Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Container cloud safety protection method and system constructed on basis of Kubernetes

A security protection and container technology, applied in the field of network security, can solve the problems of microservice protection not working, unable to detect and intercept attacks, unable to provide microservices, etc., to achieve enhanced traceability, convenient troubleshooting, and easy The effect of operation and maintenance

Inactive Publication Date: 2019-02-15
李斌
View PDF5 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Based on the container cloud built on Kubernetes, the system itself provides three authentication methods: CA authentication, Token authentication and Base authentication to protect the system itself from attacks and ensure the security of system components, but for the microservices deployed in the container cloud The protection does not work. If the attack only launches a traffic attack or other penetration attack against one or more of these microservices, the existing security technology of the Kubernetes cluster cannot detect and intercept the attack. It is easy for the attacker to Just bypass the existing security policies to carry out various attacks on the system, paralyze the cluster services, and fail to provide normal microservices. This is also where the container cloud built by Kubernetes is insufficient.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Container cloud safety protection method and system constructed on basis of Kubernetes
  • Container cloud safety protection method and system constructed on basis of Kubernetes

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The specific embodiments of the present invention will be further described below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention. The scope of the invention is limited only by the claims and the invention encompasses numerous alternatives, modifications and equivalents. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. These details are provided for the purpose of example and the invention may be practiced according to the claims without some or all of these specific details.

[0022] figure 1 A schematic flow diagram of a container cloud security protection method and system based on Kubernetes provided by an embodiment of the present invention, including:

[0023] S101. Receive a request from a client t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a container cloud safety protection method and system constructed on basis of Kubernetes. The method comprises the steps of: adding a safety protection system into a Kubernetescontainer cloud, and when clients access microservices on the container cloud, by the protection system, firstly carrying out first traffic cleaning of a transmission layer on a request; then forwarding to an application layer protection system to carry out second traffic cleaning, and forwarding traffic after cleaning to the corresponding microservices; and simultaneously collecting all access logs, then identifying abnormal access behaviors and attack sources by intelligent analysis on the logs, generating a protection strategy, issuing the protection strategy to a protection subsystem, intercepting attacks and completing third traffic cleaning. The container cloud safety protection method and system implement: 1, a deep protection system of an IP layer, the transmission layer and an application layer; 2, intelligent generation and issuing of the protection strategy and linkage of the protection strategy with the protection system; and 3, containerization of safety components and the advantages of rapid deployment, easiness for expansion, easiness for operation and maintenance and the like. The container cloud safety protection method and system are applicable to safety protection of the microservices on the Kubernetes container cloud.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a security protection method and system for a container cloud built on the basis of Kubernetes. Background technique [0002] Based on the container cloud built on Kubernetes, the system itself provides three authentication methods: CA authentication, Token authentication and Base authentication to protect the system itself from attacks and ensure the security of system components, but for the microservices deployed in the container cloud The protection does not work. If the attack only launches a traffic attack or other penetration attack against one or more of these microservices, the existing security technology of the Kubernetes cluster cannot detect and intercept the attack. It is easy for the attacker to Just bypass the existing security policies to carry out various attacks on the system, paralyze the cluster services, and fail to provide normal micros...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/101H04L63/1416H04L63/1425H04L63/1441
Inventor 关键李斌
Owner 李斌
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com