云计算翻译

"一云多芯"是一个在云计算和半导体领域常用的术语，它主要描述了一种技术策略，即在一个云平台上运行多个不同的处理器或芯片。

这种策略的主要目的是提高系统的灵活性和可扩展性，同时也能降低硬件成本和维护复杂性。

在英文中，"一云多芯"可以翻译为"One Cloud, Multiple Cores"。

这个词汇通常用于描述云计算服务提供商（CSP）的产品和服务，这些服务允许客户在一个统一的云环境中使用多种不同的处理器或芯片。

以下是一些与"一云多芯"相关的专业英文词汇：1. Cloud Computing: 云计算是一种使用网络进行计算的模式，其中共享的软件和信息提供给计算机和其他设备按需提供。

2. Multi-Core Processors: 多核处理器是一种在一个集成电路上集成了两个或更多个处理器核心的微处理器。

3. Chipset: 芯片组是一组集成电路，包括中央处理器（CPU）、内存控制器、输入/输出（I/O）控制器等。

4. Virtualization: 虚拟化是一种技术，它可以使单个物理资源（如服务器、存储设备或网络）看起来像多个逻辑上的独立资源。

5. Scalability: 可扩展性是指系统或服务能够处理增加的工作负载的能力。

6. Cost-Efficiency: 成本效益是指通过比较投入和产出来评估一个项目或决策的价值。

7. Maintenance Complexity: 维护复杂性是指维护一个系统或服务所需的工作量和难度。

8. Hardware Diversity: 硬件多样性是指在一个系统中使用多种不同类型的硬件设备。

9. Performance Optimization: 性能优化是指通过调整系统配置或修改代码来提高系统性能的过程。

10. Flexibility: 灵活性是指系统或服务能够适应变化和应对新挑战的能力。

云计算基础知识对“云计算”，有人将它说得云山雾罩、玄乎其玄。

甚至，有人将云计算（Cloud Computing）翻译成“云雾计算”，让人啼笑皆非。

弄得好多人在问什么是云计算？什么是雾计算？这正说明好多人对于云计算还是一头雾水。

最近，大公司如MS、Google、IBM等都在炒作一个概念就是云计算，如IBM跟欧盟合作开展云计算，欧盟拨款1.7亿万欧元；Google与IBM联合力推云计算模式；Yahoo!也把宝押在了云计算上；我国也在无锡跟IBM公司联合建立了一个云计算中心；有人说微软收购Yahoo！一个重要的考虑就是在Yahoo在云计算方面的领先地位，多少有点儿道理。

那么，究竟什么是云计算？简单的说，云就是互联网。

如果没有互联网，什么都做不到。

有了互联网以后，你可以把你的数据，把你的服务，在公开的标准的前提下，把所有的数据存到云端。

“云计算”概念由Google提出，一如其名，这是一个美丽的网络应用模式。

云计算时代，可以抛弃U盘等移动设备，只需要进入Google Docs页面，新建文档，编辑内容，然后，直接将文档的URL分享给你的朋友或者上司，他可以直接打开浏览器访问URL。

我们再也不用担心因PC硬盘的损坏而发生资料丢失事件。

基本概念和特点1 .1 云计算的定义英译：cloud；cloud computing；cloud computer；cloud-based。

“云计算”（Cloud Computing）是分布式处理（Distributed Computing）、并行处理（Parallel Computing）和网格计算（Grid Computing）的发展，或者说是这些计算机科学概念的商业实现。

对于云计算的定义，开发者和信息技术人员与最终用户可能存在些许不同。

对那些开发和管理计算机系统的人来说，云计算意味着服务器能力在水平方向上的可扩展性；技术层面面临的挑战是：开发操作系统和应用程序来管理运行过程中的规模变化，同时保持相应的机制对最终用户不可见。

科技术语在翻译中的隐喻现象科技技术是现代社会中一个非常重要的领域，其中包含着大量的专业术语。

在翻译科技技术相关的文字时，经常会遇到一些隐喻现象。

隐喻是一种修辞手法，通过将一个事物或概念比喻为另一个事物或概念来传递某种意义。

在翻译中，隐喻是一种常见的语言转化方式，用于表达某些无法直接表达的含义。

一、科技技术词汇的隐喻现象科技技术词汇中的隐喻现象主要包括以下几种情况：1. 抽象概念的隐喻科技技术中的一些抽象概念常常通过隐喻来表达。

"cloud computing"（云计算）中的"cloud"（云）就是一个隐喻，它指的是将计算资源集中在远程服务器上，用户只需通过互联网访问这些远程服务器即可获取所需的计算能力。

2. 物理概念的隐喻科技技术中的一些物理概念也常常通过隐喻来表达。

"firewall"（防火墙）一词中的"fire"（火）就是一个隐喻，它指的是阻止非法入侵和保护系统免受恶意攻击的网络安全技术。

3. 动物隐喻科技技术词汇中的一些概念也常常通过动物隐喻来表示。

"bug"（错误）一词中的"bug"（虫子）就是一个隐喻，它用来描述软件中的错误或问题。

1. 保留隐喻有时候，原文中的隐喻在目标语言中也不存在，但是又没有合适的翻译方式来替代。

此时，可以选择保留隐喻，以保持原文的风格和语言特点。

"cloud computing"（云计算）一词可以直接保留不翻译。

3. 解释隐喻有时候，原文中的隐喻在目标语言中存在，但读者可能不熟悉这种隐喻的含义。

此时，可以选择解释隐喻，以便读者能够理解其在原文中的意义。

"architecture"（架构）一词可以解释为"软件或系统的设计结构"。

4. 转化隐喻有时候，原文中的隐喻在目标语言中不存在，但是可以通过转化表达成其他形式，以传达相似的意义。

2．信息技术的发展，使得内容需求的翻译大幅增长随着信息技术，特别是w eb2．o的应用，使内容产业需求迅速增长，同时也带来了翻译需求的增长。

内容需求导致的翻译特点在于内容更新及时，尽管许多对于信息及内容的需求是暂时的，并不构成一个完整的传统意义上的正式的翻译任务，但是内容的快速更新和信息的快速传播，却意味着更快的翻译速度和翻译任务的几何级增长。

因此新的翻译模式必须具备能应对频繁、快速翻译所导致的译员数量增长和水平需要提高的特点。

总之，信息时代新的竞争环境变化，迫使翻译产业朝更低廉、更快速和更高质量方向发展。

二、翻译产业环境下的翻译模式比较在探讨了翻译产业的环境需求后，我们再来审视一下目前翻译产业的主要供应模式。

在W eb2．0的今天，机器翻译和众包翻译可以看成两种主要的信息技术类翻译模式，尽管有人提出了云计算翻译也可视为一种主要的翻译模式，但我们认为云计算翻译仅仅是一种翻译技术和翻译环境，并没有改变翻译产业的主要流程与各方参与者，因此我们仅对机器翻译和众包翻译进行分析。

1．机器翻译机器翻译(M T)使用计算机软件将文本或谈话从一种自然语言(源语言)翻译到另一种语言(目标语言)，根据不同的架构主要包括基于规则的机器翻译(R B M T)，基于统计的机器翻译(SM T)，基于实例的机器翻译(E B M T)。

经过几十年的发展，如今的机器翻译进入到了开放式的翻译阶段，如s Y S．，I R A N，L a nguage w eaver以及A ppTek TraJl Sphere等(A nast asi ou＆G upt a，201l：637)，可以实现在线的同步翻译，是目前翻译产业一个重要的应用模式。

2．众包翻译2007年，著名的社交网站Fac ebook发动双语用户志愿为网站进行翻译，并一举成功(M eer，2010)，开启了众包翻译的时代。

众包翻译模式迅速在社交媒体、非盈利性组织、文化传播、政府机构等方面得到了许多应用，并迅速成为翻译产业的一个新兴的应用模式。

日积月累.180501英汉短语翻译1.中国品牌日Chinese Brands Day2.云计算Cloud computing3.房屋限购Purchase limits for real estate4.网络强国A country with strong cyber technology5.Mainstream media主流媒体6.Electronic social security card电子社保卡7.High-speed aerotrain高速气动悬浮列车8.Targeted poverty alleviation精准脱贫9.Leap year闰年百科词条1.“希腊三贤”指的是哪三位伟大的哲学家？苏格拉底，柏拉图，亚里士多德2.被视为近代西方哲学的奠基之作是哪本书？《第一哲学沉思录》3.“人是万物的尺度”这句话是哪位哲学家首次提出？普罗泰戈拉4.亚里士多德认为最理想的政府是（）阶级执政。

中产阶级5.被黑格尔称作“现代哲学之父”的哲学家是笛卡尔日积月累.180502英汉短语翻译1.大众创新，万众创业mass entrepreneurship and innovation2.虚拟现实Virtual Reality(VR)3.新时代中国特色社会主义socialism with Chinese characterism in a new era4.孔子学院Confucius Institute5.网红经济Internet celebrity economy6.dynamic equivalence动态对等7.back translation回译8.fight corruption and build a clean government反腐倡廉9.CAT计算机辅助翻译10.to teach fish to swim班门弄斧日积月累.180503英汉短语翻译隐形贫困人口the invisible poverty-stricken population/the invisible poor国家安全意识the national security awareness政府集中采购centralized government procurement比特币Bitcoin人工智能artificial intelligenceharmony without uniformity和而不同zero-sum mentality零和博弈ppp政府和社会资本合作（public-private partnership）bond default债券违约Translationese翻译腔日积月累.180504英汉短语翻译1.三大攻坚战three tough battles2.征税清单tariff list3.人才争夺战talent scramble battle4.全面二胎政策the universal second-child policy5.军事分界线military demarcation line（MDL）6.QR code快速响应矩阵码7.sponge city海绵城市8.IPO首次公开募股9.autonomous driving technology自动驾驶技术10.Onomatopoeia拟声法百科知识1.下列我国哪个古迹被誉为“世界八大奇迹”（C）A.万里长城B.乐山大佛C.秦始皇兵马俑D.敦煌2.石头城是对我国哪座城市的美称（B）A.南昌B.南京C.拉萨D.西安3.请问：火车连续发出两声长鸣，这表示（C）A.前进B.停留C.倒退D.故障4.我国第一座国家森林公园是（C）A.武夷山B.长白山C.张家界D.九寨沟5.我国古代“十恶不赦”中的首恶是（D）A.不义B.不道C.内乱D.谋反日积月累.150505英汉短语翻译新一线城市new first-tier city暂定税率provisional tax rate十九大the19th National Congress of the Communist Party of China(CPC)朝鲜半岛无核化denuclearization of the Korean Peninsula长江考察trip along the Yangtze Riverthe six-party talks六方会谈Island-wide quota policy全域限购政策SOHO小型家居办公literal translation字面翻译；直译over-translation超额翻译日积月累.180507英汉短语翻译1.公积金provident fund2.综合国力comprehensive national strength3.人脸识别facial recognition4.物联网the Internet of Things(IoT)5.移动支付mobile payment6.一带一路the Belt and Road7.电子商务e-commerce8.限购令limited purchasing order9.自主知识产权Independent Intellectual Property Rights10.马克思主义Marxism11.birth defect出生缺陷12.live within their means量入为出13.programmer motivator程序员鼓励师14.rural vitalization strategy乡村振兴战略15.bilateral interpreting双边传译16.covert translation隐形翻译17.double First-Class initiative双一流18.CTO首席技术官19.VAT增值税20.APEC亚太经合组织百科知识：1.第一次世界大战的开战时间是（B）A.1910B.1914C.1939D.19402.下列农民起义哪次是洪秀全领导的（D）A.大泽乡起义B.黄巾起义C.赤眉起义D.金田起义3.下列清朝皇帝中哪位是末代皇帝（A）A.宣统B.光绪C.同治D.道光4.中华人民共和国国旗五星红旗的设计者是（C）A.毛泽东B.周恩来C.曾联松D.梁思成5.我国最早的一部医学理论著作是（B）A.《本草纲目》B.《黄帝内经》C.《千金方》D.《伤寒杂病论》日积月累.180508英汉短语翻译1.软实力soft power2.硕士生导师supervisor of postgraduate3.人才流失brain drain4.不要在错误的道路上越走越远refrain from going further down the wrong path5.21世纪数字丝绸之路a digital silk road of21st century6.down payment首付7.demographic dividend人口红利8.two centenary goals“两个一百年”奋斗目标9.Corpora语料库10.domesticating translation归化翻译日积月累.180509英汉短语翻译1.网络安全cyberspace security2.协同发展develop in a coordinated way3.朝鲜半岛局势the situation on the Korean Peninsula4.前沿领域cutting-edge areas5.谅解备忘录memorandum of understanding6.TPP跨太平洋伙伴关系协定7.independent intellectual property rights自主知识产权8.Silk Road Spirit丝路精神9.Abusive translation滥译10.Exoticism异国情调百科知识1.我国古代诗歌史上被称为“双璧”的一篇是《孔雀东南飞》，另一篇是（A）A.《木兰诗》B.《木兰辞》C.《离骚》D.《格萨尔王》2.著名的《大卫》像是谁的作品（C）A.拉斐尔B.达.芬奇C.米开朗琪罗D.阿古斯特尔3.现在美国国旗星条旗上有多少颗星（C）A.25B.30C.50D.604.有的学校实行学分制，在我国最早提倡学分制的是（B）A.鲁迅B.蔡元培C.吴玉章D.毛泽东5.相传我国古代能作“掌上飞”的是（B）A.杨玉环B.赵飞燕C.西施D.貂蝉日积月累.180510英汉短语翻译词条1.“三步走”战略Three-Step Development Strategy2.全面建成小康社会Build a moderately prosperous society3.积分落户points-based household4.按揭贷款mortgage loans5.朝韩首脑会晤inter-Korean summit6.IMF国际货币基金组织7.public rental housing公租房8.capability of independent innovation自主创新能力9.semantic translation语义翻译10.idiomatic translation语义翻译日积月累.180512英汉短语互译1.自由贸易试验区pilot free trade zone2.近海防御offshore waters defense3.医患纠纷patient-doctor disputes4.量子通信quantum communication5.春联Spring Festival Couplets6.Negative list负面清单7.intelligent vehicles智能汽车8.THAAD末端高空区域防御系统（萨德）9.pay by installment分期支付10.the Renaissance文艺复兴日积月累.180514英汉短语互译1.交流互鉴exchanges and mutual learning2.经济全球化economic globalization3.监测网络monitoring network4.伊朗核协议Iran nuclear deal5.工匠精神craftsmanship spirit6.bubble economy泡沫经济7.special effect特效8.Ferrari法拉利9.F.I.T国际翻译工作者联合会10.arms race军备竞赛日积月累.180515英汉短语翻译1.战略沟通strategic communication2.稳中求进to make progress while ensuring stability3.基础设施建设infrastructure construction4.反倾销措施anti-dumping measures5.轮值主席rotating presidency6.FTA自由贸易协定7.leap year闰年8.health resort疗养胜地，养生度假村9.singe one's wings损害自己的名誉或利益10.cohesion and coherence衔接与连贯日积月累.180516英汉短语翻译国产航母domestically built aircraft carrier退耕还林return cultivated land to forest or pastures传销pyramid selling房子是用来住的，不是用来炒的housing is for accommodation rather than speculation中等收入陷阱middle-income traphome with joint property rights共有产权住房the Doctrine of Mean《中庸》OTC非处方药cross-border e-commerce境外电子商务vape电子烟百科知识1.“月上柳梢头，人约黄昏后。

