《電子技術(shù)應(yīng)用》
您所在的位置:首頁 > 通信與網(wǎng)絡(luò) > 設(shè)計(jì)應(yīng)用 > 面向微服務(wù)架構(gòu)的軟件系統(tǒng)韌性增強(qiáng)技術(shù)研究
面向微服務(wù)架構(gòu)的軟件系統(tǒng)韌性增強(qiáng)技術(shù)研究
信息技術(shù)與網(wǎng)絡(luò)安全 10期
余 航,許 博
(陸軍工程大學(xué) 指揮控制工程學(xué)院,江蘇 南京210007)
摘要: 軟件系統(tǒng)韌性是系統(tǒng)在面對被動故障和主動攻擊等挑戰(zhàn)時提供和維持可接受的服務(wù)水平的能力,被認(rèn)為是未來互聯(lián)網(wǎng)的基本設(shè)計(jì)屬性。面對現(xiàn)有補(bǔ)丁式防御手段存在的缺陷,如何增強(qiáng)軟件系統(tǒng)的韌性能力引起了安全領(lǐng)域研究人員的廣泛關(guān)注。結(jié)合軟件系統(tǒng)微服務(wù)化的發(fā)展趨勢,對微服務(wù)架構(gòu)下軟件系統(tǒng)韌性增強(qiáng)技術(shù)的研究現(xiàn)狀進(jìn)行了歸納分析,從冗余及多樣性、服務(wù)編排、負(fù)載均衡、資源擴(kuò)展以及服務(wù)遷移等方面分析了軟件系統(tǒng)韌性增強(qiáng)技術(shù)的研究現(xiàn)狀及關(guān)鍵技術(shù),總結(jié)分析了現(xiàn)有研究存在的問題,并展望了未來的發(fā)展方向和面臨的挑戰(zhàn)。
中圖分類號: TP393
文獻(xiàn)標(biāo)識碼: A
DOI: 10.19358/j.issn.2096-5133.2021.10.002
引用格式: 余航,許博. 面向微服務(wù)架構(gòu)的軟件系統(tǒng)韌性增強(qiáng)技術(shù)研究[J].信息技術(shù)與網(wǎng)絡(luò)安全,2021,40(10):8-15.
Research on software system resilience enhancement technology for microservice architecture
Yu Hang,Xu Bo
(Command & Control Engineering College,Army Engineering University of PLA,Nanjing 210007,China)
Abstract: Resilience of software system refers to the ability of a system to provide and maintain an acceptable level of service in the face of challenges such as passive failure and active attack, and it is considered to be the basic design attribute of the Internet in the future. Existing defenses are just like patches, it can only be used to protect system against some known risks. In the face of this problem, how to enhance the resilience of software systems has attracted wide attention from researchers in the field of security. Combined with the development trend of micro-service software system, this paper summarizes and analyzes the research status of the technology, which can help to enhance the resilience of software system, under the microservice architecture. The research status has been analyzed from the aspects of redundancy and diversity, service scheduling, load balancing, resource expansion, and service migration. The existing research problems are summarized and analyzed as well, and finally we look forward to the future development direction and challenges.
Key words : system resilience;microservice;resilience technology;security threats;failure response

0 引言

對于軟件系統(tǒng),尤其是具有關(guān)鍵任務(wù)使命的系統(tǒng)而言,確保任務(wù)執(zhí)行不中斷、具備持續(xù)運(yùn)行能力、保證使命任務(wù)的完成至關(guān)重要。事實(shí)上,許多風(fēng)險都會對系統(tǒng)服務(wù)產(chǎn)生嚴(yán)重影響,例如自然災(zāi)害、硬件故障、性能過載、錯誤配置、軟件漏洞、惡意程序、敵對攻擊等[1],故障風(fēng)險的增加會嚴(yán)重降低已部署服務(wù)的質(zhì)量,甚至導(dǎo)致服務(wù)完全中斷。

在安全領(lǐng)域,盡管許多科研人員仍然致力于構(gòu)建更加健全的外部安防體系,試圖將威脅拒止于受保護(hù)的系統(tǒng)之外,但一旦研究人員精心構(gòu)建的防被線被突破之后,所有的努力都將功虧一簣。鑒于當(dāng)前網(wǎng)絡(luò)環(huán)境的復(fù)雜性、威脅形式的多樣性以及威脅的不可預(yù)測性,利用傳統(tǒng)的外部防御手段來實(shí)現(xiàn)無懈可擊的保護(hù)是不現(xiàn)實(shí)的。并且復(fù)雜的安防系統(tǒng)會因?yàn)檫^于臃腫而導(dǎo)致資源的嚴(yán)重消耗以及系統(tǒng)網(wǎng)絡(luò)性能的下降[2],因此需要改變思維方式,考慮當(dāng)外部防御失敗后的狀況。也就是說,系統(tǒng)必須考慮在面對已經(jīng)到來的破壞情況下,如何確保服務(wù)得以持續(xù),保證任務(wù)使命得以完成。




本文詳細(xì)內(nèi)容請下載:http://theprogrammingfactory.com/resource/share/2000003797



作者信息:

余  航,許  博

(陸軍工程大學(xué) 指揮控制工程學(xué)院,江蘇 南京210007)


此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。