Dynamic cryptography protection for virtual machines and key management method thereof

A technology of key management and key management information, which is applied to key distribution, can solve problems such as the inability to effectively realize cloud security, and achieve the effect of improving security

Inactive Publication Date: 2012-07-25
道里云信息技术(北京)有限公司
View PDF3 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, according to the above analysis, the current technology cannot effectively meet the basic requirements of cloud security.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic cryptography protection for virtual machines and key management method thereof
  • Dynamic cryptography protection for virtual machines and key management method thereof
  • Dynamic cryptography protection for virtual machines and key management method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] Hereinafter, exemplary embodiments of the present invention will be described with reference to the accompanying drawings. However, the scope of the present invention should not be construed as being limited to the following examples. The embodiments of the present invention are intended to more fully explain the present invention for those skilled in the art.

[0035] One embodiment of the invention relates to the generation of guest virtual machines. In this embodiment, first, the service console generates a key in its internal memory, and sends the key to the virtual machine monitor secondary trusted computing base, and the virtual machine monitor secondary trusted computing base (VMM-TCB) protects this key. Next, the service console generates the first data block of a guest virtual machine, the service console encrypts the data block, and then outputs or stores the encrypted data block to an external storage. The service console then generates a second block of d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Provided are dynamic cryptography protection for virtual machines and a management method for keys required by dynamic cryptography protection. The management method for the keys required by dynamic cryptography protection includes that each of the virtual machines is divided into multiple data blocks, dynamic encryption and decryption process are performed when the data blocks are in input and output states, keys required for the encryption and decryption are protected by the virtual machine monitor secondary trusted computing base or the hardware-based trusted computing base and are protected in a higher safety level, a service console inquires and acquires the keys from the virtual machine monitor secondary trusted computing base and encrypts the data blocks of guest virtual machines by the aid of the keys, and the encrypted data blocks are stored in image data packages of the guest virtual machines, thus the stolen encrypted data packages are hard to decrypt even when the image data packages of the guest virtual machines are stolen. Besides, when data blocks are input to the guest virtual machines from external storages, the service console utilizes the keys to decrypt the data blocks and then sends the decrypted data blocks to internal memories of the guest virtual machines to be further processed.

Description

technical field [0001] The present invention relates to a method and a system for dynamic cryptography protection and key management for a virtual machine on a virtualized computing platform architecture, and specifically relates to a method and system for internally including operating systems, middleware, networks, The collection of all resources and components such as communications, databases, application programs, user files, and data is regarded as a system that is dynamically changing at all times during operation, and a method and system for real-time and dynamic cryptographic protection of the system. Background technique [0002] (1) "Guest Virtual Machine" or "Virtual Machine" [0003] Computer virtualization technology can simulate one or several guest (Guest) virtual computers (Guest Virtual Machine, VM) on a real physical computer (host, Host), running on the virtualized computing platform architecture. carrier. Each virtual computer (referred to as a guest v...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00G06F9/455H04L9/08G06F21/46G06F21/53
Inventor 毛文波
Owner 道里云信息技术(北京)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap