Ngolunye usuku sathola isicelo sezinkonzo zamafu. Sichaze ngokwejwayelekile lokho okuzodingeka kithi futhi sabuyisela uhlu lwemibuzo ukuze sicacise imininingwane. Sabe sesihlaziya izimpendulo futhi saqaphela: ikhasimende lifuna ukubeka idatha yomuntu siqu yezinga lesibili lokuphepha efwini. Siyamphendula: “Unezinga lesibili ledatha yomuntu siqu, uxolo, singakha ifu eliyimfihlo kuphela.” Futhi yena: "Uyazi, kodwa enkampanini X bangathumela yonke into kimi esidlangalaleni."
Isithombe nguSteve Crisp, Reuters
Izinto eziyinqaba! Saya kuwebhusayithi yenkampani X, safunda imibhalo yabo yezitifiketi, sanikina amakhanda futhi saqaphela: miningi imibuzo evulekile ekubekweni kwedatha yomuntu siqu futhi kufanele iqondiswe kahle. Yilokho esizokwenza kulokhu okuthunyelwe.
Konke kufanele kusebenze kanjani
Okokuqala, ake sithole ukuthi yiziphi izindlela ezisetshenziswayo ukuze kuhlukaniswe idatha yomuntu siqu njengezinga elilodwa noma elinye lokuphepha. Lokhu kuncike esigabeni sedatha, inombolo yezihloko zale datha u-opharetha ayigcinayo nezinqubo, kanye nohlobo lwezinsongo zamanje.
Izinhlobo zezinsongo zamanje zichazwe ku yangomhla kaNovemba 1, 2012 “Ekuvunyweni kwezimfuneko zokuvikela idatha yomuntu siqu ngesikhathi sokucutshungulwa kwayo ezinhlelweni zolwazi lwedatha yomuntu siqu”:
“Izinsongo zoHlobo loku-1 zibalulekile ohlelweni lolwazi uma luhlanganisa izinsongo zamanje ezihlobene ngokuba khona kwamakhono angabhaliwe (angadalulwanga). ku-software yesistimuesetshenziswa ohlelweni lolwazi.
Izinsongo zohlobo lwesi-2 zibalulekile ohlelweni lolwazi uma kulo, kuhlanganisa izinsongo zamanje ezihlobene ngokuba khona kwamakhono angabhaliwe (angadalulwanga). ku-software yohlelo lokusebenzaesetshenziswa ohlelweni lolwazi.
Izinsongo zohlobo lwesi-3 zibalulekile ohlelweni lolwazi uma lukhona izinsongo ezingahlobene ngokuba khona kwamakhono angabhaliwe (angadalulwanga). kusistimu nesofthiwe yohlelo lokusebenzaesetshenziswa ohlelweni lolwazi."
Into esemqoka kulezi zincazelo wukuba khona kwamakhono angabhaliwe (angadalulwanga). Ukuqinisekisa ukungabikho kwamakhono esoftware angabhaliwe (uma kwenzeka ifu, lokhu kuyi-hypervisor), ukuqinisekiswa kwenziwa yi-FSTEC yaseRussia. Uma u-opharetha we-PD amukela ukuthi awekho amakhono anjalo kusofthiwe, khona-ke izinsongo ezihambisanayo azibalulekile. Izinsongo zezinhlobo 1 no-2 azivamile ukubhekwa njengezibalulekile opharetha be-PD.
Ngaphezu kokunquma izinga lokuphepha kwe-PD, opharetha kufanele futhi anqume izinsongo ezithile zamanje efwini lomphakathi futhi, ngokusekelwe ezingeni elikhonjiwe lokuphepha kwe-PD nezinsongo zamanje, anqume izinyathelo ezidingekayo nezindlela zokuzivikela kuzo.
I-FSTEC ibala ngokucacile zonke izinsongo eziyinhloko (database yosongo). Abahlinzeki bengqalasizinda yamafu nabahloli basebenzisa lesi sizindalwazi emsebenzini wabo. Nazi izibonelo zezinsongo:
: “Usongo kungenzeka kwephule ukuvikeleka kwedatha yomsebenzisi yezinhlelo ezisebenza ngaphakathi komshini we-virtual ngesofthiwe enonya esebenza ngaphandle komshini obonakalayo.” Lokhu kusongela kungenxa yokuba sengozini kusofthiwe ye-hypervisor, eqinisekisa ukuthi indawo yekheli esetshenziselwa ukugcina idatha yomsebenzisi yezinhlelo ezisebenza ngaphakathi komshini we-virtual ihlukanisiwe ekufinyeleleni okungagunyaziwe yisofthiwe enonya esebenza ngaphandle komshini obonakalayo.
Ukuqaliswa kwalokhu kusongela kungenzeka inqobo nje uma ikhodi yohlelo olunonya inqoba ngempumelelo imingcele yomshini we-virtual, hhayi nje ngokuxhaphaza ubungozi be-hypervisor, kodwa futhi ngokwenza umthelela onjalo kusuka kumazinga aphansi (ahlobene ne-hypervisor) ukusebenza kwesistimu."
: “Usongo lusethubeni lokufinyelela okungagunyaziwe kulwazi oluvikelwe lomthengi wesevisi yefu komunye. Lokhu kusongela kungenxa yokuthi, ngenxa yemvelo yobuchwepheshe bamafu, abathengi besevisi yefu kufanele babelane nengqalasizinda yefu efanayo. Lokhu kusongela kungabonakala uma kwenziwa amaphutha lapho kuhlukaniswa izici zengqalasizinda yefu phakathi kwabathengi benkonzo yamafu, nalapho behlukanisa izinsiza zabo futhi behlukanisa idatha komunye nomunye.”
Ungakwazi ukuvikela kuphela kulezi zinsongo ngosizo lwe-hypervisor, ngoba yiyona ephethe izinsiza ezibonakalayo. Ngakho-ke, i-hypervisor kufanele ibhekwe njengendlela yokuvikela.
Futhi ngokuhambisana yangomhla ka-February 18, 2013, i-hypervisor kumele iqinisekiswe njengengeyona i-NDV ezingeni 4, ngaphandle kwalokho ukusetshenziswa kwedatha yomuntu siqu yeleveli 1 kanye ne-2 kuyobe kungekho emthethweni (“Isigaba 12. ... Ukuqinisekisa izinga loku-1 kanye nelesi-2 lokuvikeleka kwedatha yomuntu siqu, kanye nokuqinisekisa izinga lesi-3 lokuvikeleka kwedatha yomuntu siqu ezinhlelweni zolwazi lapho izinsongo zohlobo 2 zihlukaniswa njengezamanje, kusetshenziswa amathuluzi okuvikela ulwazi, isofthiwe eye yasetshenziswa. ihlolwe okungenani ngokwezinga elingu-4 lokulawula ukungabibikho kwamakhono angadalulwanga").
I-hypervisor eyodwa kuphela, eyakhiwe eRussia, enezinga elidingekayo lesitifiketi, i-NDV-4. . Ukubeka ngobumnene, hhayi isisombululo esithandwa kakhulu. Amafu ezentengiselwano, njengomthetho, akhiwe ngesisekelo se-VMware vSphere, KVM, Microsoft Hyper-V. Ayikho kule mikhiqizo eqinisekisiwe i-NDV-4. Kungani? Kungenzeka ukuthi ukuthola isitifiketi esinjalo kubakhiqizi akukaqinisekiswa ngokwezomnotho.
Futhi okusele kithi ngedatha yomuntu siqu yeleveli 1 nelesi-2 kumafu omphakathi yi-Horizon BC. Kuyadabukisa kodwa kuyiqiniso.
Indlela yonke into (ngombono wethu) isebenza ngayo ngempela
Uma uthi nhlá, yonke into iqinile impela: lezi zinsongo kufanele ziqedwe ngokumisa kahle izindlela zokuvikela ezijwayelekile ze-hypervisor eqinisekisiwe ngokuya nge-NDV-4. Kodwa kukhona i-lophole eyodwa. Ngokuhambisana ne-FSTEC Order No. 21 ("Isigaba sesi-2 Ukuphepha kwedatha yomuntu siqu lapho kusetshenzwa ohlelweni lwemininingwane yomuntu siqu (ngemuva kwalokhu olubizwa ngokuthi uhlelo lolwazi) kuqinisekiswa ngu-opharetha noma umuntu ocubungula idatha yomuntu siqu egameni lomsebenzisi ngokuhambisana Inhlangano yase Russia"), abahlinzeki bahlola ngokuzimela ukuhambisana kwezinsongo ezingaba khona futhi bakhethe izindlela zokuvikela ngokufanele. Ngakho-ke, uma ungazamukeli izinsongo ze-UBI.44 ne-UBI.101 njengezamanje, ngeke kube nesidingo sokusebenzisa i-hypervisor eqinisekisiwe ngokuya nge-NDV-4, okuyiyona kanye okufanele inikeze isivikelo kuzo. Futhi lokhu kuzokwanela ukuthola isitifiketi sokuhambisana nefu lomphakathi ngamazinga 1 no-2 wokuphepha kwedatha yomuntu siqu, i-Roskomnadzor ezokwaneliseka ngayo ngokuphelele.
