Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database ma...Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database management system (EDBMS). Through studying and analyzing the database security, to draw a series of securi ty rules, which reach B1, level security standard. Which includes discretionary access control (DAC), mandatory access control (MAC) and audit. The EDBMS implem ents functions of DAC, MAC and multigranularity audit. DAC solves the problems o f role inheritance, right contain, authorization identify and cascade revoke, et c; MAC includes subject and object security setup rule, security modify rule and multilevel relation access operation rule, etc; Audit allows making the sub ject, object or operation type as different audit object to implement flexible a nd multigranularity audit method. The model is designed act as a security agent to access daemon database. At present, the model is implemented which runs on th e Windows 2000 environments.展开更多
In a cloud-native era,the Kubernetes-based workflow engine enables workflow containerized execution through the inherent abilities of Kubernetes.However,when encountering continuous workflow requests and unexpected re...In a cloud-native era,the Kubernetes-based workflow engine enables workflow containerized execution through the inherent abilities of Kubernetes.However,when encountering continuous workflow requests and unexpected resource request spikes,the engine is limited to the current workflow load information for resource allocation,which lacks the agility and predictability of resource allocation,resulting in over and underprovisioning resources.This mechanism seriously hinders workflow execution efficiency and leads to high resource waste.To overcome these drawbacks,we propose an adaptive resource allocation scheme named adaptive resource allocation scheme(ARAS)for the Kubernetes-based workflow engines.Considering potential future workflow task requests within the current task pod’s lifecycle,the ARAS uses a resource scaling strategy to allocate resources in response to high-concurrency workflow scenarios.The ARAS offers resource discovery,resource evaluation,and allocation functionalities and serves as a key component for our tailored workflow engine(KubeAdaptor).By integrating the ARAS into KubeAdaptor for workflow containerized execution,we demonstrate the practical abilities of KubeAdaptor and the advantages of our ARAS.Compared with the baseline algorithm,experimental evaluation under three distinct workflow arrival patterns shows that ARAS gains time-saving of 9.8% to 40.92% in the average total duration of all workflows,time-saving of 26.4% to 79.86% in the average duration of individual workflow,and an increase of 1% to 16% in centrol processing unit(CPU)and memory resource usage rate.展开更多
文摘Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database management system (EDBMS). Through studying and analyzing the database security, to draw a series of securi ty rules, which reach B1, level security standard. Which includes discretionary access control (DAC), mandatory access control (MAC) and audit. The EDBMS implem ents functions of DAC, MAC and multigranularity audit. DAC solves the problems o f role inheritance, right contain, authorization identify and cascade revoke, et c; MAC includes subject and object security setup rule, security modify rule and multilevel relation access operation rule, etc; Audit allows making the sub ject, object or operation type as different audit object to implement flexible a nd multigranularity audit method. The model is designed act as a security agent to access daemon database. At present, the model is implemented which runs on th e Windows 2000 environments.
基金supported by the National Natural Science Foundation of China(61873030,62002019).
文摘In a cloud-native era,the Kubernetes-based workflow engine enables workflow containerized execution through the inherent abilities of Kubernetes.However,when encountering continuous workflow requests and unexpected resource request spikes,the engine is limited to the current workflow load information for resource allocation,which lacks the agility and predictability of resource allocation,resulting in over and underprovisioning resources.This mechanism seriously hinders workflow execution efficiency and leads to high resource waste.To overcome these drawbacks,we propose an adaptive resource allocation scheme named adaptive resource allocation scheme(ARAS)for the Kubernetes-based workflow engines.Considering potential future workflow task requests within the current task pod’s lifecycle,the ARAS uses a resource scaling strategy to allocate resources in response to high-concurrency workflow scenarios.The ARAS offers resource discovery,resource evaluation,and allocation functionalities and serves as a key component for our tailored workflow engine(KubeAdaptor).By integrating the ARAS into KubeAdaptor for workflow containerized execution,we demonstrate the practical abilities of KubeAdaptor and the advantages of our ARAS.Compared with the baseline algorithm,experimental evaluation under three distinct workflow arrival patterns shows that ARAS gains time-saving of 9.8% to 40.92% in the average total duration of all workflows,time-saving of 26.4% to 79.86% in the average duration of individual workflow,and an increase of 1% to 16% in centrol processing unit(CPU)and memory resource usage rate.
