本文已被:浏览 2150次 下载 2189次
Received:February 26, 2018 Revised:March 19, 2018
Received:February 26, 2018 Revised:March 19, 2018
中文摘要: 微服务架构实现了应用服务的业务解耦和技术栈分离,但更多的微服务也增加了进程间无状态服务调用频度,如何在保证服务性能的同时确保无状态服务之间的安全访问控制是微服务安全架构面临的关键问题.本文设计了一种柔性微服务安全访问控制框架,结合微服务API网关、轻量级微服务访问令牌构建方法以及柔性适配的微服务安全控制策略等特征,提高了微服务的柔性安全控制能力,经试验分析,代价更小,并在实际项目中验证了框架及方法的有效性.
中文关键词: 微服务API网关 服务访问令牌 柔性安全访问控制策略
Abstract:The microservice architecture facilitates the service decoupling of application services and the separation of the technology stack. However, more microservices also increase the frequency of stateless service invocation across processes. How to ensure secure service access control between stateless services while ensuring service performance is a key issue for the microservices security architecture. In this study, we design a flexible microservice security access control framework. Combining the features of microservice API gateway, the lightweight microservice token construction mechanism and the flexible adaptation of microservices security control strategy, we improve the flexible security control ability of microservice. After the experimental analysis, the cost is smaller, and the validity of the framework and the method is verified in the actual project.
文章编号: 中图分类号: 文献标志码:
基金项目:南瑞集团有限公司(国网电力科学研究院有限公司)科技项目“柔性微服务框架关键技术研究与应用”
引用文本:
刘一田,林亭君,刘士进.柔性微服务安全访问控制框架.计算机系统应用,2018,27(10):70-74
LIU Yi-Tian,LIN Ting-Jun,LIU Shi-Jin.Flexible Microservice Security Access Control Framework.COMPUTER SYSTEMS APPLICATIONS,2018,27(10):70-74
刘一田,林亭君,刘士进.柔性微服务安全访问控制框架.计算机系统应用,2018,27(10):70-74
LIU Yi-Tian,LIN Ting-Jun,LIU Shi-Jin.Flexible Microservice Security Access Control Framework.COMPUTER SYSTEMS APPLICATIONS,2018,27(10):70-74