云计算外文翻译参考文献(文档含中英文对照即英文原文和中文翻译)原文:Technical Issues of Forensic Investigations in Cloud Computing EnvironmentsDominik BirkRuhr-University BochumHorst Goertz Institute for IT SecurityBochum, GermanyRuhr-University BochumHorst Goertz Institute for IT SecurityBochum, GermanyAbstract—Cloud Computing is arguably one of the most discussedinformation technologies today. It presents many promising technological and economical opportunities. However, many customers remain reluctant to move their business IT infrastructure completely to the cloud. One of their main concerns is Cloud Security and the threat of the unknown. Cloud Service Providers(CSP) encourage this perception by not letting their customers see what is behind their virtual curtain. A seldomly discussed, but in this regard highly relevant open issue is the ability to perform digital investigations. This continues to fuel insecurity on the sides of both providers and customers. Cloud Forensics constitutes a new and disruptive challenge for investigators. Due to the decentralized nature of data processing in the cloud, traditional approaches to evidence collection and recovery are no longer practical. This paper focuses on the technical aspects of digital forensics in distributed cloud environments. We contribute by assessing whether it is possible for the customer of cloud computing services to perform a traditional digital investigation from a technical point of view. Furthermore we discuss possible solutions and possible new methodologies helping customers to perform such investigations.I. INTRODUCTIONAlthough the cloud might appear attractive to small as well as to large companies, it does not come along without its own unique problems. Outsourcing sensitive corporate data into the cloud raises concerns regarding the privacy and security of data. Security policies, companies main pillar concerning security, cannot be easily deployed into distributed, virtualized cloud environments. This situation is further complicated by the unknown physical location of the companie’s assets. Normally,if a security incident occurs, the corporate security team wants to be able to perform their own investigation without dependency on third parties. In the cloud, this is not possible anymore: The CSP obtains all the power over the environmentand thus controls the sources of evidence. In the best case, a trusted third party acts as a trustee and guarantees for the trustworthiness of the CSP. Furthermore, the implementation of the technical architecture and circumstances within cloud computing environments bias the way an investigation may be processed. In detail, evidence data has to be interpreted by an investigator in a We would like to thank the reviewers for the helpful comments and Dennis Heinson (Center for Advanced Security Research Darmstadt - CASED) for the profound discussions regarding the legal aspects of cloud forensics. proper manner which is hardly be possible due to the lackof circumstantial information. For auditors, this situation does not change: Questions who accessed specific data and information cannot be answered by the customers, if no corresponding logs are available. With the increasing demand for using the power of the cloud for processing also sensible information and data, enterprises face the issue of Data and Process Provenance in the cloud [10]. Digital provenance, meaning meta-data that describes the ancestry or history of a digital object, is a crucial feature for forensic investigations. In combination with a suitable authentication scheme, it provides information about who created and who modified what kind of data in the cloud. These are crucial aspects for digital investigations in distributed environments such as the cloud. Unfortunately, the aspects of forensic investigations in distributed environment have so far been mostly neglected by the research community. Current discussion centers mostly around security, privacy and data protection issues [35], [9], [12]. The impact of forensic investigations on cloud environments was little noticed albeit mentioned by the authors of [1] in 2009: ”[...] to our knowledge, no research has been published on how cloud computing environments affect digital artifacts,and on acquisition logistics and legal issues related to cloud computing env ironments.” This statement is also confirmed by other authors [34], [36], [40] stressing that further research on incident handling, evidence tracking and accountability in cloud environments has to be done. At the same time, massive investments are being made in cloud technology. Combined with the fact that information technology increasingly transcendents peoples’ private and professional life, thus mirroring more and more of peoples’actions, it becomes apparent that evidence gathered from cloud environments will be of high significance to litigation or criminal proceedings in the future. Within this work, we focus the notion of cloud forensics by addressing the technical issues of forensics in all three major cloud service models and consider cross-disciplinary aspects. Moreover, we address the usability of various sources of evidence for investigative purposes and propose potential solutions to the issues from a practical standpoint. This work should be considered as a surveying discussion of an almost unexplored research area. The paper is organized as follows: We discuss the related work and the fundamental technical background information of digital forensics, cloud computing and the fault model in section II and III. In section IV, we focus on the technical issues of cloud forensics and discuss the potential sources and nature of digital evidence as well as investigations in XaaS environments including thecross-disciplinary aspects. We conclude in section V.II. RELATED WORKVarious works have been published in the field of cloud security and privacy [9], [35], [30] focussing on aspects for protecting data in multi-tenant, virtualized environments. Desired security characteristics for current cloud infrastructures mainly revolve around isolation of multi-tenant platforms [12], security of hypervisors in order to protect virtualized guest systems and secure network infrastructures [32]. Albeit digital provenance, describing the ancestry of digital objects, still remains a challenging issue for cloud environments, several works have already been published in this field [8], [10] contributing to the issues of cloud forensis. Within this context, cryptographic proofs for verifying data integrity mainly in cloud storage offers have been proposed,yet lacking of practical implementations [24], [37], [23]. Traditional computer forensics has already well researched methods for various fields of application [4], [5], [6], [11], [13]. Also the aspects of forensics in virtual systems have been addressed by several works [2], [3], [20] including the notionof virtual introspection [25]. In addition, the NIST already addressed Web Service Forensics [22] which has a huge impact on investigation processes in cloud computing environments. In contrast, the aspects of forensic investigations in cloud environments have mostly been neglected by both the industry and the research community. One of the first papers focusing on this topic was published by Wolthusen [40] after Bebee et al already introduced problems