Forced access control method and apparatus in virtual environment

A technology of mandatory access control and virtualized environment, applied in program control devices, software simulation/interpretation/simulation, etc., can solve the problem of uncontrolled communication and resource sharing type, large granularity of communication and resource sharing control, and inapplicable multi-level security. environmental issues
CN101452397AInactive Publication Date: 2009-06-10SHANGHAI JIAO TONG UNIV
0 Cites 49 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
SHANGHAI JIAO TONG UNIV
Publication Date
2009-06-10
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention relates to a forced access control method and a device applied to a virtual environment in the technical field of computer application. The method comprises: designating a virtual machine in a virtual environment as a credible virtual machine with security management authority, in which, the credible virtual machine uses security classification and security category as a sensitive label to identify the security level of a single virtual machine; establishing an access matrix and setting the access type set of each virtual machine to other virtual machines; and when a certain virtual machine main body gets access to a certain virtual machine object in a certain access type, judging whether the access is permitted according to the sensitive label of both the main body and the object and the access type set of the main body to the object in the access matrix. The device comprises an access control initializing module, a virtual machine state monitoring module, an access judgment module, a security management assisting module and a virtual machine security information management module in the credible virtual machine. The forced access control method and the device can effectively control communication and resource sharing between virtual machines in a virtual environment of multilevel security.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The present invention relates to a method and device in the field of computer application technology, in particular to a mandatory access control method and device in a virtualized environment. Background technique

[0002] Virtualization technology is the most popular technology in the current information technology industry. The application of virtualization technology can bring great benefits in the following aspects: 1. Integrating servers and deploying computer systems into virtual machines can improve the utilization rate of hardware equipment and reduce operating costs. 2. Use resource virtualization to improve service quality and reduce system offline time; 3. Reduce the preparation time for IT infrastructure settings, improve the flexibility of IT investment, and promote on-demand configuration; 4. Quickly provide testing and development environments to improve Development efficiency; 5. Migrate legacy operating systems and applications to vir...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More