针对云计算应用下多租户系统(MTS)对用户访问进行隔离的问题进行了深入研究,提出了基于身份映射的账号关联模型,形式化地定义了隔离的概念并分析了系统实现隔离访问的充要条件.在此基础上,针对系统设计的低开销和高资源利用率这两个目标建立了模型的目标函数并给出了解决算法.此算法根据系统运行的动态信息选择代价小的映射实现用户隔离访问,并根据实际资源需求量释放冗余资源.实验结果表明,此模型能够以更低的时间开销和更高效的资源利用来实现用户隔离,在提高系统性能上取得了很好的效果.%Based on the thorough study of the user access isolation of multi -tenant systems in cloud computation applications , the paper presents an account related model based on identity mapping, gives the formalized defintion of the isolation conception, and analyzes the prerequisites for isolation. And then, according to the designed objectives of lowest overhead and highest resource utilization, the objective function of the proposed model is established and its efficient solution (algorithm) is provided. The algorithm tries to select the mapping operation with lowest overhead to implement isolation based on system runtime information of mapping and resource usage, and tries to release redundant resources according to actual usage requirements. The experimental results show the model can achieve user access isolation with the better performance improvement by efficiently reducing system overhead and enhancing resource utilization.
展开▼
