摘要
微服务架构实现了应用服务的业务解耦和技术栈分离,但更多的微服务也增加了进程间无状态服务调用频度,如何在保证服务性能的同时确保无状态服务之间的安全访问控制是微服务安全架构面临的关键问题.本文设计了一种柔性微服务安全访问控制框架,结合微服务API网关、轻量级微服务访问令牌构建方法以及柔性适配的微服务安全控制策略等特征,提高了微服务的柔性安全控制能力,经试验分析,代价更小,并在实际项目中验证了框架及方法的有效性.
The microservice architecture facilitates the service decoupling of application services and the separation of the technology stack. However, more microservices also increase the frequency of stateless service invocation across processes. How to ensure secure service access control between stateless services while ensuring service performance is a key issue for the microservices security architecture. In this study, we design a flexible microservice security access control framework. Combining the features of microservice API gateway, the lightweight microservice token construction mechanism and the flexible adaptation of microservices security control strategy, we improve the flexible security control ability of microservice. After the experimental analysis, the cost is smaller, and the validity of the framework and the method is verified in the actual project.
作者
刘一田
林亭君
刘士进
LIU Yi-Tian;LINT Ting-Jun;LIU Shi-Jin(NARI Group Corporation(State Grid Electric Power Research Institute),Nanjing 211106,China;College of Energy and Electrical Engineering,Hohai University,Nanjing 210003,China)
出处
《计算机系统应用》
2018年第10期70-74,共5页
Computer Systems & Applications
基金
南瑞集团有限公司(国网电力科学研究院有限公司)科技项目"柔性微服务框架关键技术研究与应用"~~
