为什么随机云存储/ CDN文件名？ [英] Why randomize your file names for cloud storage/CDN?

问题描述

当你在社交网站Twitter之类的资料图片，它们存储的图像文件，如：

When you look at a profile picture on a social networking site like Twitter, they store image files like:

http://a1.twimg.com/profile_images/1082228637/a-smile_twitter_100.jpg

甚至有地方约会像20110912.路径中唯一直接的好处我能想到的是$ P $的经历和下载的所有文件存储在一个线性方式pventing一个机器人。我失去了任何其他好处？什么是去随机化的最佳方法是什么？

or even with a date somewhere in the path like 20110912. The only immediate benefit I can think of is preventing a bot from going through and downloading all files in your storage in a linear fashion. Am I missing any other benefits? What is the best way to go about randomizing it?

我使用Amazon S3的，所以我将有一个子域名服务我所有的静态内容。我的计划是要存储一个整数ID在我的数据库，然后只是Concat的网址与id来形成的位置。

I am using Amazon S3 so I will have one subdomain serving all my static content. My plan was to store an integer ID in my database and then just concat the URL with the id to form the location.

推荐答案

在公共网址的一个原因，我加密加扰的标识符是这样成长的企业的速度并不总是公开。

One reason I cryptographically scramble identifiers in public URLs is so that the business' rate of growth is not always public.

如果当前的ID可以通过创建一个新的用户帐户或上传图片简单推断，那么外面的人可以通过定期做这个，看到许多入侵检测系统是如何计算的增长速度（或上限）期间的经过时间使用。

If the current ids can be deduced simply by creating a new user account or uploading an image, then an outside person can calculate the growth rate (or an upper limit) by doing this on a regular basis and seeing how many ids were used during the elapsed time.

无论是停滞不前，还是它的爆炸指数，我希望能够控制这些信息，而不是让竞争对手或业务分析师能够推断出它自己的版本。

Whether it's stagnating or whether it's exploding exponentially, I want to be able to control the release of this information instead of letting competitors or business analysts be able to deduce it for themselves.

离线的例子是发票和支票号。如果你被结算或定期支付给公司，然后就可以看到他们写在这段时间内有多少发票或支票。

Offline examples of this are invoice and check numbers. If you get billed by or paid by a company on a regular basis, then you can see how many invoices or checks they write in that time period.

下面是一个CPAN（的Perl）模块，我认为采用基于鲣双向加密加扰32位的IDS：

Here's a CPAN (Perl) module I maintain that scrambles 32-bit ids using two way encryption based on SkipJack:

http://metacpan.org/pod/Crypt::Skip32

这是由格雷格·罗斯用C语言编写的Skip32算法的直接翻译：

It's a direct translation of the Skip32 algorithm written in C by Greg Rose:

http://www.qualcomm.com.au/PublicationsDocs/skip32.c

使用这种方法的映射每个32位标识成（随机的）对应的32位，它可逆转回原始ID号。您没有保存任何额外的东西在你的数据库。

Use of this approach maps each 32-bit id into an (effectively random) corresponding 32-bit number which can be reversed back into the original id. You don't have to save anything extra in your database.

我转换炒ID为8个十六进制数字显示的网址。

I convert the scrambled id into 8 hex digits for displaying in URLs.

在你的IDS接近4.29十亿（32位），你需要计划扩展URL结构，以支持更多，但我喜欢有较短的网址，只要可能的。

Once your ids approach 4.29 billion (32-bits) you'll need to plan for extending the URL structure to support more, but I like having shorter URLs for as long as possible.

这篇关于为什么随机云存储/ CDN文件名？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！