liu ngi dng.
2.2.2.7 M hnh kin trc c bn cho in ton m my
M hnh kin trc c bn cho in ton m my bao gm mt lp cc dch v phn
lp. Lp h thng vt l m t cc yu cu trung tm d liu thng thng, bt buc cc thc
o iu khin truy cp v gim st cc khu vc. Lp ti nguyn h thng qun l h tng lu
tr, my ch, mng. Lp ti nguyn c o ha gii thiu kh nng cch ly nh mt thuc
-
15
tnh chnh ca bo mt o ha: cc tin trnh cch ly thng qua cc lp trung gian hypervisor
v tch bit d liu.
2.3 Kt lun
Bo mt trong in ton m my l mt bi ton phc tp v s kh c th c mt m
hnh bo mt chung cho tt c mi trng. Cc t chc c nhiu yu cu khc nhau cho vic
tch hp gia mi trng m my v cc h thng back-end ca h. Mt s t chc ang
pht trin ton b cc ng dng mi v chun b xy dng mi trng m my ca h c
lp vi cc hot ng khc, nhng hu ht cc tp on s bt u vi m my ring ngoi
ra l pht trin ng dng trn m my ca nh cung cp.
Da trn nn tng phn tch mt s hng nghin cu trong chng ny, c th thy
xuyn sut l s xut hin ca h tng o ha bn di phc v cho cc ng dng chy bn
trn. H tng o ha ti nguyn bn di khng n thun ch l h tng ni b trong cc
doanh nghip m rng ln hn l h tng o ha ti khp mi ni phc v cho m my ring
cng nh cng cng. V chng 3 s tp trung nghin cu phn tch v xut mt m hnh
an ninh ng dng cho mt cng ngh in ton m my n t hng VMware, l mt hng
c th phn ln trn th trng
CHNG 3: GII PHP BO MT AN TON AN NINH TRONG
MI TRNG IN TON M MY
3.1 Gii php VMware View
Cc doanh nghip hin nay ang phi i u vi bi ton kh khn v my tnh cho
cc nhn vin (desktop). Mt mt, cc t chc IT i mt vi p lc xung quanh chi ph, tnh
tun th, kh nng qun l v bo mt. y l vn nn trm trng bt ngun t m hnh tnh
ton kiu my tnh c nhn tp trung (PC-centric) hin ti, vn tiu tn chi ph ln qun l
v gii hn s linh ng ca mi trng IT phn ng vi thay i ng ca mi trng
kinh doanh.
Mt khc, ngi dng u cui ang ngy cng i hi yu cu v tnh t do v kh
nng linh ng truy cp cc ng dng v d liu ca h t nhiu thit b v v tr khc hn.
Vn v desktop y tnh t do ca ngi dng chng li yu cu iu khin mi trng
IT c th gy ra tng trng v chi ph, nh hng n bo mt, v chim ti nguyn IT.
-
16
thot khi tnh trng ny, cc t chc ang tm kim mt tip cn tng thch v hiu qu hn
trong vic tnh ton cho php mi trng IT cn bng c nhu cu ca doanh nghip cng
nh nhu cu ca ngi dng u cui trong cc tri nghim hiu nng cao linh ng.
o ha desktop vi VMware View [7] cho php cc doanh nghip lm c nhiu hn
vi nhng g hin c v tng thch vi tip cn hin i v thc s hng n ngi s dng
trong k nguyn my tnh mi. Bng cch tch bit cc ng dng, d liu v h iu hnh t
mt im cui, v bng cch di chuyn cc thnh phn ny vo trung tm d liu h c
th qun l tp trung, o ha ng dng v desktop em n cho IT mt cch thc bo mt,
nh hng hn trong vic qun l ngi dng v cung cp cc dch v desktop a dng c
th truy cp theo yu cu.
Cc vn gp phi v bo mt
o ha desktop l cng ngh nn tng tin tin c th truyn ti truy cp desktop v
mng c kh nng qun l, chi ph hiu qu i vi mi yu cu ca ngi dng. Tuy
nhin, vi cc e da bo mt ang ngy cng tr nn phc tp, thng xuyn hn, tn cng
vo nhiu pha hn v b khai thc li nhun bi cc tin tc, ngi qun tr IT phi tng cng
cnh gic v tm ra cc gii php bo mt c xy dng cho mi trng desktop o ha. Cc
gii php nh phn tch log, cng ngh h thng ngn chn xm nhp da trn host (HIPS),
tng la v phn mm antivirus cn phi c pht trin v tng thch vi cc yu cu cho
o ha desktop.
