网络与信息安全学报 ›› 2021, Vol. 7 ›› Issue (1): 101-112.doi: 10.11959/j.issn.2096-109x.2021011

• 学术论文 • 上一篇    下一篇

面向云应用的拟态云服务架构

普黎明, 卫红权, 李星, 江逸茗   

  1. 信息工程大学,河南 郑州 450001
  • 修回日期:2020-07-05 出版日期:2021-02-15 发布日期:2021-02-01
  • 作者简介:普黎明(1976- ),男,云南嵩明人,信息工程大学副研究员,主要研究方向为网络安全、网络体系结构。
    卫红权(1971- ),男,河南唐河人,博士,信息工程大学研究员,主要研究方向为融合网络安全、可重构网络理论与技术。
    李星(1987- ),男,河南新乡人,博士,信息工程大学助理研究员,主要研究方向为链路预测、社团挖掘。
    江逸茗(1984- ),男,江苏南通人,博士,信息工程大学讲师,主要研究方向为网络虚拟化、网络架构。
  • 基金资助:
    国家科技重大专项基金(2018ZX03002002);国家自然科学基金(61521003)

Mimic cloud service architecture for cloud applications

Liming PU, Hongquan WEI, Xing LI, Yiming JIANG   

  1. Information Engineering University, Zhengzhou 450001, China
  • Revised:2020-07-05 Online:2021-02-15 Published:2021-02-01
  • Supported by:
    The National Natural Science Foundation of China(2018ZX03002002);The National Science and Technology Major Project of China(61521003)

摘要:

针对单执行体的云应用服务缺乏异构性和动态性,难以应对未知漏洞和后门的安全威胁问题,提出一种拟态云服务架构,把云平台向用户提供的应用服务节点构造成基于拟态防御技术的服务包,使应用服务具有拟态构造带来的内生安全特性和鲁棒性,同时讨论了策略调度和裁决机制等两项关键的拟态云服务运行机制。经实验分析表明,拟态云服务具有较好的安全性,可以通过减小执行体的性能差异降低其响应时延。

关键词: 拟态云服务, 响应时延, 动态, 异构

Abstract:

In order to solve the problem of the lack of heterogeneity and dynamics of cloud application services with a single executor, and the difficulty of dealing with the security threats of unknown vulnerabilities and backdoors, a mimic cloud service architecture was proposed.In this architecture, the application services provided by the cloud platform were constructed into a service package based on mimic defense technology, so that the application services had the endogenous security features and robustness brought by mimic structure.At the same time, two key mimic cloud services operating mechanism,policy scheduling and adjudication mechanism were discussed.The experimental results and analysis show that the mimic cloud service obtains better security and its response time delay can be reduced by reducing the performance difference of the executor.

Key words: mimic cloud service, response delay, dynamic, heterogeneous

中图分类号: 

No Suggested Reading articles found!