The Design And Implementation Of Unite Audit Platform Based On Cloud Architecture

There are many business systems in giant enterprises like mobilecommunication corporation. Those systems are often coupled through the uniquemain account. Thus the login logs, the operational logs and the logs from thehosts and databases can be easily collected in a uniform way. Then thecorporation can make intelligent audit analysis according to the behavior ofuser.With the increase of the number of the business systems and the expansionof users, the acquisition process of the former audit system based onrelational database will have a zombie and leakage easily with the increaseof the logs. When the audit data reaches a certain record magnitude, it willhave fuzzy query, the response of association analysis and retrieve becomesslower and the recurs a sharp drop in performance. However, the traditionaldata warehouse technology is very expensive (host, disk array), and not goodat processing unstructured audit data.Building a cloud audit platform with cloud architecture, we can make theacquisition system well scale up as a distributed acquisition paradigm. Wecan expand the collection entrance and introduce the concept of search engineat the same time, in order to achieve the purpose of optimizing the underlyingquery logic. We can solve the inefficient relating to security audit by cloudcomputing, and make the system dynamic expansion on the premise of the lowerhardware cost and less system maintenance costs.The structure of this paper is orgnized as follows:Part one: We analyze the system and the performance bottlenecks of theunified audit subsystem of the former4A system. We analyze the acquisitionmodule feign death situation,"Query inefficiencies",“The ability ofcorrelation analysis is poor”,"The ability of analyzing task concurrently is low","Large maintenance and high cost","The quantity of log is large”,“Data optimization effect is poor", etc.Part two: We briefly discussed for the design, and put forward thecorresponding solutions. We deploy the real-time/non real-time applicationsacquisition system dispersedly, solve the problem of acquisition subsystemfeign death. Data is stored using Hadoop as audit data distributed processingtechnology framework changes by way of storage, the changing structure of thestorage and analysis, retrieval framework adjustment; provide efficient andmulti-task concurrent data processing ability, using Solr technology toreplace the original iBatis framework. The improved query work, will be madeby the original "semi-automatic" ORM mapping query for upgrading to supportdistributed logging stored "full-text search engine. Audit analysis moduleadopts the more advanced graphs framework to replace the original Quartz timerscheduling technology. Implement part of intelligent early warning analysiscapabilities.Part three: We design the system in detail; introduce the detailed designof different functional modules; Show the different sub module part bear thewhat kind of functions and data flow process.Part four: We provide the implementation process in detail. We conductreview of detailed design to ensure the feasibility of the overall technicalarchitecture. The platform is realized by using the object-oriented Javalanguage both in the acquisition module and the WEB of business logic partof the module. As for the WEB frontend of the audit platform, we use JSP+CSS+javascript language to implement a uniformed interface.