面向密码资源池的单任务高性能通信调度技术研究与实现

Research and Implementation of Single-Task High Performance Communications Scheduling Technology for Cryptographic Resource Pool

密码技术是保障网络与信息安全的核心技术和基础支撑。在云计算、大数据等新领域场景下,一般通过“密码资源池化”机制为密码应用提供按需分配及弹性扩展的密码服务功能。分组算法和杂凑算法的数据分组间存在依赖关系,只能进行串行密码运算,密码资源池较传统直连密码设备的服务模式,增加了一层网络通信调度开销,导致密码服务耗时显著增加。基于此,设计一种针对密码资源服务系统的动态网络通信调度机制和异步服务框架,实现网络通信与密码运算并行操作,缩短通信调度时延。结果表明,相较于直连密码设备,大包数据的性能损耗可以控制在10%以内。

Cryptography technology is the core technology and fundamental support for ensuring network and information security.In the scenarios of cloud computing,big data and other new fields,the cryptographic resource pooling mechanism is generally used to provide on-demand allocation and elastic extended cryptographic service for cryptographic applications.Because of the data group’s dependency relationship between grouping algorithm and hash algorithm,only serial cryptographic operations can be performed,so compared with the conventional service mode of directly connected cryptographic devices,overhead of network communication scheduling is added to cryptographic resource pooling,resulting in a significant increase in cryptographic service time cost.Based on this,this paper designs a dynamic network communication scheduling mechanism and an asynchronous service framework for cryptographic resource service systems,which achieve the parallel operation of network communication and cryptographic operation and shortens the communication scheduling delay.The results indicate that,compared to the mode of directly connected cryptographic devices,the performance loss of big packets of data can be controlled within 10%.