CN110730082A - Simulated cloud platform based on domestic Loongson processor - Google Patents

Simulated cloud platform based on domestic Loongson processor Download PDF

Info

Publication number
CN110730082A
CN110730082A CN201910845055.5A CN201910845055A CN110730082A CN 110730082 A CN110730082 A CN 110730082A CN 201910845055 A CN201910845055 A CN 201910845055A CN 110730082 A CN110730082 A CN 110730082A
Authority
CN
China
Prior art keywords
processor
platform
cloud platform
bus
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910845055.5A
Other languages
Chinese (zh)
Inventor
方晓帆
雷建波
任艳
张科峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SOUTHWEST COMPUTER CO Ltd
Original Assignee
SOUTHWEST COMPUTER CO Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SOUTHWEST COMPUTER CO Ltd filed Critical SOUTHWEST COMPUTER CO Ltd
Priority to CN201910845055.5A priority Critical patent/CN110730082A/en
Publication of CN110730082A publication Critical patent/CN110730082A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • G06F13/42Bus transfer protocol, e.g. handshake; Synchronisation
    • G06F13/4204Bus transfer protocol, e.g. handshake; Synchronisation on a parallel bus
    • G06F13/4221Bus transfer protocol, e.g. handshake; Synchronisation on a parallel bus being an input/output bus, e.g. ISA bus, EISA bus, PCI bus, SCSI bus
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/40Constructional details, e.g. power supply, mechanical construction or backplane
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2213/00Indexing scheme relating to interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F2213/0024Peripheral component interconnect [PCI]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Abstract

The invention relates to the technical field of network cloud platforms, and discloses a simulated cloud platform based on a domestic Loongson processor, which comprises a hardware system, a software system and a safety protection system, wherein the hardware system comprises board-level equipment, a platform bus and a processor, and the board-level equipment comprises a CPU (Central processing Unit), a chipset, a timer and a Flash; the platform bus comprises PCI, USB and IDE; and the platform bus follows the style of UEFI bus drive. The invention can effectively defend DDoS attack by constructing an abnormal flow gathering layer in the system, sampling flow, analyzing protocol and processing flow; the behaviors of fragment attack, escape attack and the like can be effectively solved, and the safety of the cloud platform is improved; the system maintenance cost is reduced, convenience is provided for the expansion and the upgrade of a computer system, and the method has the advantages of modular structure, C language style and EFI drive model hardware operation mode.

