Research On Safety Protection Technology Of Life Cycle Data Integration Platform For The EMU

At present,China has entered the era of big data.The large data platform has also been widely used in various fields,Such as Hadoop and so on.With the large-scale data platform to promote and apply,the security issues are getting more and more attention,especially the enterprise big data.The whole life cycle data integration platform of the EMU is a data monitoring platform that based on Hadoop cluster,which contains multiple service components.It monitors the mass train manufacturing sensitive data through large data analysis technology to ensure the safety of the EMU manufacturing process produce.However,the security authentication mechanism of the Hadoop platform is still flawed.The authorization of the service components in the integrated platform is also fragmented and difficult to manage.Therefore,it is very important to deepen the research on the security authentication technology of the data integration platform and construct the unified authorization management and auditing system of the service components in the platform to ensure the stability and reliability of the platform.This paper researches and designs the safety protection technology of the EMU integrated life cycle data integration platform,the CA-based security authentication design scheme is proposed,and the unified authorization management and authorization audit of each component is realized.The main work of this paper can be divided into the following points;(1)Through the analysis of the existing security mechanism of Hadoop cluster and the security mechanism of each component in the cluster,a protection mechanism based on C A certification center for security authentication of large data integration platform is proposed.And the operational efficiency has been greatly improved;at the same time to ensure the safety of data transmission,the use of symmetric encryption is for data security transmission.(2)Combining project requirements,this article is based on Ranger open source components to achieve a fine granularity of the authorization function and components of the authorization to conduct a unified management,for example HDFS,HBase,Hive and so on.Through the development of authorization strategy,HBase,Hive and other components can be fine-grained to the column,the field of service authorization.(3)On the basis of building a unified authorization management,in order to ensure the security of the authorization,this paper conducts the security audit of the user access service resources and the security management personnel to the operation of the authorization strategy to ensure the legitimacy and reliability of the authorization.