| 一种基于iSCSI的对象存储安全系统的设计与实现 |
| |
| 引用本文: | 黄建忠,谢长生,朱光喜,吴伟. 一种基于iSCSI的对象存储安全系统的设计与实现[J]. 计算机科学, 2007, 34(4): 69-73 |
| |
| 作者姓名: | 黄建忠 谢长生 朱光喜 吴伟 |
| |
| 作者单位: | 华中科技大学数据存储教育部重点实验室,武汉430074;华中科技大学电子与信息工程系,武汉430074;华中科技大学数据存储教育部重点实验室,武汉430074;华中科技大学电子与信息工程系,武汉430074 |
| |
| 基金项目: | 国家重点基础研究发展计划(973计划) , 国家自然科学基金 |
| |
| 摘 要: | 随着应用的高速发展,性能高、安全性强的IP存储正成为网络存储领域的研究热点。本文针对这种情况,在OSD命令集的基础上,设计了一种基于iSCSI协议的专用对象存储安全系统(iSCSI-based Object Storage Security System,iOBS3)。借助iSCSI的块数据通道和OSD内置的安全策略,使得iOBS3同时具备块I/O的高速传输带宽和对象I/O的访问控制能力;通过在IP层加入IPSec协议,提高了iOBS3的传输安全性;在发起端和目标端同时采用零拷贝TCP机制,大幅度地提高了iOBS3的I/O带宽。实验结果显示,相对iSCSI,iONS3在保证安全性的同时,具有更高的传输速度。
|
| 关 键 词: | 存储安全性 对象存储 iSCSI 零拷贝TCP |
Design and Implementation of iSCSI-based Object Storage Security System |
| |
| HUANG Jian-Zhong,XIE Chang-Sheng,ZHU Guang-Xi,WU Wei. Design and Implementation of iSCSI-based Object Storage Security System[J]. Computer Science, 2007, 34(4): 69-73 |
| |
| Authors: | HUANG Jian-Zhong XIE Chang-Sheng ZHU Guang-Xi WU Wei |
| |
| Abstract: | With the rapid development of application, IP storage of high performance and strong security has become the research hotspot of networked storage. Aiming at the above issue, an iSCSI-based object storage security system (short for iOBS3) is designed according to the OSD commands. Firstly, incurring to the block I/O channel of iSCSI and the security method within OSD, iOBS3 can provide high-speed bandwidth of block I/O channel and access control capability of object I/O. Secondly, iOBS3 can enhance its transfer security by adopting IPSec protocol at IP protocol layer. Thirdly, iOBS3 greatly improves the I/O speed using zero-copy TCP both at initiator and target. The experimental result shows that iOBS3 can achieve higher throughput comparing with iSCSI, and insuring storage security at the same time. |
| |
| Keywords: | Storage security Object-based storage iSCSI Zero-copy TCP |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
|