Description

Simulated cloud platform based on domestic Loongson processor
Technical Field
The invention relates to the technical field of network cloud platforms, in particular to a simulated cloud platform based on a domestic Loongson processor.
Background
Turning to cloud computing, it is a significant change that the industry will face. The advent of various cloud platforms is one of the most important links to this transition. As the name implies, such a platform allows developers to either run written programs in the "cloud," use services provided in the "cloud," or both. As to the name of such a platform, we can now hear more than one name, such as an on-demand platform, platform as a service, etc.;
with the development of cloud computing technology, more and more enterprise organizations and data centers adopt cloud computing technology to provide cloud technology services. Cloud computing moves systems, data and programs originally stored on a terminal to a cloud end, so-called cloud storage, which requires a large amount of network storage equipment and systems.
The Loongson processor is a computer processor independently developed by Chinese, and through retrieval and patent with Chinese patent application number 201210083043.1, discloses a cloud storage system based on a Loongson 3A processor, which comprises a hardware system and a software system. One of the cloud storage systems based on the loongson 3A processor in the above patents has the following disadvantages: the system is lack of a safety management mechanism, and the cloud platform is low in computing safety performance.
Disclosure of Invention
The invention aims to solve the defects in the prior art, such as: the information security performance is low, and the proposed simulation cloud platform based on the domestic Loongson processor is provided.
In order to achieve the purpose, the invention adopts the following technical scheme:
the simulated cloud platform based on the domestic Loongson processor comprises a hardware system, a software system and a safety protection system, wherein the hardware system comprises board-level equipment, a platform bus and a processor, and the board-level equipment comprises a CPU (Central processing Unit), a chip set, a timer and a Flash; the platform bus comprises PCI, USB and IDE; and the platform BUS follows the style of UEFI BUS drive, and the drive modes comprise controller drive, BUS drive and equipment drive.
Preferably, the processor is a loongson 2F processor, and the processor is connected with the south bridge, the ethernet controller and the video card through a PCI bus, the processor provides at most 3 PCI device extensions to the outside, and provides a 2-way RS232 interface, a 4-way USB structure, a 1-way digital audio interface, a 1-way IDE interface and a 1-way LPC structure to the outside through the south bridge; the platform provides two paths of kilomega Ethernet ports to the outside through the Ethernet controller; and the platform provides two display interfaces of LVDS and VGA through the display card.
Preferably, the Flash is connected with the CPU through a Local BUS.
Preferably, the cloud platform uses PMON as the BIOS.
Preferably, the hardware system internally supports a PCD mechanism, a fault-tolerant write mechanism, a Human interface Infrastructure and a GPT partition format.
Preferably, the safety protection system comprises a hardware protection component and a software protection component, wherein the hardware protection component comprises a chassis, a safety protection processing board, a network exchange board, a power module and a back board; the software protection component comprises an application protection module, a network processing module, a network protection module, a user interface module, a safety interface control module and an authentication authorization module.
Preferably, the software protection component overall architecture comprises five call points, wherein the five call points are a link layer entry point, a network forwarding point, an application layer entry point, an application layer exit point and a link layer exit point, and different call points realize the call of the corresponding security function by hooking the security function module.
Compared with the prior art, the invention has the beneficial effects that:
(1) the cloud platform uses PMON as BIOS; the system maintenance cost is reduced, convenience is provided for expansion and upgrading of a computer system, and the system has the advantages of modular structure, C language style and EFI drive model hardware operation mode, so that the starting speed is increased, the expansibility is increased, and the operation interface is beautified.
(2) The invention passes the safety protection system; the DDoS attack can be effectively defended by constructing an abnormal flow gathering layer in the system, sampling flow, analyzing a protocol and processing flow; the behaviors of fragment attack, escape attack and the like can be effectively solved, and the safety of the cloud platform is improved.
(3) Setting five calling electricity, and realizing message preprocessing and decapsulation by a link layer entry point; the network forwarding point realizes the routing forwarding message encapsulation, the network layer access and the network attack defense of the message; the application layer entry point realizes the uploading of the message to the user interface module, the security access control module, the authentication authorization module and the application protection module; the application layer exit point realizes the issuing of the user interface module, the security access control module, the authentication authorization module and the application protection module message; the link layer egress point implements network switching and flow control.
Drawings
FIG. 1 is a block diagram of the cloud computing logic of the present invention;
fig. 2 is a schematic diagram of the safety protection system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
In the description of the present invention, it is to be understood that the terms "upper", "lower", "front", "rear", "left", "right", "top", "bottom", "inner", "outer", and the like, indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, are merely for convenience in describing the present invention and simplifying the description, and do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention.
Referring to fig. 1-2, the simulated cloud platform based on the domestic Loongson processor comprises a hardware system, a software system and a safety protection system; the hardware system comprises board-level equipment, a platform bus and a processor, wherein the board-level equipment comprises a CPU (Central processing Unit), a chip set, a timer and Flash; the platform bus comprises PCI, USB and IDE; the platform BUS follows the style of UEFI BUS driving, and the driving mode comprises controller driving, BUS driving and equipment driving; the processor base of the platform is not limited, in this embodiment, preferably, the processor is a loongson 2F processor, and the processor is connected with a south bridge, an ethernet controller, and a graphics card through a PCI bus, the processor provides a maximum of 3 PCI device extensions to the outside, and provides a 2-way RS232 interface, a 4-way USB structure, a 1-way digital audio interface, a 1-way IDE interface, and a 1-way LPC structure to the outside through the south bridge; the platform provides two paths of kilomega Ethernet ports to the outside through the Ethernet controller; the platform provides two display interfaces of LVDS and VGA through the display card; in this embodiment, preferably, the Flash is connected to the CPU through the Local BUS.
The cloud platform uses PMON as the BIOS, and in this embodiment, the preferred version of PMON is PMON 2000.
The hardware system internally supports a PCD mechanism, a fault-tolerant writing mechanism, a Human Interface infrastructure and a GPT partition format; the device mechanism effect is increased.
When the BUS architecture is changed, only the controller driving layer needs to be adapted, and the PCI driving mainly realizes the PCIHost bridge and the PCI BUS driving.
The safety protection system comprises a hardware protection component and a software protection component, wherein the hardware protection component comprises a case, a safety protection processing board, a network exchange board, a power supply module and a back board; the software protection component comprises an application protection module, a network processing module, a network protection module, a user interface module, a safety interface control module and an authentication authorization module.
In the invention, the overall architecture of the software protection component comprises five call points which are respectively a link layer entry point, a network forwarding point, an application layer entry point, an application layer exit point and a link layer exit point, and different call points realize the call of corresponding safety functions by hooking the safety function module.
Wherein, the link layer entry point realizes message preprocessing and decapsulation; the network forwarding point realizes the routing forwarding message encapsulation, the network layer access and the network attack defense of the message; the application layer entry point realizes the uploading of the message to the user interface module, the security access control module, the authentication authorization module and the application protection module; the application layer exit point realizes the issuing of the user interface module, the security access control module, the authentication authorization module and the application protection module message; the link layer egress point implements network switching and flow control.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.

