Method and system for preventing attacks during private cloud object storage
An attacked, cloud object technology, applied in transmission systems, electrical components, etc., can solve problems such as denial of service, consumption of traffic, and occupation of server bandwidth, to avoid denial of service, reduce traffic waste, and prevent interface abuse.
Inactive Publication Date: 2016-11-16
LETV HLDG BEIJING CO LTD +1
View PDF4 Cites 2 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0004] In the private cloud application scenario, because no charging policy is adopted for internal customers, the back-end storage service often has API interface abuse. For example, in order to obtain whether an object exists, perform a list operation on the entire bucket to obtain the entire bucket. Object list, this kind of list operation usually requires the back-end storage cluster to send a lot of content to the caller, occupying the server bandwidth, usually charged according to the traffic in the public business, and this kind of list operation is very traffic-intensive
Another scenario is that if a private cloud user suffers from an external attack, he will send a large number of data upload and download requests to the storage server, causing the back-end cluster to be overwhelmed, and even unable to provide services for normal users, that is, denial of service
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0024] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with specific embodiments. It should be understood that these descriptions are exemplary only, and are not intended to limit the scope of the present invention. Also, in the following description, descriptions of well-known structures and techniques are omitted to avoid unnecessarily obscuring the concept of the present invention.
[0025] figure 1 It is a flow chart of the method for preventing attacks in private cloud object storage in the present invention.
[0026] Such as figure 1 As shown, the method for preventing attacks in the private cloud object storage includes the following steps, step S1 and step S2.
[0027] Step S1, the intermediate server invokes the access interface to access the object in the storage server according to the access authority of the client, and sends the access...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention provides a method for preventing attacks during private cloud object storage. The method comprises the following steps that: an intermediate server calls an access interface to access objects in a storage server according to access permission of clients, and transmits an access result to corresponding clients; and when that the calling times of a certain client specific to the access interface reach a predetermined upper limit value is detected, the intermediate server disables the access permission of the client. The invention also provides a system for preventing attacks during private cloud object storage. Through adoption of the method and system for preventing attacks during private cloud object storage, interface abuse is prevented; traffic waste caused by bucket list operations is reduced; and the phenomenon that the system rejects services is avoided.
Description
technical field [0001] The invention relates to the technical field of cloud object storage, in particular to a method and system for preventing attacks in private cloud object storage. Background technique [0002] Object storage has received widespread attention in the tide of the Internet and has developed rapidly. Object storage is different from file storage in that objects are not organized in a directory hierarchy. Each object is located at the same level of a flat space called a storage pool, and each element of each level has a unique identifier in the storage system, and users access the container or object through this identifier. The flat data organization structure discards nested folders and avoids maintaining huge directory trees. In the era of big data and the Internet, more than one million files / objects are stored, and the number of visits and concurrent visits per unit time have reached an unprecedented level. In this case, the directory tree will bring ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0281H04L63/10H04L63/1458H04L67/1097
Inventor 吴兴义
Owner LETV HLDG BEIJING CO LTD