本文選題：SSL協(xié)議　切入點(diǎn)：服務(wù)器集群　出處：《中南大學(xué)》2014年碩士論文　論文類型：學(xué)位論文

【摘要】：SSL (Secure Socket Layer,安全套接層)協(xié)議是用來保障網(wǎng)絡(luò)通信安全的協(xié)議,它被廣泛應(yīng)用于服務(wù)器集群系統(tǒng)中,為客戶端和服務(wù)器之間的通信提供安全的數(shù)據(jù)傳輸通道。但SSL協(xié)議復(fù)雜的認(rèn)證方案和加解密算法需占用大量服務(wù)器資源,將導(dǎo)致服務(wù)器性能下降。針對上述問題,本文主要對SSL服務(wù)器集群系統(tǒng)的性能進(jìn)行了優(yōu)化。主要工作如下： (1)由于集群的結(jié)構(gòu)決定了其性能級別,所以設(shè)計(jì)良好的服務(wù)器集群系統(tǒng)能夠極大地提高集群的整體性能。本文首先闡述了SSL服務(wù)器集群系統(tǒng)的整體架構(gòu),然后闡述了SSL服務(wù)器集群系統(tǒng)的總體功能,最后為了解決SSL服務(wù)器集群中正在處理客戶請求的節(jié)點(diǎn)突然崩潰而造成頻繁的SSL連接中斷問題,深入研究了SSL協(xié)議的連接恢復(fù)機(jī)制。在該連接恢復(fù)機(jī)制中能將建立的SSL握手過程的必要的會(huì)話參數(shù)存儲(chǔ)到數(shù)據(jù)庫中,當(dāng)服務(wù)器發(fā)生故障時(shí),能夠從數(shù)據(jù)庫中取出必要的會(huì)話參數(shù)。因此該連接恢復(fù)機(jī)制避免了重新建立一個(gè)完整的SSL連接,減少了不必要的SSL握手連接損耗,保障了SSL連接的穩(wěn)定性,從而讓服務(wù)器更高效地提供安全服務(wù)。 (2)為了提高SSL集群系統(tǒng)的處理能力和減少響應(yīng)時(shí)間,本文提出了基于服務(wù)與權(quán)值的負(fù)載均衡算法(Load balancing algorithm based on service and weights, SW-LBA)。首先請求轉(zhuǎn)發(fā)器利用epoll模型來接受客戶端的請求；然后服務(wù)器池中的各節(jié)點(diǎn)實(shí)時(shí)地收集自身的負(fù)載信息并周期性地動(dòng)態(tài)反饋至請求轉(zhuǎn)發(fā)器。接下來,請求轉(zhuǎn)發(fā)器通過節(jié)點(diǎn)的性能與其負(fù)載狀況相結(jié)合的方式來計(jì)算節(jié)點(diǎn)的負(fù)載量,并引入了RED(早期隨機(jī)檢測)技術(shù)來判定節(jié)點(diǎn)的負(fù)載狀況；最后通過不同的方式對靜態(tài)請求和動(dòng)態(tài)請求進(jìn)行目標(biāo)選擇。本文提出的算法綜合考慮了請求服務(wù)的類型、服務(wù)器的處理能力及服務(wù)器的真實(shí)負(fù)載狀況,因此能夠充分利用服務(wù)器集群的資源。 理論分析和實(shí)驗(yàn)分析表明,本文的研究成果能夠有效地提高SSL服務(wù)器集群的性能。圖24幅,表7個(gè),參考文獻(xiàn)59篇。
[Abstract]:SSL secure Socket layer (secure Socket layer) protocol is used to ensure the security of network communication. It is widely used in server cluster system. This paper provides a secure data transmission channel for the communication between client and server, but the complex authentication scheme and encryption and decryption algorithm of SSL protocol need a lot of server resources, which will lead to the deterioration of server performance. This paper mainly optimizes the performance of SSL server cluster system. The main work is as follows:. Because the structure of the cluster determines its performance level, the well-designed server cluster system can greatly improve the overall performance of the cluster. This paper first describes the overall architecture of the SSL server cluster system. Then the overall function of the SSL server cluster system is expounded. Finally, in order to solve the problem of frequent SSL connection interruption caused by the sudden collapse of the nodes processing customer requests in the SSL server cluster, The connection recovery mechanism of SSL protocol is deeply studied. In the connection recovery mechanism, the necessary session parameters of the established SSL handshake process can be stored in the database, when the server fails, The connection recovery mechanism avoids the re-establishment of a complete SSL connection, reduces the unnecessary loss of SSL handshake connection, and ensures the stability of the SSL connection. This allows the server to provide security services more efficiently. In order to improve the processing ability and reduce the response time of SSL cluster system, this paper proposes a load balancing algorithm based on service and weight, load balancing algorithm based on service and weight, SW-LBABA.First, the request transponder uses epoll model to accept client request; Then the nodes in the server pool collect their load information in real time and feed back periodically to the request repeater.; next, the request repeater calculates the load of the node by combining the performance of the node with its load condition. In addition, the red (early Random Detection) technique is introduced to determine the load status of the node. Finally, the static and dynamic requests are selected in different ways. The algorithm proposed in this paper considers the type of request service synthetically. The processing power of the server and the real load of the server can make full use of the resources of the server cluster. Theoretical analysis and experimental analysis show that the research results in this paper can effectively improve the performance of SSL server cluster.
【學(xué)位授予單位】：中南大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.05

【參考文獻(xiàn)】

相關(guān)期刊論文 前4條

1 楊際祥;譚國真;王榮生;;并行與分布式計(jì)算動(dòng)態(tài)負(fù)載均衡策略綜述[J];電子學(xué)報(bào);2010年05期

2 王霜,修保新,肖衛(wèi)東;Web服務(wù)器集群的負(fù)載均衡算法研究[J];計(jì)算機(jī)工程與應(yīng)用;2004年25期

3 丁曉飛;馬傳貴;;具有強(qiáng)安全性的三方口令認(rèn)證密鑰交換協(xié)議(英文)[J];計(jì)算機(jī)學(xué)報(bào);2010年01期

4 裴慶祺;馬建峰;龐遼軍;張紅斌;;基于身份自證實(shí)的秘密共享方案[J];計(jì)算機(jī)學(xué)報(bào);2010年01期

，

本文編號(hào)：1575840