信息网络安全 ›› 2017, Vol. 17 ›› Issue (2): 59-65.doi: 10.3969/j.issn.1671-1122.2017.02.009

• • 上一篇    下一篇

一种基于智能卡认证的LVS集群方案设计

孙长辉1(), 张令臣2, 高能3   

  1. 1.中国科学院大学,北京 100049
    2.中国科学院信息工程研究所,北京 100093
    3.中国科学院数据与通信保护研究教育中心,北京100093
  • 收稿日期:2016-11-15 出版日期:2017-02-20 发布日期:2020-05-12
  • 作者简介:

    作者简介: 孙长辉(1991—),男,安徽,硕士研究生,主要研究方向为计算机技术;张令臣 (1986—),男,山东,助理研究员,博士,主要研究方向为网络信息安全;高能(1976—),女,陕西,研究员,博士,主要研究方向为网络信息安全。

  • 基金资助:
    国家自然科学基金[614002470]

A Design of Linux Virtual Server Cluster Based on Smart Card Authentication

Changhui SUN1(), Lingchen ZHANG2, Neng GAO3   

  1. 1.University of Chinese Academy of Sciences, Beijing 100049, China
    2.Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
    3.Data Assurance and Communication Security Research Center of Chinese Academy of Sciences,Beijing 100093, China
  • Received:2016-11-15 Online:2017-02-20 Published:2020-05-12

摘要:

文章分析了现有的通过 Linux 虚拟服务器(LVS)实现负载均衡的方式,并基于LVS提出了一种基于认证的集群构建方法。在现有的基于LVS的实现负载均衡的方式中,需要在脚本中事先配置好具体的服务对应的IP和端口号,另外,每个真实服务器上运行的服务需要的相关信息也要在真实服务器上存有相应的副本。文章采用真实服务器通过认证的方式来获取在负载调度器上的秘密信息的副本,另外,在认证的同时,负载调度器可以自动生成配置文件,解决配置繁琐的问题,通过这种方式,解决敏感信息在真实服务器上会存有多份副本的问题,进而来构建一个高可用的集群系统。

关键词: Linux 虚拟服务器, 集群, 智能卡, 认证, 动态加入

Abstract:

This paper analyses existed implementations of Load Balancing through Linux Virtual server, and put forward to design an authentication-based cluster building method based on Linux virtual server. In the existing methods of load balancing based on LVS, it is necessary to configure the IP and port numbers corresponding to the specific services in the scripts. In addition, the information needed for the services running on each real server should be configured on the real server. In this paper, a real server is used to obtain a copy of the secret information on the load scheduler by using the authentic server. In addition, the load scheduler can automatically generate the configuration file to solve the cumbersome configuration. In this way, The problem which Sensitive information have multiple copies will be solvedand then to build a highly available cluster system.

Key words: Linux virtual server, cluster, smart card, authentication, join dynamically

中图分类号: