CN-121092072-B - Data storage system for information security

Abstract

The invention discloses a data storage system for information security, which relates to the technical field of data storage, solves the technical problems of resource waste or performance bottleneck caused by one-cut storage by intelligently selecting a local storage or distributed storage mode according to the type, capacity and delay requirement of data, reduces network overhead by dynamically selecting the local or distributed storage based on the data capacity and the delay requirement, and locally stores small-capacity and low-delay data, the high-capacity and high-delay data distributed storage improves expansibility, improves resource utilization rate, combines high-frequency/low-frequency data differentiation processing through multi-copy backup of core data and automatic temporary data deletion, integrates data security and space optimization, adapts different capacity data by a dynamic slicing strategy, ensures balanced data distribution by consistent hash and virtual nodes, realizes load dynamic adjustment by cold and hot data layering and node performance grading, and improves access speed and system stability.

Inventors

• TAN TAO

Assignees

• 北京靖宏云泰科技有限公司

Dates

Publication Date

20260512

Application Date

20250827

Claims (7)

1. 1. An information security data storage system, comprising: The classified storage analysis module is used for carrying out local storage or distributed storage analysis on the acquired classified data to generate a local storage signal or a distributed storage signal; The local storage analysis module is used for analyzing the acquired local storage signals, secondarily classifying the classified data and storing the classified data to generate primary storage information, and secondarily analyzing the primary storage information based on the use frequency of the data to generate local data storage information; The distributed storage analysis module is used for analyzing the acquired distributed storage signals, acquiring distributed storage data and dynamically slicing to obtain sliced data, calculating the hash value of the sliced data and the storage nodes, matching the hash value with the same hash value as a standard, determining a matched storage node, classifying the sliced data according to the use frequency of the data to obtain hot data and cold data, and transmitting the hot data and the cold data to the comprehensive storage analysis module; The comprehensive storage analysis module is used for carrying out storage management on the hot data and the cold data obtained by classification, comparing the total amount of the sliced data of the matched storage nodes with the maximum load, generating a data adjustment signal if the sliced data is overloaded, otherwise, generating distributed storage information, analyzing and determining the node to be dispersed, preferentially dispersing the few categories in the hot data and the cold data of the node to be dispersed, dividing the node to be dispersed into high-performance and low-performance nodes according to the processing speed of the node, preferentially dispersing the cold data to the low-load nodes if the node to be dispersed is high-performance, simultaneously transferring the low-load node hot data to the node to fill idle load, generating distributed storage information, and transferring the hot data to other nodes from large-to-small orders according to the node performance if the node is low-performance, so as to generate the distributed storage information, and the specific processing mode is as follows: acquiring the total amount of the fragment data in the matched storage nodes, simultaneously comparing the total amount of the fragment data with the maximum load of the matched storage nodes, wherein the maximum load represents the corresponding maximum storage capacity, if the total amount of the fragment data is larger than the maximum load, the corresponding matched storage nodes need to carry out data adjustment processing, and a data adjustment signal is generated, otherwise, the data adjustment signal does not need to be adjusted, and distributed storage information is generated; Acquiring corresponding matched storage nodes to be recorded as nodes to be dispersed, acquiring the quantity corresponding to hot data and cold data in the nodes, comparing the quantity and the quantity of the hot data and the cold data, performing dispersed matching by using small quantity of classified data preferentially, analyzing the performance of the nodes corresponding to the matched storage nodes, wherein the performance of the nodes is specifically represented as a processing speed average value in a time period t, classifying the processing speed average value as high-performance nodes, and conversely classifying the nodes as low-performance nodes, and performing calculated matching according to different performance nodes obtained by classification; If the node to be dispersed is a high-performance node, preferentially transferring cold data to a low-load node, and simultaneously transferring hot data of the low-load node to the node to fill idle load, so as to generate distributed storage information; and if the node is a low-performance node, transferring and storing the hot data according to the performance of other nodes from big to small, and generating distributed storage information.
2. 2. The data storage system for information security according to claim 1, further comprising a data classification processing module and a storage management information output module; The data classification processing module is used for acquiring all information data, classifying the information data according to the data content to obtain structured data, unstructured data and semi-structured data, and transmitting the structured data, the unstructured data and the semi-structured data to the classified data storage analysis module; and the storage management information output module is used for carrying out data storage according to the local data storage information and the distributed storage information.
3. 3. The data storage system for information security according to claim 1, wherein the specific manner in which the classification storage analysis module generates the local storage signal or the distributed storage signal is: acquiring a classified data type and recording the classified data type as i, wherein i=1, 2, & gt, j, wherein j represents the data type, and simultaneously acquiring the data capacity and the delay requirement corresponding to the data type i; the data type with small data capacity and low delay requirement is selected to be stored locally to generate a local storage processing signal, the data type with large data capacity and high delay requirement is selected to be stored in a distributed mode to generate a distributed storage processing signal.
4. 4. The data storage system for information security according to claim 1, wherein the specific manner in which the local storage analysis module generates the local data storage information is: the method comprises the steps of obtaining local storage data and storage media, secondarily classifying the local storage data and the storage media into core data, general data and temporary data, and performing differentiated treatment, wherein the core data are backed up in high-reliability equipment in multiple copies, the general data are stored in single copies and are regularly cleared of redundancy, and the temporary data are provided with automatic deletion rules to form primary storage information; Based on the secondary analysis of the primary information, the storage medium is dynamically updated, and the data is divided into low frequency and high frequency according to the frequency of use within time t, so as to generate local data storage information.
5. 5. The data storage system for information security of claim 1, wherein the distributed storage analysis module determines the specific manner in which the storage nodes are matched is: And marking all the distributed storage nodes and calculating hash values, obtaining distributed storage data, dynamically slicing according to capacity to obtain sliced data, searching a first matching node on a hash ring clockwise as a storage node after calculating the hash values of the sliced data, and sequentially determining the matching storage nodes of all the slices.
6. 6. The data storage system for information security according to claim 5, wherein the specific way of obtaining the fragmented data by capacity dynamic fragmentation is: the single file/object is greater than 1GB of large-capacity data, 128 MB/block fragments are adopted, the single file/object can be adjusted to 64MB or 256MB through configuration items, the single file/object is smaller than or equal to 1GB of small-capacity data, and 4 MB/block fragments can be adjusted to 1MB or 8MB.
7. 7. The data storage system for information security according to claim 1, wherein the specific way of classifying the fragmented data according to the frequency of use of the data to obtain the hot data and the cold data is as follows: All pieces of data in the matched storage nodes are acquired and marked as n, n=1, 2, and m, wherein m represents the type of the pieces of data, the use times of the pieces of data n in time t are acquired, the corresponding use frequency is calculated, the use frequency is compared with a classification threshold value, the specific value of the classification threshold value is set by an operator, the pieces of data with the use frequency being greater than the classification threshold value are marked as hot data, and otherwise the pieces of data with the use frequency being less than the classification threshold value are marked as cold data.