Yiqiniso, ngaphezu kwe-Roskomnadzor, i-FSTEC ingase ifike nokuhlola - futhi le nhlangano icophelela kakhulu ezindabeni zobuchwepheshe. Cishe uzoba nentshisekelo yokuthi kungani ngempela izinsongo ze-UBI.44 kanye ne-UBI.101 zithathwa njengezingenamsebenzi? Kodwa ngokuvamile i-FSTEC yenza ukuhlola kuphela lapho ithola ulwazi mayelana nesigameko esithile esibalulekile. Kulokhu, isevisi yenhlangano ifika kuqala ku-opharetha wedatha yomuntu siqu - okungukuthi, ikhasimende lezinsizakalo zamafu. Esimweni esibi kakhulu, opharetha uthola inhlawulo encane - isibonelo, ku-Twitter ekuqaleni konyaka esimweni esifanayo kwaba ruble 5000. Bese i-FSTEC iqhubekela phambili kumhlinzeki wesevisi wamafu. Okungase kuphucwe ilayisense ngenxa yokwehluleka ukuthobela izimfuneko zokulawula - futhi lezi izingozi ezihluke ngokuphelele, kumhlinzeki wamafu nakumakhasimende akhe. Kodwa, ngiyaphinda, Ukuze uhlole i-FSTEC, ngokuvamile udinga isizathu esicacile. Ngakho abahlinzeki bamafu bazimisele ukuthatha ubungozi. Kuze kube yisigameko sokuqala esibucayi.
Kukhona neqembu labahlinzeki "abanomthwalo wemfanelo omkhulu" abakholelwa ukuthi kungenzeka ukuvala zonke izinsongo ngokungeza isengezo esifana ne-vGate ku-hypervisor. Kodwa endaweni ebonakalayo esatshalaliswa phakathi kwamakhasimende ngenxa yezinsongo ezithile (isibonelo, i-UBI.101 engenhla), indlela yokuvikela ephumelelayo ingasetshenziswa kuphela ezingeni le-hypervisor eqinisekisiwe ngokuya nge-NDV-4, njengoba noma yiziphi izinhlelo ezingeziwe imisebenzi ejwayelekile ye-hypervisor yokuphatha izinsiza (ikakhulukazi, i-RAM) ayithinti.
Sisebenza kanjani
Sinesegimenti yefu esetshenziswe ku-hypervisor egunyazwe i-FSTEC (kodwa ngaphandle kwesitifiketi se-NDV-4). Le segimenti iqinisekisiwe, ngakho-ke idatha yomuntu siqu ingagcinwa emafini ngokusekelwe kuyo 3 kanye 4 amazinga okuphepha - Izimfuneko zokuvikelwa emandleni angadalulwanga azidingi ukubonwa lapha. Nakhu, ngendlela, ukwakheka kwengxenye yethu yamafu evikelekile:
Amasistimu edatha yomuntu siqu 1 kanye 2 amazinga okuphepha Sisebenzisa kuphela kumishini ezinikele. Kulesi simo kuphela, isibonelo, usongo lwe-UBI.101 alubalulekile ngempela, njengoba ama-server rack angahlanganisiwe indawo eyodwa ebonakalayo awakwazi ukuthonya omunye nomunye ngisho nalapho etholakala kusikhungo esifanayo sedatha. Ezimweni ezinjalo, sinikeza isevisi yokuqasha imishini (ibizwa nangokuthi i-Hardware njengesevisi).
Uma ungenaso isiqiniseko sokuthi yiliphi izinga lokuphepha elidingekayo kusistimu yakho yedatha yomuntu siqu, siyasiza futhi ekuyihlukaniseni.
isiphetho
Ucwaningo lwethu oluncane lwemakethe lubonise ukuthi abanye opharetha bamafu bazimisele ukubeka engozini kokubili ukuphepha kwedatha yamakhasimende kanye nekusasa labo ukuze bathole i-oda. Kodwa kulezi zindaba silandela umgomo ohlukile, esiwuchaze kafushane ngenhla. Sizokujabulela ukuphendula imibuzo yakho kumazwana.
Source: www.habr.com