within cloud environments [1]. Wolthusen stressed that there is an inherent strong need for interdisciplinary work linking the requirements and concepts of evidence arising from the legal field to what can be feasibly reconstructed and inferred algorithmically or in an exploratory manner. In 2010, Grobauer et al [36] published a paper discussing the issues of incident response in cloud environments - unfortunately no specific issues and solutions of cloud forensics have been proposed which will be done within this work.III. TECHNICAL BACKGROUNDA. Traditional Digital ForensicsThe notion of Digital Forensics is widely known as the practice of identifying, extracting and considering evidence from digital media. Unfortunately, digital evidence is both fragile and volatile and therefore requires the attention of special personnel and methods in order to ensure that evidence data can be proper isolated and evaluated. Normally, the process of a digital investigation can be separated into three different steps each having its own specificpurpose:1) In the Securing Phase, the major intention is the preservation of evidence for analysis. The data has to be collected in a manner that maximizes its integrity. This is normally done by a bitwise copy of the original media. As can be imagined, this represents a huge problem in the field of cloud computing where you never know exactly where your data is and additionallydo not have access to any physical hardware. However, the snapshot technology, discussed in section IV-B3, provides a powerful tool to freeze system states and thus makes digital investigations, at least in IaaS scenarios, theoretically possible.2) We refer to the Analyzing Phase as the stage in which the data is sifted and combined. It is in this phase that the data from multiple systems or sources is pulled together to create as complete a picture and event reconstruction as possible. Especially in distributed system infrastructures, this means that bits and pieces of data are pulled together for deciphering the real story of what happened and for providing a deeper look into the data.3) Finally, at the end of the examination and analysis of the data, the results of the previous phases will be reprocessed in the Presentation Phase. The report, created in this phase, is a compilation of all the documentation and evidence from the analysis stage. The main intention of such a report is that it contains all results, it is complete and clear to understand. Apparently, the success of these three steps strongly depends on the first stage. If it is not possible to secure the complete set of evidence data, no exhaustive analysis will be possible. However, in real world scenarios often only a subset of the evidence data can be secured by the investigator. In addition, an important definition in the general context of forensics is the notion of a Chain of Custody. This chain clarifies how and where evidence is stored and who takes possession of it. Especially for cases which are brought to court it is crucial that the chain of custody is preserved.B. Cloud ComputingAccording to the NIST [16], cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal CSP interaction. The new raw definition of cloud computing brought several new characteristics such as multi-tenancy, elasticity, pay-as-you-go and reliability. Within this work, the following three models are used: In the Infrastructure asa Service (IaaS) model, the customer is using the virtual machine provided by the CSP for installing his own system on it. The system can be used like any other physical computer with a few limitations. However, the additive customer power over the system comes along with additional security obligations. Platform as a Service (PaaS) offerings provide the capability to deploy application packages created using the virtual development environment supported by the CSP. For the efficiency of software development process this service model can be propellent. In the Software as a Service (SaaS) model, the customer makes use of a service run by the CSP on a cloud infrastructure. In most of the cases this service can be accessed through an API for a thin client interface such as a web browser. Closed-source public SaaS offers such as Amazon S3 and GoogleMail can only be used in the public deployment model leading to further issues concerning security, privacy and the gathering of suitable evidences. Furthermore, two main deployment models, private and public cloud have to be distinguished. Common public clouds are made available to the general public. The corresponding infrastructure is owned by one organization acting as a CSP and offering services to its customers. In contrast, the private cloud is exclusively operated for an organization but may not provide the scalability and agility of public offers. The additional notions of community and hybrid cloud are not exclusively covered within this work. However, independently from the specific model used, the movement of applications and data to the cloud comes along with limited control for the customer about the application itself, the data pushed into the applications and also about the underlying technical infrastructure.C. Fault ModelBe it an account for a SaaS application, a development environment (PaaS) or a virtual image of an IaaS environment, systems in the cloud can be affected by inconsistencies. Hence, for both customer and CSP it is crucial to have the ability to assign faults to the causing party, even in the presence of Byzantine behavior [33]. Generally, inconsistencies can be caused by the following two reasons:1) Maliciously Intended FaultsInternal or external adversaries with specific malicious intentions can cause faults on cloud instances or applications. Economic rivals as well as former employees can be the reason for these faults and state a constant threat to customers and CSP. In this model, also a malicious CSP is included albeit he isassumed to be rare in real world scenarios. Additionally, from the technical point of view, the movement of computing power to a virtualized, multi-tenant environment can pose further threads and risks to the systems. One reason for this is that if a single system or service in the cloud is compromised, all other guest systems and even the host system are at risk. Hence, besides the need for further security measures, precautions for potential forensic investigations have to be taken into consideration.2) Unintentional FaultsInconsistencies in technical systems or processes in the cloud do not have implicitly to be caused by malicious intent. Internal communication errors or human failures can lead to issues in the services offered to the costumer(i.e. loss or modification of data). Although these failures are not caused intentionally, both the CSP and the customer have a strong intention to discover the reasons and deploy corresponding fixes.IV. TECHNICAL ISSUESDigital investigations are about control of forensic evidence data. From the technical standpoint, this data can be available in three different states: at rest, in motion or in execution. Data at rest is represented by allocated disk space. Whether the data is stored in a database or in a specific file format, it allocates disk space. Furthermore, if a file is deleted, the disk space is de-allocated for the operating