Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Data sharing and access control method based on Xen

A technology for data sharing and access control, applied in the direction of input/output to record carriers, etc., can solve problems such as inappropriateness, limited data volume, data sharing flexibility and security risks, and achieve easy implementation, high security, and guaranteed safety effect

Inactive Publication Date: 2012-05-30
SOUTH CHINA UNIV OF TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] At present, there are many inconveniences and potential safety hazards in the data sharing between client systems based on the Xen full virtual environment: 1. Multiple client systems are isolated between domains and have their own network environments. The common way of passing through the network is not suitable for Xen virtual machines Data sharing between multiple client systems in the environment; 2. The data sharing method of shared memory is often used for multiple processes in one system to share data, and the amount of shared data is limited, which is also not suitable for the Xen virtual machine environment; 3. Ordinary The data sharing method based on virtual disk and mobile storage has better usability and work efficiency, but there is no guarantee for the security of the shared data; 4. The traditional data sharing method does not detect the content of the shared data, and the The access control permissions of shared data are not restricted, which makes the security of shared data unable to be guaranteed
5. The traditional Xen client system data sharing method does not have the client system's active request to open and close the virtual disk mechanism, which makes it impossible for the client system to disable its confidential data sharing urgently, and the client lacks active protection for its shared data
Therefore, there are many hidden dangers in the flexibility and security of data sharing among multiple client systems based on the Xen virtual machine environment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data sharing and access control method based on Xen
  • Data sharing and access control method based on Xen
  • Data sharing and access control method based on Xen

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The present invention will be further described below in conjunction with the accompanying drawings.

[0025] Such as figure 1 As shown, the basic framework of the present invention is that a plurality of client systems have the same image file existing in the host system as its virtual disk, that is, the data sharing system; figure 2 All modules of the invention shown: client system, data sharing system, access control module, virtual disk control module.

[0026] The data sharing system is the basic condition for the implementation of the present invention, and is composed of multiple configured full virtualization client systems and disk image files that exist in Domain0 (i.e. the Xen host system). Each client system includes not only the necessary disks for system operation, but also the disks provided by this machine as the owner to share data with other client systems, and the disks that this machine serves as sharers to share data with other client systems.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a data sharing and access control method based on Xen, comprising a data sharing system, an access control system and a virtual disc control system, wherein, the data sharing system performs data sharing for the same shared virtual disc by the way that a plurality of virtual client operation systems are operated on an Xen virtual machine; the access control system is respectively arranged in an Xen host system and a client system, and the control mode thereof is that the client system actively communicates with the host system to notice the virtual disc control system to control the dynamic access of the shared virtual disc; and the virtual disc control system controls the read-write access of the virtual disc, which ensures that a client operation system has operation of different accesses for the shared virtual disc to realize the access control of shared data.

Description

technical field [0001] The invention belongs to the field of information security access control, in particular to a Xen-based data sharing and access control method. technical background [0002] Xen is a virtual machine monitor that runs directly on the hardware device. The operating system runs on the Xen virtual machine monitor. The Linux operation with Xen patches is used as the host system to provide a running platform for Xen. The host system can create and manage multiple virtual guest operating systems such as Windows, Linux, etc. Multiple virtual guest systems are isolated between domains and share their own network environment, and the guest systems have good isolation. [0003] Traditional data sharing methods include network-based data sharing, shared memory data sharing, and mobile storage data sharing. Network data sharing is widely used and flexible in operation, but it relies on a complex network environment and low security; shared memory data sharing is m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F3/06
Inventor 刘发贵周明张浩周魏
Owner SOUTH CHINA UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products