Ch c bo mt theo hng tip cn o ha mi c th p ng cc thch thc bo mt
cho desktop o ha theo nh [7] gm:
Tranh chp ti nguyn Trong trin khai desktop o ha, mt s lng cc desktop
chia s cc ti nguyn phn cng ca host, t l thng thng l 60/1 hoc hn. Cc cp nht
bo mt ng thi v cc tin trnh qut ton b h thng c th gy ra mt mt hiu nng
ng k ca desktop gii hn tnh sn sng cao hoc gim thiu t l hp nht my o.
Mt tri ca nhanh chng Cc desktop o ha c th cung cp, sao lu, tr v trng
thi trc, dng, v khi ng li mt cch nhanh chng v d dng. Cc tn hi hoc cc li
cu hnh c th lan truyn m khng hay bit v cc desktop tm thi khng hot ng c b
phn ng vi bo mt cha c cp nht.
-
17
Cn bo Antivirus khi cc gii php Antivirus truyn thng ng thi khi to qu
trnh qut hoc cp nht bo mt theo lch trn tt c cc my o ca my vt l n, c th
gy ra c bo Antivirus, to ra ti ln trn h thng v gim thiu hiu nng.
Tnh tun th v tnh ring t ca d liu vi kh nng cung cp d dng v c tnh
linh ng ca desktop o, c th gy ra kh khn trong vic duy tr cc bn ghi gim st ca
trng thi bo mt ca desktop o ti cc thi im bt k. H qu l nhiu quy nh yu cu
bo v anti-malware tc thi.
3.1.4 Mt s gii php hin ti
3.1.4.1 Kin trc Mobile Secure Desktop
c m t chi tit trong [9], v tng th gii php tp trung gii quyt ba yu t chnh:
Tnh linh ng
Bo mt
Qun l
3.1.4.2 Tip cn v antivirus
Tip cn cho vic bo v chng li cc virus trong mi trng VMware View c
m t kh chi tit trong [10]. Phn mm antivirus l mt trong s nhng mng ln nht trong
th trng bo mt my tnh hin nay. Gn nh tt c cc tp on u trin khai cc phn
mm antivirus trn mi desktop. Do cc dch v nh bo mt, tnh linh ng, iu khin truy
cp v cc ng dng doanh nghip u c a vo trung tm d liu hoc m my, cc
thc thi antivirus cn phi c chun b cn thn.
3.2 M hnh xut Meta Mobile Security (MeMoc)
3.2.1 Gii thiu v m hnh MeMoc
Lun vn thc s ny xut mt m hnh an ninh mi cho dch v in ton m
my, l m hnh MeMoc, vit tt ca Meta Mobile Security. Cc lp ca m hnh c
xy dng da trn quan im bao qut ca ngi qun tr tp trung vo hai vn then cht,
bao gm qun l ri ro v tng cng bo mt.
-
18
3.2.1.1 Mi quan tm v qun l ri ro
Qun l ri ro bao gm kim tra, di tr v gim st cc nguy hi ngn nga cc ri
ro xy ra mc chp nhn c. Bt k chin lc qun l ri ro cung cn c nh gi
trn cc mc u tin v bo mt, bao gm cc kha cnh c nu ra sau y:
Bo v cc ti nguyn em li li nhun: cc gin on kinh doanh gy ra bi s c v
cc tn cng v mng c th gy ra thit hi v li nhun, c di dng nh hng trc tip
ti kinh doanh gy ra bi mng cng nh mt nim tin khch hng do tht thot thng tin
quan trng.
Ch trng cc yu cu ca khch hng: khch hng ang ngy cng quan tm n vic
bo v thng tin nhy cm v c nhn ca h. Cc nguy hi ti chnh sch ca khch hng,
tht thot thng tin bo mt v gim thiu mc dch v u c th gy nn nh hng xu
ti doanh nghip.
Bo v nhn dng v nhn hiu: cc l hng bo mt v cc tn cng, c bit l cc
tn cng ti cc thng tin mc cao, c th gy nh hng nghim trng ti chin lc
marketing, danh ting v tin cy trong doanh nghip.
Tnh tun th vi cc quy nh v chun: tht bi trong vic tun th vi cc quy nh
v chun hp pht ang tr nn ngy cng kht khe c th dn ti cc hu qu xu, mt c
hi kinh doanh v quyn li hp php.
3.2.1.2 Mc tiu bo mt
Cc vn sau y cn phi gii quyt hng ti mc tiu bo mt
Tnh sn sng tnh sn sng lin tc ca cc h thng ch trng vo cc tin trnh,
chnh sch v iu khin s dng m bo ngi dng c truy cp nhanh chng ti thng
tin. Mc tiu ny bo v khi cc c gng can thip hoc ph ri t chi truy cp hp php
ti thng tin hoc h thng.
Tnh bo ton ca d liu hoc h thng lin quan ti cc tin trnh, chnh sch v
iu khin s dng m bo thng tin khng b lm sai lch theo cch khng hp php v
h thng thot khi cc chnh sa bt hp php nhm khai thc vo tnh chnh xc, tnh hon
thin v n nh.
