基于SaaS模式的信息系统架构优化研究与应用

发布时间：2018-03-09 16:09

本文选题：SaaS体系架构　切入点：数据存储层　出处：《北京交通大学》2014年硕士论文　论文类型：学位论文

【摘要】：SaaS(Software as a Service)模式是云计算的三大模式之一,其具有多租户、可配置的特性,它的出现解决了传统的软件架构的扩展能力弱、资源共享差和结构单一等问题。在信息系统领域,SaaS模式的应用备受关注,但是由于在SaaS架构下,租户的所有数据信息均存储在服务提供商的共享数据库中,于是数据访问隔离、访问性能和访问控制安全等方面便成为租户最担心的问题,这也是制约SaaS发展的问题所在。因此针对SaaS信息系统架构中数据存储层和访问控制层的优化研究便成为必然。本文探讨了SaaS信息系统体系架构,重点研究体系架构中的数据存储层和访问控制层的设计模式,从整体上优化SaaS的体系架构。主要工作内容：(1)针对多租户数据的共享性、通用性和个性化特性分别设计了数据存储方案,基于传统的键值对存储模型提出了KVMBH(基于热点的元数据驱动的键值对存储模型)解决方案,将其应用到个性化数据的存储管理中,构建了整个SaaS环境下的数据存储模型,并从数据空间占用情况和使用率两方面验证了所提出方案的正确性。(2)对提出的数据存储模型分别建立索引机制,通过实验验证改进的数据模型在访问性能上的优越性。(3)从安全角度出发,提出了针对数据对象的MRBAC(基于角色多租户访问控制模型)访问控制解决方案。本文最后将改进的存储模型应用于数据存储层,MRBAC应用于访问控制层,构建改进的SaaS信息系统架构。实验中,将改进的SaaS架构应用于优秀教学评审系统中,给出了访问控制层实现功能介绍,并测试了改进的SaaS系统的访问性能,验证了改进架构在性能和安全上的有效性。
[Abstract]:The SaaS(Software as a Service (SaaS(Software as a Service) pattern is one of the three major models of cloud computing, with its multi-tenant, configurable features, and its emergence as a solution to the weak scalability of traditional software architectures. In the field of information system, the application of SaaS model has attracted much attention. However, in the SaaS framework, all the data information of the tenant is stored in the shared database of the service provider, so the data access is isolated. Access performance and access control security become the most worrying problem for tenants, which is also the problem that restricts the development of SaaS. Therefore, it is necessary to optimize the data storage layer and access control layer in the SaaS information system architecture. This paper discusses the architecture of SaaS information system, focuses on the design patterns of data storage layer and access control layer in the architecture, and optimizes the architecture of SaaS. Based on the traditional key-value pair storage model, the solution of KVMBH (key-value pair storage model based on hot spot metadata driven) is proposed. It is applied to the storage management of personalized data, and the data storage model of the whole SaaS environment is constructed. The correctness of the proposed scheme is verified in terms of the data space occupancy and the utilization rate. (2) the proposed data storage model is indexed separately. The advantage of the improved data model in access performance is verified by experiments. From the security point of view, the MRBAC (role-based multi-tenant access control model) access control solution for data objects is proposed. Finally, the improved storage model is applied to the access control layer of data storage layer, and the improved SaaS information system architecture is constructed. In the experiment, the improved SaaS architecture is applied to the excellent teaching evaluation system. The implementation function of the access control layer is introduced, and the access performance of the improved SaaS system is tested, which verifies the effectiveness of the improved architecture in performance and security.
【学位授予单位】：北京交通大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.09

【参考文献】