September 2021
Beginner to intermediate
392 pages
12h 13m
Chinese
book
Google系统架构解密: 构建安全可靠的系统
by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield
Content preview from Google系统架构解密: 构建安全可靠的系统
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
4
|
第
1
章
启:“密码无法加载任何保护此密钥的卡。”
澳大利亚的工程师认为应该用蛮力解决他们的安全问题,因此用起了电钻。一小时后,保
险箱打开了,但即便是刚取回的卡也触发了相同的错误消息。
团队花了一个多小时才意识到,智能卡读取器上的绿灯实际上并不表示该卡已正确插入。
当工程师将卡翻转过来时,服务重启成功,故障排除了。
可靠性和安全性都是一个真正值得信赖的系统的关键组成部分,但要构建既可靠又安全的
系统是很困难的。尽管对可靠性和安全性的要求具有许多共性,但设计它们时也有不同的
注意事项。忽视可靠性和安全性之间的微妙关系很容易引起意外的结果。密码管理系统的
故障是由可靠性问题(失效的负载均衡和过载保护策略)触发的,而提高系统安全性的多
种措施使恢复密码管理系统变得复杂。
安全与隐私的交集
安全与隐私是密切相关的概念。系统为了尊重用户隐私,必须从根本上是安全的,并
且在对手面前表现得与预期相同。同样,一个完善的安全系统如果不尊重用户隐私,
就不能满足许多用户的需求。虽然本书关注的是安全性,但描述的一些方法通常也用
于实现隐私保护。
1.2
可靠性与安全性
:
设计注意事项
在设计可靠性和安全性时,必须考虑不同的风险。可靠性面对的主要风险往往是非恶意
的,例如软件更新失败或物理设备故障,而安全风险来自主动尝试利用系统漏洞的对手。
在设计可靠性时,你会假设某些地方在某些时候会出错;在设计安全性时,你必须假设有
人随时随地蓄意搞破坏。
因此,不同的系统在故障响应的设计上也完全不同。在没有破坏者的情况下,系统通常
会在故障发生时
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.