期刊文献+

基于容器的安全接入虚拟化 被引量:1

Virtualization of Secure Access Device Based on Container
下载PDF
导出
摘要 面对电力系统中信息网络、互联网边界海量电力物联网终端的访问需求,针对传统安全接入边界各类装置实现方法资源分配不均、兼容性差、扩展性差以及性能瓶颈等问题,提出一种基于容器的安全接入虚拟化模型。该模型采用DPDK高性能数据包处理框架、成熟容器集群管理框架、服务计算节点编排等关键技术,将数据平面与控制平面完全分离,构建独立的数据虚拟化转发平面,并采用SR-IOV技术实现硬件资源的虚拟化和统一调度管理,将安全接入能力服务化。基于该模型的安全接入装置集群具有高性能、高可用、灵活编排、可扩展性强等优势。实验结果表明,该模型方法能够高效合理利用硬件资源,大幅提升电力系统边界安全接入的效率。 Facing the access requirements of massive power Internet of Things terminals at the information network and Internet boundary in power system,aiming at the problems of uneven resource allocation,poor compatibility,poor scalability and performance bottleneck of various devices at the traditional secure access boundary,a secure access virtualization model based on container is proposed,which adopts DPDK high-performance packet processing framework,mature container cluster management framework,service computing node arrangement and other key technologies completely separate the data plane from the control plane,build an independent data virtualization forwarding plane,and use SR-IOV technology to realize the virtualization of hardware resources and unified scheduling management,and service the security access capability. The security access device cluster based on this model has high performance,high availability,flexible arrangement and strong scalability. The experimental results show that the model can make efficient and rational use of hardware resources and greatly improve the efficiency of power system boundary security access.
作者 纪元 郑卫波 王梓 JI Yuan;ZHENG Wei-bo;WANG Zi(NARI Group Corporation(State Grid Electric Power Research Institute Co.,Ltd.),Nanjing 210003,China;Nanjing NARI Information&Communication Technology Co.,Ltd.,Nanjing 210003,China)
出处 《计算机与现代化》 2022年第9期106-110,118,共6页 Computer and Modernization
基金 南瑞集团有限公司科技项目资助(5246DR200052)。
关键词 虚拟化 容器 计算节点 转发平面 安全接入 virtualization container compute node forwarding plane secure access
  • 相关文献

参考文献5

二级参考文献134

  • 1徐慧,姜恒,杨林.PF_RING高效数据包捕获技术研究与设计[J].计算机科学,2012,39(S2):88-89. 被引量:5
  • 2王佰玲,方滨兴,云晓春.零拷贝报文捕获平台的研究与实现[J].计算机学报,2005,28(1):46-52. 被引量:67
  • 3Cisco.Cisco Visual Networking Index:Forecast and Methodology,2013-2018.2013.
  • 4Stanford University.Clean slate program.2006.http://cleanslate.stanford.edu/.
  • 5McKeown N.Software-Defined metworking.In:Proc.of the INFOCOM Key Note.2009.http://infocom2009.ieee-infocom.org/ technicalProgram.htm.
  • 6McKeown N,Anderson T,Balakrishnan H,Parulkar G,Peterson L,Rexford J,Shenker S,Turner J.OpenFlow:Enabling innovation in campus networks.ACM SIGCOMM CCR,2008,38(2):69-74.[doi:10.1145/1355734.1355746].
  • 7MIT Technology Review.10 breakthrough technologies,TRIO:Software-defined networking.2009.http://www2.technology review.com/article/412194/trl0-software-defined-networking/.
  • 8Jain R.Internet 3.0:Ten problems with current Internet architecture and solutions for the next generation.In:Proc.of the IEEE MILCOM.2006.1-9.[doi:10.1109/MILCQM.2006.301995].
  • 9Nunes BAA,Mendonca M,Nguyen XN,Obraczka K,Turletti T.A survey of software-defined networking:Past,present,and future of programmable networks.IEEE Communications Surveys and Tutorials,2014,16(3):1617-1634.[doi:10.1109/SURV.2014.012214.00180].
  • 10Tennenhouse DL,Wetherall DJ.Towards an active network architecture.In:Proc.of the IEEE DARPA Active Networks Conf.and Exposition.2002.2-15.[doi:10.1109/DANCE.2002.1003480].

共引文献468

同被引文献12

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部