Claims (8)

1. The simulated cloud platform based on the domestic Loongson processor comprises a hardware system, a software system and a safety protection system, and is characterized in that the hardware system comprises board-level equipment, a platform bus and a processor, wherein the board-level equipment comprises a CPU (Central processing Unit), a chipset, a timer and Flash; the platform bus comprises PCI, USB and IDE; and the platform BUS follows the style of UEFI BUS drive, and the drive modes comprise controller drive, BUS drive and equipment drive.
2. The simulated cloud platform based on the domestic Loongson processor of claim 1, wherein the processor is a Loongson 2F processor, and the processor is connected with a south bridge, an Ethernet controller and a graphics card through a PCI bus, the processor provides at most 3 PCI device extensions outwards, and provides a 2-way RS232 interface, a 4-way USB structure, a 1-way digital audio interface, a 1-way IDE interface and a 1-way LPC structure outwards through the south bridge; the platform provides two paths of kilomega Ethernet ports to the outside through the Ethernet controller; and the platform provides two display interfaces of LVDS and VGA through the display card.
3. The domestic Loongson processor-based simulated cloud platform of claim 2, wherein the Flash is connected to the CPU through a Local BUS.
4. The domestic Loongson processor-based simulated cloud platform of claim 3, wherein said cloud platform uses PMON as BIOS.
5. The domestic Loongson processor-based simulated cloud platform of any one of claims 1-4, wherein the hardware system internally supports PCD mechanisms, fault tolerant write mechanisms, Human Interface infrastructure, and GPT partition formats.
6. The domestic Loongson processor-based simulated cloud platform of claim 5, wherein the security protection system comprises a hardware protection component and a software protection component, the hardware protection component comprises a chassis, a security protection processing board, a network switch board, a power module and a backplane; the software protection component comprises an application protection module, a network processing module, a network protection module, a user interface module, a safety interface control module and an authentication authorization module.
7. The domestic Loongson processor-based simulated cloud platform of claim 6, wherein the software protection component overall architecture comprises five call points, the five call points being a link layer entry point, a network forwarding point, an application layer entry point, an application layer exit point and a link layer exit point, respectively.
8. The domestic Loongson processor-based simulated cloud platform of claim 7, wherein five of the call points realize the call of the corresponding security function by hooking a security function module.
CN201910845055.5A 2019-09-07 2019-09-07 Simulated cloud platform based on domestic Loongson processor Pending CN110730082A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910845055.5A CN110730082A (en) 2019-09-07 2019-09-07 Simulated cloud platform based on domestic Loongson processor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910845055.5A CN110730082A (en) 2019-09-07 2019-09-07 Simulated cloud platform based on domestic Loongson processor

Publications (1)

Publication Number Publication Date
CN110730082A true CN110730082A (en) 2020-01-24

Family

ID=69217956

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910845055.5A Pending CN110730082A (en) 2019-09-07 2019-09-07 Simulated cloud platform based on domestic Loongson processor

Country Status (1)