-
19
Tnh bo mt ca d liu hoc h thng tnh bo mt bao gm cc tin trnh, chnh
sch v iu khin s dng bo v thng tin ngi dng v cc thit lp chng li truy cp
hoc s dng bt hp php.
Kh nng tnh ton c ch tnh ton r rng lin quan n cc tin trnh, chnh sch
v iu khin cn thit ln vt cc hnh ng ln ti nguyn. Kh nng tnh ton h tr
trc tip s khng chi b, s ngn chn, ngn nga xm nhp, gim st bo mt, khi phc
v tnh hp php chp nhn c ca cc bn ghi.
Tnh m bo ch trng vo cc tin trnh, chnh sch v iu khin s dng pht
trin tnh bo mt thu thp cc s liu v k thut v hot ng d nh. Cc mc m
bo l thnh phn ca thit k h thng bao gm tnh sn sng, tnh bo ton, tnh bo mt v
kh nng tnh ton. Tnh m bo nhn mnh rng bo mt cc h thng cung cp cc chc
nng cn thit trong khi ngn nga cc hot ng khng mong mun.
Da trn nh gi u nhc im cc gii php ca hng, m hnh MeMoc l m hnh
xut gm cc lp nh sau:
Cu hnh Firewall thch hp
Tng cng tnh ng ca h thng
M ha d liu
Ci t chng trnh antivirus
Cp nht bn v
Pht trin h thng v ng dng ng
Gii hn truy cp theo vai tr
p t cc chnh sch mt khu nghim ngt
iu khin thay i
Gim st v ghi li cc log
Sao lu v khi phc thm ha
H tng
Tch hp
Qun l
Hnh 3.2 M hnh MeMoc
-
20
M hnh bao gm cc lp m bo em n mt mi trng bo mt ph hp nht ca
cc h thng khc nhau:
Gii hn truy cp (da theo vai tr)
p t cc chnh sch t mt khu nghim ngt
iu khin thay i
Gim st v ghi li cc log
Cp nht bn v thch hp
Pht trin cc h thng v ng dng ng
Cu hnh firewall thch hp
Ci t chng trnh antivirus
M ha d liu
Tng cng tnh ng ca h thng
Sao lu v khi phc thm ha
Cc lp ny tng ng vi ba phn ring bit trong mt h thng hon chnh l
h tng, tch hp v qun l.
3.2.2 M t
Mi lp trong m hnh ng mt vai tr quan trng nht nh, gp phn gy dng mt
thit k nht qun v c quan h cht ch gia cc m hnh. Mt s yu cu trin khai c
m t kh chi tit trong [6].
Cu hnh firewall thch hp
y l yu cu bt buc chung i vi cc h thng lin quan n IT ni chung v m
my ni ring. Firewall gip kim sot kt ni ch ng v thun tin cho vic qun tr. Ngi
qun tr c th p t cc chnh sch cho i tng truy cp cng nh ti nguyn c s
dng ty theo mi doanh nghip.
Tng cng tnh ng ca h thng
H tng ca h thng cn c thit k theo mc va phi, m bo y chc nng
cn thit tuy nhin khng nn cung cp qu nhiu mc ty chnh cho ngi dng. V mt
h thng ng s khin kh nng khai thc ca tin tc b hn ch nhiu. iu ny c bit
quan trng vi mi trng o ha chia s ti nguyn chung.
-
21
M ha v bo v d liu
p t cch thc m ha d liu cng l yu t cn thit trong m hnh bo mt. N
gip ti nguyn c truy cp bi ngi dng nm c thng tin v m ha.
Ci t chng trnh antivirus
Vi mt mi trng hn tp, nhiu ngi dng v truy cp t nhiu ni khc nhau nh
VMware View, vic nhim cc virus, malware ln h thng trong qu trnh thao tc ca ngi
dng l iu khng trnh khi. Ci t cc chng trnh antivirus mnh m nhng vn m
bo tiu tn ti nguyn hp l l yu t quan trng trong m hnh.
Cp nht bn v thch hp
Cc chng trnh s dng trong mi trng IT bao gi cng cn c nhng bn v nh
k sa cc li cha hon thin. Vic cp nht thng xuyn ny cng s gip ngn nga
kp thi cc l hng m tin tc c th khai thc.
Pht trin cc h thng v ng dng ng
Vic pht trin cc h thng v ng dng ng l xu hng tt yu trong mi trng
m my chia s nh VMware View. Tnh ng s gip hn ch mc can thip ca ngi
dng trong khi vn cung cp y v p ng nhu cu ng dng cho ngi dng.
