Research On Management And Scheduling Technique Of Cryptographic Service Cloud

Currently,various solutions for cryptographic service in the cloud environment appeared one after another,but there is a problem of opacity and inconsistency about cryptographic service management architecture.The conception of cryptographic service cloud is proposed in this paper based on the summary of theory and technology about current cryptographic service with cloud service model.The cryptographic service cloud is a pattern for enabling network access to a scalable and flexible shared pools of physical and virtual cryptographic resources,including cryptographic computing resources,cryptographic middleware,and cryptographic applications.This article studies the service architecture,management scheduling technology,and system implementation of the cryptographic service cloud.The main research contents and innovations are as follows:1.An architecture of the cryptographic service cloud is proposed,aiming at the requirement of cryptographic management and service with cloud service model,virtualized sharing and centralized management of cryptographic resources are realized,and customized services are provided to cloud users on demand.Moreover,a key hierarchical protection strategy based on public-key cryptography is designed over the key management issue of the cryptographic service cloud,which provides security of keys for cryptographic service cloud users.2.A scheduler of virtual cipher machine based on entropy evaluation is put forward to improve the service quality and system performance of cryptographic service and system performance bottleneck in cloud service model.The scheduler extracts the changing characteristics of I/O throughput of cipher card in the process of task scheduling using the rotation optimization method.and comparing with the throughput threshold to determine whether to trigger the migration of virtual cipher machine or not.On the basis of statistics of the utilization of cryptographic service resource pool,the cloud cryptographic service capability is evaluated comprehensively based on entropy weight method,and the virtual cipher machine that prepared to migrate and target host are selected according to the comparison results of the comprehensive evaluation values before and after migration.The scheduler has excellent performance in load balancing and resource fairness.3.In order to verify the system performance advantage of cryptographic service cloud,a prototype system of cryptographic service cloud is designed and implemented based on OpenStack open source cloud platform.Based on the corresponding relationship between the cryptographic service cloud architecture and the functional components of the OpenStack cloud platform,a prototype system of cryptographic service cloud is constructed by combining management with optimal scheduling strategy.The performance advantages of the prototype system are verified by comparing clouded and non-clouded cryptographic service experiences of users.And the load balancing effect and algorithm efficiency of the virtual cipher machine scheduler are verified by experimental tests.Compared with the OpenStack native scheduler and the Entropy method,the virtual cryptographic machine scheduler has great advantages.