Country Link
CN (1) CN110730082A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102023880A (en) * 2010-11-04 2011-04-20 天津曙光计算机产业有限公司 Basic input/output system (BIOS) for godson blade
CN102331941A (en) * 2011-07-07 2012-01-25 曙光信息产业股份有限公司 Method for managing hard disk switching of Loongson mainboard
CN103365601A (en) * 2012-03-27 2013-10-23 山东超越数控电子有限公司 Cloud storage system based on Loongson 3A processor
CN106502706A (en) * 2016-11-10 2017-03-15 成都中嵌自动化工程有限公司 A kind of credible embedded computer and its collocation method based on Loongson processor
CN106991329A (en) * 2017-03-31 2017-07-28 山东超越数控电子有限公司 A kind of trust calculation unit and its operation method based on domestic TCM
US20190251288A1 (en) * 2012-07-22 2019-08-15 Virtual Viewbox, Llc ePHI-COMPLIANT GATEKEEPER SYSTEM AND METHODS

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102023880A (en) * 2010-11-04 2011-04-20 天津曙光计算机产业有限公司 Basic input/output system (BIOS) for godson blade
CN102331941A (en) * 2011-07-07 2012-01-25 曙光信息产业股份有限公司 Method for managing hard disk switching of Loongson mainboard
CN103365601A (en) * 2012-03-27 2013-10-23 山东超越数控电子有限公司 Cloud storage system based on Loongson 3A processor
US20190251288A1 (en) * 2012-07-22 2019-08-15 Virtual Viewbox, Llc ePHI-COMPLIANT GATEKEEPER SYSTEM AND METHODS
CN106502706A (en) * 2016-11-10 2017-03-15 成都中嵌自动化工程有限公司 A kind of credible embedded computer and its collocation method based on Loongson processor
CN106991329A (en) * 2017-03-31 2017-07-28 山东超越数控电子有限公司 A kind of trust calculation unit and its operation method based on domestic TCM

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
陈勇: "《龙芯嵌入式系统开发及应用实战》", 31 December 2016 *
马书磊,田洪娟,刘丰: "《一种基于龙芯平台的安全防护网关设计与实现》", 《信息网络安全》 *

Similar Documents

Publication Publication Date Title
CN1892586B (en) Centralized hot-pluggable video controller and redirectional logic unit
CN110535831A (en) Cluster safety management method, device and storage medium based on Kubernetes and network domains
CN103150279B (en) Method allowing host and baseboard management controller to share device
CN110209399A (en) FPGA service system, data processing method and storage medium
CN101765838B (en) Systems and methods for improving performance of a routable structure
CN107170474A (en) Expansible the storage box, computer implemented method and computer readable storage means
CN103955441B (en) Equipment management system, equipment management method and IO (Input/Output) expansion interface
CN103019788A (en) Remote online upgrading method based on CAN (Controller Area Network) bus
CN101091169B (en) Method, apparatus and system to generate an interrupt by monitoring an external interface
CN103685399A (en) Method, device and system for logging in Unix-like virtual container
CN102664953B (en) High flux distributed type simulation support platform, system and simulation method based on high level architecture (HLA)
CN102983989B (en) Removing method, device and equipment of server virtual address
CN104767741A (en) Calculation service separating and safety protecting system based on light virtual machine
CN108647534A (en) A kind of secure display system and method based on double isolation
CN103559162B (en) Method and host for positioning USB (universal serial bus) devices on HUB set
CN107168889A (en) A kind of method that Flash stores KVM channel informations inside utilization MCU
CN105184165B (en) For the process scheduling method of network attached storage system anti-virus
CN105429867B (en) A kind of pattern of fusion home gateway and its access method of application service
CN109800124A (en) CPU usage monitoring method, device, electronic equipment and storage medium
CN110730082A (en) Simulated cloud platform based on domestic Loongson processor
CN109408281A (en) Technology for headless server manageability and autonomous log recording
CN102902593A (en) Protocol distribution processing system based on cache mechanism
CN115033348B (en) Method, system, equipment and medium for unified management of virtual machine and container
CN109828719A (en) Magnetic disc control method, device and relevant device where commitLog file based on cloud monitoring
CN210899202U (en) Switching system of remote management module and trusted management module based on Loongson server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200124

RJ01 Rejection of invention patent application after publication