计算机工程与应用 ›› 2021, Vol. 57 ›› Issue (18): 238-247.DOI: 10.3778/j.issn.1002-8331.2005-0368

• 工程与应用 • 上一篇    下一篇

基于微服务的分布式数据安全整合应用系统

杨舒,苏放   

  1. 北京邮电大学 信息与通信工程学院,北京 100876
  • 出版日期:2021-09-15 发布日期:2021-09-13

Distributed Data Security Integrated Application System Based on Microservices

YANG Shu, SU Fang   

  1. School of Information and Communication Engineering, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Online:2021-09-15 Published:2021-09-13

摘要:

针对分布式数据安全整合应用中数据整合操作繁琐,实时性不足,数据应用共享困难的问题,设计并实现了基于微服务的分布式数据安全整合应用系统,包含有两个子系统:数据整合子系统与数据安全应用子系统。系统基于Spring Cloud微服务架构设计,服务模块功能单一,边界明确,服务之间相互解耦,便于便捷开发,快速部署,可扩展性强,拥有强大的负载均衡策略与容错机制。数据整合子系统中提出了一种轻量级的数据整合方案,可以进行可视化的数据便捷整合,具有较好的灵活性与实时性;数据安全应用子系统中通过数据分级与用户角色划分,实现了用户对数据的安全访问控制,同时,采用证书链模型,使用数据证书来认证用户身份,有效地解决了用户角色的管理问题与网络信任问题。

关键词: 微服务, 数据整合, 数据安全应用, 证书链, 物联网终端评测平台

Abstract:

To solve the problem of operating data integration complicatedly, lacking real-time performance and sharing data applications difficultly, this paper designs and implements a distributed data security integrated application system based on microservices. This system including two subsystems:data integration subsystem and data security application subsystem. This system is designed based on the Spring Cloud. Each microservice has a single function and a clear boundary. The microservices are decoupled from each other. It has the advantages of convenient development, rapid deployment, excellent scalability, strong load balancing strategy and fault tolerance. In the data integration subsystem, a lightweight data integration scheme is proposed, which can integrate data conveniently and visually. It has great flexibility and real-time performance. In the data security application subsystem, through data classification and user role division, the user access control to data is realized. By using certificate chain model and data certificate to authenticate user identity, the problems of user role management and network trust are effectively solved.

Key words: microservices, data integration, data security applications, certificate chain, internet of things terminal evaluation platform