Rimwe zuva takagamuchira chikumbiro che cloud services. Isu takatsanangura mune zvakajairika izvo zvaizodiwa kwatiri uye takadzosera rondedzero yemibvunzo kuti ijekese ruzivo. Ipapo takaongorora mhinduro tikaona: mutengi anoda kuisa data yega yechikamu chechipiri chekuchengetedza mugore. Isu tinomupindura: "Une yechipiri nhanho yedata rako, urombo, isu tinogona chete kugadzira yakavanzika gore." Uye iye: "Unoziva, asi mukambani X vanogona kutumira zvese kwandiri pachena."
Mufananidzo naSteve Crisp, Reuters
Zvinhu zvinoshamisa! Takaenda kuwebhusaiti yekambani X, tikadzidza magwaro avo etifiketi, tikadzungudza misoro yedu tikaziva: kune yakawanda mibvunzo yakavhurika mukuiswa kwedata remunhu uye inofanirwa kunyatsogadziriswa. Ndizvo zvatichaita munyaya ino.
Zvinhu zvose zvinofanira kushanda sei
Kutanga, ngationei kuti ndeapi maitiro anoshandiswa kurongedza data remunhu seimwe kana imwe nhanho yekuchengetedza. Izvi zvinoenderana nechikamu che data, nhamba yezvidzidzo zveiyi data inochengetwa nemushandisi uye maitiro, pamwe nerudzi rwekutyisidzira kwazvino.
Mhando dzekutyisidzira kwazvino dzinotsanangurwa mukati yaNovember 1, 2012 "Pakubvumidzwa kwezvinodiwa zvekuchengetedzwa kwedata remunhu panguva yekugadziriswa kwavo mumasisitimu edata remunhu":
"Type 1 kutyisidzira kwakakodzera kune ruzivo system kana ichisanganisira kutyisidzira kwazvino zvine chekuita ne nekuvapo kwezvisina kunyorwa (zvisina kuziviswa) kugona mune system softwareinoshandiswa muhurongwa hwemashoko.
Kutyisidzira kwerudzi rwechipiri kwakakosha kune system yeruzivo kana iyo, kusanganisira kutyisidzira kwazvino zvine chekuita ne nekuvapo kwezvisina kunyorwa (zvisina kuziviswa) kugona mune application softwareinoshandiswa muhurongwa hwemashoko.
Kutyisidzira kwerudzi rwe 3rd kwakakosha kune system yeruzivo kana iri iyo kutyisidzira kusina hukama nekuvapo kwezvisina kunyorwa (zvisina kuziviswa) kugona mune system uye application softwareinoshandiswa muhurongwa hwemashoko."
Chinhu chikuru mune idzi tsananguro ndiko kuvapo kwezvisina kunyorwa (zvisingazivikanwe) kugona. Kuti asimbise kusavapo kweasina kunyorwa software kugona (mune nyaya yegore, iyi hypervisor), chitupa chinoitwa neFSTEC yeRussia. Kana mushandisi wePD akabvuma kuti hapana hunyanzvi hwakadaro musoftware, saka kutyisidzira kunoenderana hakuna basa. Kutyisidzira kwemhando 1 uye 2 haawanzoonekwa seakakodzera nevashandisi vePD.
Pamusoro pekuona iyo nhanho yePD chengetedzo, mutyairi anofanirwawo kuona kutyisidzira kwazvino kune gore reveruzhinji uye, zvichibva pane yakacherechedzwa danho rekuchengetedza PD uye kutyisidzira kwazvino, tarisa matanho anodiwa uye nzira dzekudzivirira kubva kwavari.
FSTEC inonyora zvakajeka kutyisidzira kukuru mukati (database yekutyisidzira). Cloud infrastructure providers uye vaongorori vanoshandisa iyi dhatabhesi mubasa ravo. Heino mienzaniso yekutyisidzira:
: "Kutyisidzira mukana wekutyora kuchengetedzeka kwemushandisi data rezvirongwa zvinoshanda mukati memuchina chaiwo nesoftware yakaipa inoshanda kunze kwemuchina chaiwo." Kutyisidzirwa uku kunokonzerwa nekuvapo kwekusagadzikana mu hypervisor software, iyo inovimbisa kuti nzvimbo yekero inoshandiswa kuchengetedza data revashandisi yezvirongwa zvinoshanda mukati memuchina chaiwo inoparadzaniswa nekusapihwa mvumo nesoftware yakaipa inoshanda kunze kwemuchina chaiwo.
