基于云计算的企业即时通信应用部署方案
|
摘要
移动互联时代,大部分第三方即时通信类软件使用者不能完全掌握聊天数据,易造成数据被分析等安全问题。针对企业级即时通信安全问题,提出一套利用云计算特性的即时通信系统。系统采用C/S模式,服务器部署在云端,能够使用户独立部署系统,做到服务器私有,数据信息加密保存,客户端包含移动端和桌面端,数据加密传输。通过常见攻击手段安全分析和系统性能分析,验证了系统安全性与可靠性。该系统已上线使用且运行良好。
In the era of mobile Internet,cloud applications have become a trend. For the security of enterprise-level instant messaging tools,users of most third-party instant messaging software cannot fully grasp the chat data,which is likely to cause security problems such as data analysis. This paper proposes an instant messaging system that uses cloud computing capabilities. The system uses C/S mode and the server is deployed in the cloud. It enables users to deploy the system independently. The server is private and the data is saved with secrecy. The client includes the mobile device and the desktop,and encrypted data is transmitted safely. The security and reliability of the system are verified by the security analysis and performance analysis of common attack methods. The system is already in use and functioning properly.
In the era of mobile Internet,cloud applications have become a trend. For the security of enterprise-level instant messaging tools,users of most third-party instant messaging software cannot fully grasp the chat data,which is likely to cause security problems such as data analysis. This paper proposes an instant messaging system that uses cloud computing capabilities. The system uses C/S mode and the server is deployed in the cloud. It enables users to deploy the system independently. The server is private and the data is saved with secrecy. The client includes the mobile device and the desktop,and encrypted data is transmitted safely. The security and reliability of the system are verified by the security analysis and performance analysis of common attack methods. The system is already in use and functioning properly.
引文
[1]丘群业.企业私有云计算基础架构研究与设计[D].广州:华南理工大学,2012.
[2]MELL P,GRANCE T.Sp 800-145.The NIST definition of cloud computing[M].Gaithersburg:National Institute of Standards and Technology,2011.
[3]刘玮,王丽宏.云计算应用及其安全问题研究[J].计算机研究与发展,2012,49(S2):186-191.
[4]中国信息通信研究院.云计算发展白皮书(2018)[EB/OL].http://www.caict.ac.cn/kxyj/qwfb/bps/201808/t20180813_181718.htm.
[5]涂伟,甘丽新,蒋科蔚,等.基于云计算模式的电子商务安全研究[J].商业时代,2010(36):31+54.
[6]高鹏宣,薛丹,王晓.云计算及物联网技术在智慧城市中的应用[J].电子技术与软件工程,2018(18):1.
[7]徐泉,王良勇,刘长鑫.工业云应用与技术综述[J].计算机集成制造系统,2018,24(8):1887-1901.
[8]白晓飞.基于企业视角的微信应用现状分析与对策研究[J].中国新通信,2018,20(7):85.
[9]宋昱.一种高性能即时通讯服务系统的设计[J].软件,2016,37(12):180-183.
[10]徐文莉,熊燕,李燕.P2P即时通信系统关键技术研究及应用[J].软件导刊,2017,16(9):151-153+157.
[11]赵向兵,张景安.Linux平台即时通信系统的研究与开发[J].软件,2017,38(2):23-27.
[12]MANEKAR S,BORKAR P,HIRWANI V.A review on instant messaging system based on cloud for smart phone[C].2017 International Conference on Inventive Systems and Control(ICISC),2017:1-5.
[13]张建勋,古志民,郑超.云计算研究进展综述[J].计算机应用研究,2010,27(2):429-433.
[14]罗军舟,金嘉晖,宋爱波,等.云计算:体系架构与关键技术[J].通信学报,2011,32(7):3-21.
[15]吕思思,焦金金,祁建松,等.云服务在高校实验教学系统建设中的应用[J].软件导刊,2016,15(8):197-200.
[16]刘欢欢,麻志毅,陈泓婕.基于PaaS的云应用软件部署环境的元模型[J].计算机科学,2015,42(10):45-49+80.
[17]陆慧娟,安春霖,程倬,等.基于SaaS和CSCW的车货匹配系统研究与应用[J].华中科技大学学报:自然科学版,2012,40(S1):324-327.
[18]甄平,赵耿,闵乐泉,等.一种基于身份的前向安全数字签名方案[J].计算机应用与软件,2015,32(11):289-292.
[19]王正才,杨世平.抗重放攻击认证协议的设计原则和方法研究[J].计算机工程与设计,2008(20):5163-5165+5170.
[20]贾静,薛质.SSL中间人攻击原理与防范[J].信息安全与通信保密,2007(4):103-105.
[2]MELL P,GRANCE T.Sp 800-145.The NIST definition of cloud computing[M].Gaithersburg:National Institute of Standards and Technology,2011.
[3]刘玮,王丽宏.云计算应用及其安全问题研究[J].计算机研究与发展,2012,49(S2):186-191.
[4]中国信息通信研究院.云计算发展白皮书(2018)[EB/OL].http://www.caict.ac.cn/kxyj/qwfb/bps/201808/t20180813_181718.htm.
[5]涂伟,甘丽新,蒋科蔚,等.基于云计算模式的电子商务安全研究[J].商业时代,2010(36):31+54.
[6]高鹏宣,薛丹,王晓.云计算及物联网技术在智慧城市中的应用[J].电子技术与软件工程,2018(18):1.
[7]徐泉,王良勇,刘长鑫.工业云应用与技术综述[J].计算机集成制造系统,2018,24(8):1887-1901.
[8]白晓飞.基于企业视角的微信应用现状分析与对策研究[J].中国新通信,2018,20(7):85.
[9]宋昱.一种高性能即时通讯服务系统的设计[J].软件,2016,37(12):180-183.
[10]徐文莉,熊燕,李燕.P2P即时通信系统关键技术研究及应用[J].软件导刊,2017,16(9):151-153+157.
[11]赵向兵,张景安.Linux平台即时通信系统的研究与开发[J].软件,2017,38(2):23-27.
[12]MANEKAR S,BORKAR P,HIRWANI V.A review on instant messaging system based on cloud for smart phone[C].2017 International Conference on Inventive Systems and Control(ICISC),2017:1-5.
[13]张建勋,古志民,郑超.云计算研究进展综述[J].计算机应用研究,2010,27(2):429-433.
[14]罗军舟,金嘉晖,宋爱波,等.云计算:体系架构与关键技术[J].通信学报,2011,32(7):3-21.
[15]吕思思,焦金金,祁建松,等.云服务在高校实验教学系统建设中的应用[J].软件导刊,2016,15(8):197-200.
[16]刘欢欢,麻志毅,陈泓婕.基于PaaS的云应用软件部署环境的元模型[J].计算机科学,2015,42(10):45-49+80.
[17]陆慧娟,安春霖,程倬,等.基于SaaS和CSCW的车货匹配系统研究与应用[J].华中科技大学学报:自然科学版,2012,40(S1):324-327.
[18]甄平,赵耿,闵乐泉,等.一种基于身份的前向安全数字签名方案[J].计算机应用与软件,2015,32(11):289-292.
[19]王正才,杨世平.抗重放攻击认证协议的设计原则和方法研究[J].计算机工程与设计,2008(20):5163-5165+5170.
[20]贾静,薛质.SSL中间人攻击原理与防范[J].信息安全与通信保密,2007(4):103-105.