Method and device for virtualizing tolerance intrusion based on cloud computing

Abstract

The invention discloses a method and a device for virtualizing tolerance intrusion based on cloud computing. The method comprises the following steps: creating 2F+1 copies by a copy manager in a physical node when a fault tolerance capacity of the system on the copies is F; setting F+1 copies into a movable state and other F copies into a suspended state; naming the copies in the movable state as the movable copies and the copies in the suspended state as passive copies; receiving a service request by the copy manager; carrying out the service request by the F+1 movable copies; and carrying out a majority voting algorithm to determine a correct result in F+1 execution results by the copy manager. According to the method, the errors of the F movable copies in the N=2F+1 copies can be tolerated, and compared with the traditional Byzantine fault tolerance algorithm, N=3F+1 copies are needed to tolerate the F wrong copies. Only F+1 movable copies are carried out under the condition of absence of intrusion, and the other copies are arranged in a passive mode, so that consumption of cloud platform resources is greatly reduced.

Description

technical field [0001] The invention relates to the fields of computer information security and virtualized cloud computing, in particular to a cloud computing-based virtualized intrusion-tolerant method and device. Background technique [0002] Cloud computing distributes computing tasks on a virtual resource pool composed of a large number of computers, enabling various application systems to obtain computing power, storage space and various software services as needed. The service integration and on-demand supply brought by cloud computing can significantly improve the utilization rate of computing resources, reduce the energy consumption of each service, and effectively shield computing resource errors. Cloud computing has the advantages of ultra-large scale, virtualization, high reliability, versatility, high scalability, on-demand service, and extremely cheap. However, cloud computing still faces the following problems: [0003] (1) Tolerance of data intrusion: The t...

AI Technical Summary

Problems solved by technology

[0004] (2) The intrusion tolerance of the cloud computing platform: In the cloud computing mode, all business processing will be completed on the server side, so the cloud computing platform becomes the core of intruder attacks; in addition, the cloud computing platform itself also faces various threats. For example, in the first half of 2010, Amazon cloud computing services failed due to human errors and unexpected power outages, resulting in a small number of users in the eastern United States losing their services and causing a very small amount of data loss.

Many research institutions and organizations at home and abroad mostly use techniques such as threshold cryptography, secret sharing, and distributed redundant replication on real hardware platforms to study intrusion tolerance; all of them require the system to have high computing power and high storage capacity, and these resources Generally, it cannot be divided and is designed for specific applications. Therefore, resource utilization is low, difficult to manage, and poor in versatility. In addition, the system also has high requirements for the number and quality of redundant components, and the recovery of redundant components seriously affects the availability of services.

Therefore, such a costly tolerated intrusion is unacceptable for cloud computing service providers and users, and is not suitable for cloud computing virtualization.

Images