Description

Data storage system for information security Technical Field The invention relates to the technical field of data storage, in particular to a data storage system for information security. Background With the rapid development of information technology, the data scale is in explosive growth, the data types are increasingly diversified, and the difference of different data on the storage capacity, delay and safety requirements is obvious. The existing data storage system has the following current situations: the storage mode is single, a fixed mode of local storage or distributed storage is adopted, dynamic adaptation is difficult to achieve according to the data characteristics, a fine classification strategy is lacking in local storage management, core data and temporary data are mixed, and the problems of safety risk and low efficiency exist; in the distributed storage, the data slicing strategy is fixed, the node load balancing capability is weak, partial node overload or uneven data distribution is easy to occur, and meanwhile, cold and hot data layering management is lacked, and high-frequency access data and low-frequency data share storage resources, so that the access performance is reduced; The storage system lacks a global cooperative mechanism, management of local storage and distributed storage is mutually split, dynamic optimization of a storage strategy according to a data life cycle is difficult, and dual requirements of information security and efficient utilization cannot be met. Disclosure of Invention Aiming at the defects of the prior art, the invention provides the data storage system for information security, which solves the problems of resource waste or performance bottleneck caused by one-cut storage by intelligently selecting a local storage or distributed storage mode according to the type, capacity and delay requirement of data. In order to achieve the above object, the present invention is realized by the following technical scheme that the data storage system for information security comprises: The classified storage analysis module is used for carrying out local storage or distributed storage analysis on the acquired classified data to generate a local storage signal or a distributed storage signal; The local storage analysis module is used for analyzing the acquired local storage signals, secondarily classifying the classified data and storing the classified data to generate primary storage information, and secondarily analyzing the primary storage information based on the use frequency of the data to generate local data storage information; The distributed storage analysis module is used for analyzing the acquired distributed storage signals, acquiring distributed storage data and dynamically slicing to obtain sliced data, calculating the hash value of the sliced data and the storage nodes, matching the hash value with the same hash value as a standard, determining a matched storage node, classifying the sliced data according to the use frequency of the data to obtain hot data and cold data, and transmitting the hot data and the cold data to the comprehensive storage analysis module; the comprehensive storage analysis module is used for carrying out storage management on the hot data and the cold data obtained by classification, comparing the total amount of the sliced data of the matched storage nodes with the maximum load, generating a data adjustment signal if the sliced data is overloaded, otherwise, generating distributed storage information, analyzing and determining the node to be dispersed, preferentially dispersing the few categories in the hot data and the cold data of the node to be dispersed, dividing the node to be dispersed into high-performance and low-performance nodes according to the processing speed of the node, preferentially dispersing the cold data to the low-load nodes if the node to be dispersed is high-performance, simultaneously transferring the low-load node hot data to the node to fill idle load, generating distributed storage information, and transferring the hot data to other nodes from large-order to small-order according to the node performance if the node to be dispersed is low-performance, so as to generate the distributed storage information. As a further scheme of the invention, the system also comprises a data classification processing module and a storage management information output module; The data classification processing module is used for acquiring all information data, classifying the information data according to the data content to obtain structured data, unstructured data and semi-structured data, and transmitting the structured data, the unstructured data and the semi-structured data to the classified data storage analysis module; and the storage management information output module is used for carrying out data storage according to the local data storage information and the distributed storage information. As a further aspect