system but the data is still accessible since the disk space has not been re-allocated and overwritten. This fact is often exploited by investigators which explore these de-allocated disk space on harddisks. In case the data is in motion, data is transferred from one entity to another e.g. a typical file transfer over a network can be seen as a data in motion scenario. Several encapsulated protocols contain the data each leaving specific traces on systems and network devices which can in return be used by investigators. Data can be loaded into memory and executed as a process. In this case, the data is neither at rest or in motion but in execution. On the executing system, process information, machine instruction and allocated/de-allocated data can be analyzed by creating a snapshot of the current system state. In the following sections, we point out the potential sources for evidential data in cloud environments and discuss the technical issues of digital investigations in XaaS environmentsas well as suggest several solutions to these problems.A. Sources and Nature of EvidenceConcerning the technical aspects of forensic investigations, the amount of potential evidence available to the investigator strongly diverges between thedifferent cloud service and deployment models. The virtual machine (VM), hosting in most of the cases the server application, provides several pieces of information that could be used by investigators. On the network level, network components can provide information about possible communication channels between different parties involved. The browser on the client, acting often as the user agent for communicating with the cloud, also contains a lot of information that could be used as evidence in a forensic investigation. Independently from the used model, the following three components could act as sources for potential evidential data.1) Virtual Cloud Instance: The VM within the cloud, where i.e. data is stored or processes are handled, contains potential evidence [2], [3]. In most of the cases, it is the place where an incident happened and hence provides a good starting point for a forensic investigation. The VM instance can be accessed by both, the CSP and the customer who is running the instance. Furthermore, virtual introspection techniques [25] provide access to the runtime state of the VM via the hypervisor and snapshot technology supplies a powerful technique for the customer to freeze specific states of the VM. Therefore, virtual instances can be still running during analysis which leads to the case of live investigations [41] or can be turned off leading to static image analysis. In SaaS and PaaS scenarios, the ability to access the virtual instance for gathering evidential information is highly limited or simply not possible.2) Network Layer: Traditional network forensics is knownas the analysis of network traffic logs for tracing events that have occurred in the past. Since the different ISO/OSI network layers provide several information on protocols and communication between instances within as well as with instances outside the cloud [4], [5], [6], network forensics is theoretically also feasible in cloud environments. However in practice, ordinary CSP currently do not provide any log data from the network components used by the customer’s instances or applications. For instance, in case of a malware infection of an IaaS VM, it will be difficult for the investigator to get any form of routing information and network log datain general which is crucial for further investigative steps. This situation gets even more complicated in case of PaaS or SaaS. So again, the situation of gathering forensic evidence is strongly affected by the support the investigator receives from the customer and the CSP.3) Client System: On the system layer of the client, it completely depends on the used model (IaaS, PaaS, SaaS) if and where potential evidence could beextracted. In most of the scenarios, the user agent (e.g. the web browser) on the client system is the only application that communicates with the service in the cloud. This especially holds for SaaS applications which are used and controlled by the web browser. But also in IaaS scenarios, the administration interface is often controlled via the browser. Hence, in an exhaustive forensic investigation, the evidence data gathered from the browser environment [7] should not be omitted.a) Browser Forensics: Generally, the circumstances leading to an investigation have to be differentiated: In ordinary scenarios, the main goal of an investigation of the web browser is to determine if a user has been victim of a crime. In complex SaaS scenarios with high client-server interaction, this constitutes a difficult task. Additionally, customers strongly make use of third-party extensions [17] which can be abused for malicious purposes. Hence, the investigator might want to look for malicious extensions, searches performed, websites visited, files downloaded, information entered in forms or stored in local HTML5 stores, web-based email contents and persistent browser cookies for gathering potential evidence data. Within this context, it is inevitable to investigate the appearance of malicious JavaScript [18] leading to e.g. unintended AJAX requests and hence modified usage of administration interfaces. Generally, the web browser contains a lot of electronic evidence data that could be used to give an answer to both of the above questions - even if the private mode is switched on [19].B. Investigations in XaaS EnvironmentsTraditional digital forensic methodologies permit investigators to seize equipment and perform detailed analysis on the media and data recovered [11]. In a distributed infrastructure organization like the cloud computing environment, investigators are confronted with an entirely different situation. They have no longer the option of seizing physical data storage. Data and processes of the customer are dispensed over an undisclosed amount of virtual instances, applications and network elements. Hence, it is in question whether preliminary findings of the computer forensic community in the field of digital forensics apparently have to be revised and adapted to the new environment. Within this section, specific issues of investigations in SaaS, PaaS and IaaS environments will be discussed. In addition, cross-disciplinary issues which affect several environments uniformly, will be taken into consideration. We also suggest potential solutions to the mentioned problems.1) SaaS Environments: Especially in the SaaS model, the customer does notobtain any control of the underlying operating infrastructure such as network, servers, operating systems or the application that is used. This means that no deeper view into the system and its underlying infrastructure is provided to the customer. Only limited userspecific application configuration settings can be controlled contributing to the evidences which can be extracted fromthe client (see section IV-A3). In a lot of cases this urges the investigator to rely on high-level logs which are eventually provided by the CSP. Given the case that the CSP does not run any logging application, the customer has no opportunity to create any useful evidence through the installation of any toolkit or logging tool. These circumstances do not allow