基于REST的信息系统云服务平台的设计与实现

发布时间：2018-02-24 14:15

本文关键词： 云服务访问控制业务流程 RESTful 安全　出处：《华南理工大学》2014年硕士论文　论文类型：学位论文

【摘要】：当前IT市场的云计算、移动应用、web应用都在不断发展，而三者之间的结合却处于初级阶段。如何通过云计算模式，实现这三者更好的结合？这里面包含几个方面的问题：提供什么样的云服务？怎样设计云服务？如何简单、安全地获取所需服务？本文以企业应用、非企业应用两类应用开发者的实际需求和学术研究为出发点，深入的分析和研究了以上几个问题。提供什么样的云服务？从大的分类来说，云服务包括3种：IaaS、PaaS、SaaS，分别强调给使用者直接提供硬件、应用开发系统、应用软件三个不同级别的服务，本论文意在研究云计算、移动应用、web应用之间的结合问题，选择云模式的应用开发系统（PaaS）、应用软件（SaaS），作为突破口。根据实际需求，实现了一个信息系统云服务平台：提供组织管理服务；提供云存储服务，包括灵活的无模式结构化数据存储，以及文件存储；提供企业信息建设应用广泛的业务流程管理系统。怎样设计云服务？本系统在数据层采用开源云计算平台MongoDB，支撑平台上层逻辑,对于多租户模式，选择“共享数据库，共享数据架构”的方案下，使用租户栏位实现租户数据隔离；针对基于云平台开发的应用的最终用户，分别设计了结构化数据资源、文件资源的二级访问控制模型；采用GWT实现web版平台后端管理系统；集成开源工作流引擎activiti，业务流程管理系统云服务化，使平台租户能够轻松实现业务流程应用。如何简单、安全地获取所需服务？本文分两个方面介绍这个问题的解决方案：如何简单地获取服务？采用开放接口的形式，对外提供RESTful API，，本文创造性的设计了具有强表达力的接口设计模式，能够方便的获取所需的服务资源；如何保障传输的安全？针对REST本身的安全机制不够完善，容易被重放攻击，本文结合REST的特点，为RESTfulAPI提出能够完全避免重放攻击、确保信息完整性、机密性的安全服务模型。在应用实例方面，以该平台租户的身份，租用平台功能，实现了一个带工作流功能的企业内部通信工具。该用例表明本文设计的信息系统云服务平台有着良好的可用性。最后，对该服务平台有待继续深入探讨和实践的研究方向进行展望。
[Abstract]:The current IT market cloud computing, mobile applications and web applications are constantly developing, but the integration of the three is in the initial stage. How to achieve a better combination of these three through the cloud computing model? There are several aspects to this question: what kind of cloud services do you offer? How to design cloud services? How can I simply and safely obtain the required services? Based on the actual needs and academic research of two kinds of application developers, enterprise application and non-enterprise application, this paper analyzes and studies the above problems. What kind of cloud services are available? From the big classification, the cloud service includes three kinds of different levels of service, such as providing hardware, application development system and application software directly to the user. This paper aims to study cloud computing, and the purpose of this paper is to study cloud computing. Based on the integration of mobile applications and web applications, the application development system based on cloud pattern, Paa Sine, and the application software, Saa Sine, are selected as the breakthrough points. According to the actual requirements, a cloud service platform of information system is implemented: to provide organization and management service; Provide cloud storage services, including flexible schema-less structured data storage, as well as file storage; provide enterprise information construction and widely used business process management system. How to design cloud services? This system adopts the open source cloud computing platform MongoDB in the data layer, supports the upper layer logic of the platform, for the multi-tenant mode, chooses the "shared database, shared data structure" scheme, uses the tenant field to realize the tenant data isolation; For the end-users of the application based on cloud platform, the two-level access control model of structured data resources and file resources is designed, and the back-end management system of web platform is implemented by GWT. With the integration of open source workflow engine activitiand cloud service of business process management system, platform tenants can easily implement business process application. How can I simply and safely obtain the required services? This article introduces the solution to this problem in two aspects: how to simply access services? Using the form of open interface to provide RESTful API, this paper creatively designs an interface design pattern with strong expressiveness, which can easily obtain the required service resources; how to ensure the security of transmission? In view of the imperfect security mechanism of REST itself, it is easy to be attacked by replay. Combined with the characteristics of REST, this paper proposes a security service model for RESTfulAPI, which can completely avoid replay attacks and ensure the integrity and confidentiality of information. In the application example, as the tenant of the platform and the function of renting the platform, a communication tool within the enterprise with workflow function is implemented. The use case shows that the cloud service platform designed in this paper has good usability. Finally, the research direction of the service platform needs to be further discussed and practiced.
【学位授予单位】：华南理工大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.09

【参考文献】