信息网络安全 ›› 2020, Vol. 20 ›› Issue (1): 75-82.doi: 10.3969/j.issn.1671-1122.2020.01.011

• 技术研究 • 上一篇    下一篇

云计算平台基于角色的权限管理系统设计与实现

白嘉萌1,2,3(), 寇英帅1,2,3, 刘泽艺3, 查达仁3   

  1. 1. 中国科学院信息工程研究所信息安全国家重点实验室,北京 100093
    2. 中国科学院大学网络空间安全学院,北京 100049
    3. 中国科学院信息工程研究所,北京 100093
  • 收稿日期:2019-08-15 出版日期:2020-01-10 发布日期:2020-05-11
  • 作者简介:

    作者简介:白嘉萌(1995—),女,陕西,硕士研究生,主要研究方向为机器学习;寇英帅(1995—),男,北京,硕士研究生,主要研究方向为表示学习;刘泽艺(1990—),男,福建,助理研究员,博士,主要研究方向为信息安全;查达仁(1982—),男,江苏,高级工程师,博士,主要研究方向为信息安全。

  • 基金资助:
    国家自然科学基金[U163620068]

Docker-based RBAC Task Management System

BAI Jiameng1,2,3(), KOU Yingshuai1,2,3, LIU Zeyi3, ZHA Daren3   

  1. 1. State Key Laboratory of Information Security, Institute of Information Engineering, CAS, Beijing 100093, China
    2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China
    3. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100049, China
  • Received:2019-08-15 Online:2020-01-10 Published:2020-05-11

摘要:

随着互联网技术的飞速发展,Web服务业务量激增,这使得操作系统和应用服务的部署面临着越来越大的挑战,而云计算和虚拟化技术的发展使得上述问题得以改善。虽然虚拟机技术具有很好的隔离性,但是常需面对虚拟化开销大、可扩展性差、部署时间长等问题。一方面以Docker为代表的容器技术能很好地改善这些问题,这使得服务的快速构建、部署、运维和扩展成为可能;另一方面,权限管理是一个几乎所有应用系统都会涉及的一个重要组成部分,其目的是对系统进行权限的控制和管理。对于系统权限的控制是十分重要且必要的,否则会造成系统信息泄露、系统漏洞,对使用者造成难以预估的损失。因此,文章提出了一种将基于角色的权限管理模型实现对权限的管理,并将其部署在云平台上,使得开发人员能够在云平台上高效弹性对地系统进行开发、部署和运维,大大提高了资源利用率和时间效率。

关键词: 权限控制, Docker, 云计算, RBAC, 虚拟化

Abstract:

With the rapid development of the Internet , the quantity of web services has proliferated, which makes the deployment of operating systems and application services more and more challenging. The development of cloud computing and virtualization has led to improvements in these issues. Although virtual machine technology has good isolation, it usually faces problems such as large virtualization overhead, poor scalability and long deployment time. The container technology represented by Docker has improved these problems very well, which allows us to quickly build, deploy, operate and extend services. On the other hand, Rights management is an important part of almost all application systems. Its main purpose is to control and manage the rights of the system. Control of system permissions is very important and necessary. Otherwise, system information leakage, system vulnerabilities and unpredictable losses to users will be caused. We should try to avoid risk problems caused by lack of permission control or improper operation. To solve this problem, this paper proposes a method of applying the role-based rights management model to the system to flexibly manage the rights, and deploys the system on the cloud platform using PaaS idea, enabling development. The personnel can develop, deploy and operate the system efficiently and flexibly on the cloud platform, which greatly improves resource utilization and time efficiency.

Key words: authority control, Docker, cloud computing, RBAC, virtualization

中图分类号: