Design And Implementation Of Security Mechanism Of E-commerce Platform Based On Micro Service Architecture

In recent years,with the rapid development of information technology,software development technology is also changing.In addition to the traditional single application structure,microservice architecture has been widely used in enterprise application development,and microservice is becoming a research hotspot in the field of software development.Microservice,with its advantages of flexibility,decentralization,easy decoupling and fast development speed,has become the first choice for large enterprises.The basic guiding ideology of system development based on microservice architecture is to achieve functional decoupling to the greatest extent.However,from the perspective of the whole system,it is more complex under the micro service architecture,especially in the aspect of system security,it will face more problems.To ensure the security of the system is the prerequisite of the system application,so it is of great significance to study the security of the application under the micro service architecture.Taking the e-commerce procurement platform of a domestic enterprise as the project background,this paper discusses the security risks brought by the introduction of micro service architecture,and then puts forward the security requirements of the platform,and completes the design and implementation of the security scheme.For the user’s identity authentication and authentication,because each service is developed as an independent project under the microservice architecture,if all services need to deal with the user’s identity authentication and authorization,it is bound to increase the difficulty of application development and increase the complexity of system management.Therefore,how to realize the single sign on function is a problem to be solved.At the same time,for the access of some interfaces,there will be data encryption,data verification,replay attack protection and other security requirements.In addition,in order to ensure the smooth operation of the platform,the accurate control of the system flow should be realized.Finally,in order to find and check the system problems in time,we need to realize the monitoring function of micro service.Therefore,this paper studies the security mechanism of the platform under the micro service architecture.Based on the security hidden dangers faced by the above platform,the paper completes the main functions development work from the following aspects:(1)Build OAuth authentication server,users can complete login,authentication and access token operation through the authentication server,and realize the function of single sign on.(2)To build an API gateway,all requests to access the micro service must go through the gateway.After the gateway completes the validation of the request,it forwards it to the corresponding service,which can simplify the system logic.(3)For the interface security problem,AES encryption algorithm and RSA encryption algorithm are combined to encrypt and decrypt the data,and the signature mechanism is used to complete data verification to solve the problem of data security transmission in the front and rear.At the same time,the protection of replay attack is realized by using time stamp,signature and cache.(4)Alibaba’s Sentinel is used to realize the precise control of micro service traffic and the operation of fuse degradation.Finally,the effective monitoring of services is realized by using open source tools,including three aspects:index monitoring,log monitoring and call chain monitoring.After the completion of the system implementation,through functional verification and performance analysis,the feasibility of the scheme is proved,which can provide guarantee for the stable operation of the platform business.