Kuitwa kwekutyisidzira uku kunogoneka chero iyo yakashata chirongwa kodhi yakakunda miganhu yemuchina chaiwo, kwete chete nekushandisa kusasimba kweiyo hypervisor, asi zvakare nekuita mhedzisiro yakadaro kubva pasi (inoenderana neiyo hypervisor) mazinga e system inoshanda."
: "Kutyisidzirwa kuri mukukwanisa kuwana zvisina mvumo kune ruzivo rwakachengetedzwa rwemumwe mutengi wegore kubva kune mumwe. Kutyisidzirwa uku kunokonzerwa nekuti, nekuda kwehunhu hwetekinoroji yemakore, vatengi vesevhisi yegore vanofanirwa kugovana zvakafanana zvegore. Kutyisidzirwa uku kunogona kuitika kana zvikanganiso zvakaitwa pakupatsanura mafungu ezvivakwa zvegore pakati pevatengi vebasa regore, pamwe nekutsaura zviwanikwa zvavo uye nekuparadzanisa data kubva kune mumwe nemumwe. "
Iwe unogona chete kudzivirira kubva kune idzi kutyisidzira nerubatsiro rwe hypervisor, sezvo iri iyo inobata chaiwo zviwanikwa. Nokudaro, iyo hypervisor inofanira kuonekwa senzira yekudzivirira.
Uye maererano yaFebruary 18, 2013, iyo hypervisor inofanirwa kuve yakasimbiswa seisina-NDV padanho 4, zvikasadaro kushandiswa kwedanho 1 uye 2 data yemunhu nayo kunenge kusiri pamutemo ("Chitsauko 12. ... Kuve nechokwadi nhanho 1 uye 2 yekuchengetedzwa kwedata remunhu, pamwe nekuona nhanho 3 yekuchengetedzwa kwedata remunhu mumasisitimu eruzivo ayo rudzi rwechipiri rwekutyisidzira rwunoiswa seazvino, maturusi ekuchengetedza ruzivo anoshandiswa, software yakave yakaedzwa zvishoma zvichienderana ne2 level yekutonga pamusoro pekusavapo kweundeclared kugona").
Imwe chete hypervisor, yakagadzirwa muRussia, ine chiyero chinodiwa chechitupa, NDV-4. . Kuti uzviise zvinyoro, kwete iyo inonyanya kufarirwa mhinduro. Makore ekutengeserana anowanzo kuvakwa pahwaro hweVMware vSphere, KVM, Microsoft Hyper-V. Hapana chimwe chezvigadzirwa izvi chiri NDV-4 certified. Sei? Zvingangodaro kuti kuwana zvitupa zvakadaro kune vagadziri hakusati kwave kwakakodzera mune zvehupfumi.
Uye zvese zvakasara kwatiri zvedanho 1 uye 2 data remunhu mune yeruzhinji gore ndeye Horizon BC. Zvinosuwisa asi chokwadi.
Kuti zvese (mumaonero edu) zvinoshanda sei
Pakutanga kuona, zvese zvakaomesesa: kutyisidzira uku kunofanirwa kubviswa nekugadzirisa zvakajairwa nzira dzekudzivirira dze hypervisor yakasimbiswa maererano neNDV-4. Asi pane imwe nzira. Maererano neFSTEC Order No. 21 ("clause 2 Kuchengetedzwa kwedata remunhu kana ichigadziriswa mune yedata data system (inozonzi iyo system yeruzivo) inovimbiswa nemushandisi kana munhu anogadzirisa data rake achimiririra mushandisi zvinoenderana ne Russian Federation"), vanopa vanoongorora vakazvimiririra kukosha kwekutyisidzira uye vanosarudza matanho ekudzivirira zvichienderana. Nokudaro, kana iwe usingabvumi kutyisidzira UBI.44 uye UBI.101 semazuva ano, saka hapazove nechikonzero chekushandisa hypervisor yakasimbiswa maererano neNDV-4, iyo ndiyo chaiyo inofanira kupa dziviriro kwavari. Uye izvi zvichave zvakakwana kuti uwane chitupa chekuteerera kwegore reruzhinji nemazinga 1 uye 2 ega kuchengetedzwa kwedata, iyo Roskomnadzor ichagutsikana zvachose nayo.
