Data anti-leakage method based on operating system virtualization principle

Abstract

The invention relates to a data anti-leakage method based on an operating system virtualization principle, belonging to the technical field of computer application. The data anti-leakage method is characterized by comprising the following steps of: increasing a virtual isolating layer and a virtual storage area in a host operating system of a computer on the basis of the operating system virtualization principle; structuring one or more virtual isolated environments on the basis of the virtual isolating layer and the virtual storage area by combining with a virtual desktop technology; and completely isolating and protecting data resources which are stored in each virtual isolated environment and include files and registration forms to ensure that data generated in the virtual isolated environments is not leaked out of the virtual isolated environments so as to prevent active or passive data leakage behaviors. The invention greatly enhances the operating efficiency of a data anti-leakage system by utilizing the innate advantages of the operating system virtualization principle, reduces the difficulty of applying a data anti-leakage scheme and enhances the easy use and the work efficiency of the data anti-leakage system.

Description

technical field [0001] The present invention relates to a method in the field of computer application technology, in particular to a data leakage prevention method based on the operating system virtualization principle. Background technique [0002] With the vigorous development of informatization in our country, the application of electronic data is becoming more and more extensive. While greatly improving production efficiency, electronic data has increasingly become an important asset for all walks of life and even the general public. The confidentiality, integrity and availability of electronic data are gradually related to national security, core competitiveness of enterprises, and personal privacy. Therefore, the issue of data security—that is, the prevention of data leakage, loss, and abuse—has become a hot issue in the field of information security and has attracted more and more attention. In all branches of data security, data leakage prevention has a particularl...

AI Technical Summary

Problems solved by technology

First of all, a virtual machine implemented based on the hardware abstraction layer virtualization principle must run a complete guest operating system instance in memory during work, and needs to simulate various hardware devices including CPU and memory, and these behaviors themselves need to occupy A large number of system resources will lead to a great loss of performance of this method in real use scenarios; secondly, due to the complexity of using virtual machine software, users must have certain knowledge of computer systems, and even require customer The operating system and application software environment on the virtual machine are fully configured, which increases the difficulty of applying the system; finally, in the real use environment, users often need to reference some original resources on the host machine in the isolated environment provided by the virtual machine. Some files or need to use existing programs on the host

However, limited to the implementation mechanism of the virtual machine software, users cannot directly read the data files on the host computer in the isolated environment on the virtual machine, unless the data is imported or the software is reinstalled, which further reduces the ease of use of the system. sex and productivity

Images