a valid forensic investigation and lead to the assumption that customers of SaaS offers do not have any chance to analyze potential incidences.a) Data Provenance: The notion of Digital Provenance is known as meta-data that describes the ancestry or history of digital objects. Secure provenance that records ownership and process history of data objects is vital to the success of data forensics in cloud environments, yet it is still a challenging issue today [8]. Albeit data provenance is of high significance also for IaaS and PaaS, it states a huge problem specifically for SaaS-based applications: Current global acting public SaaS CSP offer Single Sign-On (SSO) access control to the set of their services. Unfortunately in case of an account compromise, most of the CSP do not offer any possibility for the customer to figure out which data and information has been accessed by the adversary. For the victim, this situation can have tremendous impact: If sensitive data has been compromised, it is unclear which data has been leaked and which has not been accessed by the adversary. Additionally, data could be modified or deleted by an external adversary or even by the CSP e.g. due to storage reasons. The customer has no ability to proof otherwise. Secure provenance mechanisms for distributed environments can improve this situation but have not been practically implemented by CSP [10]. Suggested Solution: In private SaaS scenarios this situation is improved by the fact that the customer and the CSP are probably under the same authority. Hence, logging and provenance mechanisms could be implemented which contribute to potential investigations. Additionally, the exact location of the servers and the data is known at any time. Public SaaS CSP should offer additional interfaces for the purpose of compliance, forensics, operations and security matters to their customers. Through an API, the customers should have the ability to receive specific information suchas access, error and event logs that could improve their situation in case of aninvestigation. Furthermore, due to the limited ability of receiving forensic information from the server and proofing integrity of stored data in SaaS scenarios, the client has to contribute to this process. This could be achieved by implementing Proofs of Retrievability (POR) in which a verifier (client) is enabled to determine that a prover (server) possesses a file or data object and it can be retrieved unmodified [24]. Provable Data Possession (PDP) techniques [37] could be used to verify that an untrusted server possesses the original data without the need for the client to retrieve it. Although these cryptographic proofs have not been implemented by any CSP, the authors of [23] introduced a new data integrity verification mechanism for SaaS scenarios which could also be used for forensic purposes.2) PaaS Environments: One of the main advantages of the PaaS model is that the developed software application is under the control of the customer and except for some CSP, the source code of the application does not have to leave the local development environment. Given these circumstances, the customer obtains theoretically the power to dictate how the application interacts with other dependencies such as databases, storage entities etc. CSP normally claim this transfer is encrypted but this statement can hardly be verified by the customer. Since the customer has the ability to interact with the platform over a prepared API, system states and specific application logs can be extracted. However potential adversaries, which can compromise the application during runtime, should not be able to alter these log files afterwards. Suggested Solution:Depending on the runtime environment, logging mechanisms could be implemented which automatically sign and encrypt the log information before its transfer to a central logging server under the control of the customer. Additional signing and encrypting could prevent potential eavesdroppers from being able to view and alter log data information on the way to the logging server. Runtime compromise of an PaaS application by adversaries could be monitored by push-only mechanisms for log data presupposing that the needed information to detect such an attack are logged. Increasingly, CSP offering PaaS solutions give developers the ability to collect and store a variety of diagnostics data in a highly configurable way with the help of runtime feature sets [38].3) IaaS Environments: As expected, even virtual instances in the cloud get compromised by adversaries. Hence, the ability to determine how defenses in the virtual environment failed and to what extent the affected systems havebeen compromised is crucial not only for recovering from an incident. Also forensic investigations gain leverage from such information and contribute to resilience against future attacks on the systems. From the forensic point of view, IaaS instances do provide much more evidence data usable for potential forensics than PaaS and SaaS models do. This fact is caused throughthe ability of the customer to install and set up the image for forensic purposes before an incident occurs. Hence, as proposed for PaaS environments, log data and other forensic evidence information could be signed and encrypted before itis transferred to third-party hosts mitigating the chance that a maliciously motivated shutdown process destroys the volatile data. Although, IaaS environments provide plenty of potential evidence, it has to be emphasized that the customer VM is in the end still under the control of the CSP. He controls the hypervisor which is e.g. responsible for enforcing hardware boundaries and routing hardware requests among different VM. Hence, besides the security responsibilities of the hypervisor, he exerts tremendous control over how customer’s VM communicate with the hardware and theoretically can intervene executed processes on the hosted virtual instance through virtual introspection [25]. This could also affect encryption or signing processes executed on the VM and therefore leading to the leakage of the secret key. Although this risk can be disregarded in most of the cases, the impact on the security of high security environments is tremendous.a) Snapshot Analysis: Traditional forensics expect target machines to be powered down to collect an image (dead virtual instance). This situation completely changed with the advent of the snapshot technology which is supported by all popular hypervisors such as Xen, VMware ESX and Hyper-V.A snapshot, also referred to as the forensic image of a VM, providesa powerful tool with which a virtual instance can be clonedby one click including also the running system’s mem ory. Due to the invention of the snapshot technology, systems hosting crucial business processes do not have to be powered down for forensic investigation purposes. The investigator simply creates and loads a snapshot of the target VM for analysis(live virtual instance). This behavior is especially important for scenarios in which a downtime of a system is not feasible or practical due to existing SLA. However the information whether the machine is running or has been properly powered down is crucial [3] for the investigation. Live investigations of running virtual instances become more common providing evidence data that。