Ehe, kunze kweRoskomnadzor, FSTEC inogona kuuya nekuongorora - uye sangano iri rinonyanya kungwarira mune zvehunyanzvi nyaya. Anogona kunge achifarira kuti nei chaizvo kutyisidzira kweUBI.44 uye UBI.101 kwaionekwa sekusina basa? Asi kazhinji FSTEC inoongorora chete kana yawana ruzivo nezvechimwe chiitiko chakakosha. Muchiitiko ichi, sevhisi yemubatanidzwa inotanga kuuya kune yemunhu data opareta - kureva, mutengi wemakore masevhisi. Mumamiriro ezvinhu akaipisisa, mutyairi anogamuchira faindi shoma - semuenzaniso, ye Twitter pakutanga kwegore mune imwe nyaya yakafanana yakasvika ku5000 rubles. Ipapo FSTEC inoenda mberi kune Cloud service provider. Iyo inogona kunge yakatorerwa rezinesi nekuda kwekutadza kutevedzera zvinodiwa nemutemo - uye idzi injodzi dzakasiyana zvachose, kune vese vanopa gore uye nevatengi vayo. Asi ndinodzokorora, Kuti utarise FSTEC, kazhinji unoda chikonzero chakajeka. Saka vanopa makore vakagadzirira kutora njodzi. Kusvikira chiitiko chekutanga chakakomba.
Kune zvakare boka revanopa "vane mutoro" vanotenda kuti zvinokwanisika kuvhara zvese zvinotyisidzira nekuwedzera yekuwedzera senge vGate kune hypervisor. Asi munharaunda yakagoverwa pakati pevatengi kune zvimwe zvinotyisidzira (somuenzaniso, iri pamusoro UBI.101), nzira yekudzivirira inoshanda inogona kushandiswa chete pamwero we hypervisor inopupurirwa maererano neNDV-4, sezvo chero maitiro ekuwedzera. iyo yakajairwa mabasa eiyo hypervisor yekugadzirisa zviwanikwa (kunyanya, RAM) haina kukanganisa.
Mashandiro atinoita
Isu tine chikamu chegore chakaiswa pane hypervisor yakasimbiswa neFSTEC (asi isina chitupa cheNDV-4). Ichi chikamu chakasimbiswa, saka data rako pachako rinogona kuchengetwa mugore zvichibva pairi 3 uye 4 mazinga ekuchengetedza - Zvinodiwa zvekudzivirirwa kubva kune zvisingazivikanwe kugona hazvidi kucherechedzwa pano. Heino, nenzira, ndiko kuvakwa kwechikamu chedu chakachengeteka chegore:
Masisitimu edata remunhu 1 uye 2 mazinga ekuchengetedza Isu tinoshandisa chete pamidziyo yakatsaurirwa. Chete munyaya iyi, semuenzaniso, kutyisidzira kweUBI.101 hakubatsiri, sezvo sevha racks iyo isina kubatanidzwa neimwe nharaunda chaiyo haigoni kukanganisa mumwe nomumwe kunyange kana iri munzvimbo imwechete yedata. Kune akadai, isu tinopa yakatsaurwa yemidziyo yekurenda sevhisi (inonzi zvakare Hardware sevhisi).
Kana iwe usina chokwadi chekuti ndeipi nhanho yekuchengetedza inodiwa kune yako pachako data system, isu tinobatsirawo mukuiisa mumapoka.
mhedziso
Tsvakiridzo yedu yemusika mudiki yakaratidza kuti vamwe vashandisi vemakore vakagadzirira kuisa njodzi kuchengetedzeka kwe data revatengi uye neramangwana ravo kuti vagamuchire odha. Asi munyaya idzi tinonamatira kune imwe policy, yatakatsanangura muchidimbu pamusoro apa. Tichafara kupindura mibvunzo yako mumhinduro.
Source: www.habr.com