Gii hn truy cp (da theo vai tr)
Phn quyn s dng l nhn t bt buc trong cc mi trng yu cu mc qun l
cht ch nh o ha desktop. Phn quyn ngoi h tr qun l cho ngi qun tr cn gip
linh ng hn trong chnh sch qun tr ca mi doanh nghip.
p t cc chnh sch t mt khu nghim ngt
Vi cc dch v m my nh VMware View cng nh cc dch v m my khc,
vic hng ti dng truy cp mt ln (Single Sign On) s dng tt c cc ti nguyn l
iu tt yu. Khi mi ngi s ch cn mt ti khon truy cp ti thng tin cn thit.
Nh vy vic p t chnh sch t mt khu cn nht qun, m bo thi gian thay i
khng gy ra cc nguy hi khi ngi dng mt mt khu.
iu khin thay i
-
22
Ngi qun tr s cn nm r tng thay i trong h thng m bo khng c hnh
ng no vi phm chnh sch, nm trong gii hn quy nh. Hay thm chi l pht hin kp
thi cc tn hi n chnh sch chung.
Gim st v ghi li cc log
Vic ghi li cc log l rt cn thit. c bit l cc log mi ln truy cp d liu. Tn
ca ngi dng truy cp vo ti nguyn s c ngi qun tr nm r hon ton. T thu
hp c phm vi iu tra cng nh x l kp thi khi c s c xy ra.
Sao lu v khi phc thm ha
y lun l mt bc cui cng nhng khng km phn quan trng trong cc m hnh.
D pht hin kp thi v x l cc tn cng bo mt gy tht thot d liu,.. vn c nhiu
trng hp khng th gi li y cc d liu ban u hoc cc d liu gn nht. Khi
cc bn sao lu s l ni ngi qun tr ly li d liu cn thit cho h thng.
3.2.3 p dng m hnh
Theo cc lp ca m hnh xut, c th p dng cc phng thc bo mt ln chnh
mi trng ca VMware View nh sau. C th tham chiu ti h tng qun l ca VMware
thy r rng hn cc lp ca h thng trong hnh 14 (Trang 2 ti liu [13]).
Hnh 3.3 M hnh qun l chung ca VMware
-
23
M hnh qun l chung ca VMware bao gm cc thnh phn: thnh phn h tng, cc
thnh phn pha trn mang tnh qun l v tch hp chung bao gm qun tr iu hnh chung
h thng, bo mt, qun l giao din ti ngi dng u cui.
3.3 Kt lun
Chng ny gii thiu v m hnh bo mt m bo an ton an ninh MeMoc. Vi
mc ch xut mt gii php chung cho tt c cc h tng mng in ton m my, m
hnh s dng mi trng VMware lm v d p dng . Mi trng in ton m my xy
dng trn mi trng o ha ca VMware l mt mi trng in hnh trong m bo mi
trng in ton m my. Vi li ch em li trong mi trng IT gii thiu, m hnh
Desktop as a Cloud ny vn c nhng hn ch v bo mt m gii php hin ti m VMware
a ra cha hon ton m bo c mt m hnh bo mt an ton an ninh xuyn sut cho
gii php m cn mang tnh ri rc. Trn c s phn tch cc yu t ca m hnh, vic p dng
m hnh nh th no vo cc mi trng khc hon ton c th tham kho c t thc t p
dng trn mi trng VMware ny.
-
24
KT LUN CHUNG
Qua ba chng ca lun vn i ht cc vn t cc khi nim bo mt trong in
ton m my cho n tnh hnh ng dng trn th gii cng nh ti Vit Nam. Lun vn
cng tm tt mt s hng nghin cu cho vn bo mt an ton an ninh trong mi
trng in ton m my. Qua c th thy vn bo mt v m bo an ton d liu
cho ngi dng trong mi trng in ton m my l mt mng rng v kh c th gii
quyt trit hon ton. Nhiu xut c a ra v mt s c thc thi tuy nhin
vn cha c hon thin trit c th p dng rng ri m vn b hp phm vi trong
tng h thng c th. Lun vn cng khng nm ngoi c quy lut y vi vic xut ra
m hnh MeMoc. M hnh MeMoc bn cht l tng hp cc khuyn ngh bo mt v m bo
an ton d liu t cc hng t chc khc nhau t a ra phi hp thnh mt th thng nht.
Lun vn p dng m hnh thng nht ny cho mi trng c th l mi trng o ha ca
VMware. Tuy nhin n vn mang tnh m v c th lm tham kho, tham chun cho cc mi
trng h thng khc. Tt nhin gii php xut vn mang phn nhiu tnh l thuyt nhng
thc t c nhng thnh phn trong n c s dng trong thc t nhng mang tnh ri rc
cha hot ng phi hp cht ch vi nhau. D vy c th tin ln pht trin mt chun
chung cho m hnh bo mt an ton an ninh trong in ton m my th nhng xut gii
php tng hp ny s l nhng tham kho qu gi cho cc nh nghin cu v pht trin.
Tc gi lun vn
Dng Phng ng