毕业设计说明书英文文献及中文翻译学生姓名：学号：计算机与控制工程学院：专指导教师：2017 年 6 月英文文献Cloud Computing1。

Cloud Computing at a Higher LevelIn many ways，cloud computing is simply a metaphor for the Internet, the increasing movement of compute and data resources onto the Web. But there's a difference: cloud computing represents a new tipping point for the value of network computing. It delivers higher efficiency, massive scalability, and faster，easier software development. It's about new programming models，new IT infrastructure, and the enabling of new business models。

For those developers and enterprises who want to embrace cloud computing, Sun is developing critical technologies to deliver enterprise scale and systemic qualities to this new paradigm:（1) Interoperability —while most current clouds offer closed platforms and vendor lock—in, developers clamor for interoperability。

科技英语中一词多义及其翻译技巧在科技领域中，有许多词汇具有多义性。

以下是一些常见的一词多义词汇及其翻译技巧：1. Chip:-义1：芯片（指电子器件上的集成电路）-义2：碎片（形容薄片状或小块状的物体）翻译技巧：根据上下文确定词义，如果是指电子器件上的集成电路，可翻译为"芯片"；如果指碎片，则可使用"碎片"或者具体描述其形状的词汇。

2. Cloud:-义1：云（指云计算和云存储技术）-义2：云彩（指大气中形成的可见水汽）翻译技巧：根据上下文确定词义，如果是指云计算或云存储技术，可翻译为"云"；如果指云彩，则可使用"云彩"或其他与天气相关的词汇。

3. Firewall:-义1：防火墙（计算机系统中用于保护网络安全的硬件或软件）-义2：防火墙（建筑物中用于阻止火势蔓延的隔离墙）翻译技巧：根据上下文确定词义，如果是指计算机系统中的防火墙，可翻译为"防火墙"；如果指建筑物中的防火墙，则也可使用"防火墙"，但需要通过上下文解释使读者明确其意义。

4. Terminal:-义1：终端（计算机中用于输入和显示数据的设备）-义2：终点（指旅行或运输中的最后一站或目的地）翻译技巧：根据上下文确定词义，如果是指计算机设备中的终端，可翻译为"终端"；如果指旅行或运输中的终点，则可使用"终点"或其他类似的词汇。

5. Patch:-义1：补丁（指修复软件中的漏洞或错误的程序代码）-义2：补片（指用于修复或加固物体的一小块材料）翻译技巧：根据上下文确定词义，如果是指修复软件中的漏洞或错误的程序代码，可翻译为"补丁"；如果指修复或加固物体的补片，则可使用"补片"或者具体描述其材料或用途的词汇。

以上是一些常见的科技英语一词多义的例子及其翻译技巧。