Intrusion detection system facing cloud calculating environment

A technology of intrusion detection system and cloud computing environment, applied in the direction of transmission system, electrical components, etc., can solve the problem of no technology and its solution, security protection, resource safety multiplexing without too much involvement, no solution to dynamic splitting of resources Security monitoring management and other issues

Inactive Publication Date: 2012-10-10
BEIJING COMPUTING CENT
View PDF2 Cites 58 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Grid-based application-level virtual security research is currently mainly based on Keberos, SSL, SSH, and XML encryption (Xenc), which solves the problems of identity authentication and access control in grid environments; and focuses on secure data transmission channels based on heterogeneous grid environments architecture, but not much involved in application-based security protection and resource security multiplexing; security technology research in node-oriented virtualization environment is based on partition isolation, disaster recovery, partition hot migration, partition hot backup and other high-availability technology solutions The safety and reliability of some virtual applications (such as Vmware, Virtual Station), but when faced with a hardware-level virtualization environment, the resources in the partition are directly managed by the underlying hardware. Once a major fault occurs, it cannot be effectively isolated , the fault may spread to all partitions using the resource, resulting in a global fault (such as: Xen, Intel's Virtualization Technology, AMD's Pacifica); collapsa virtual intrusion detection center [4] Provides centralized deployment and management of virtual honeypots, solves the problems of centralized management and deployment, and provides a global intrusion detection view; however, collapsa is still a virtual honeypot that is concentrated on virtual physical machines from the virtual mechanism itself, and does not Solve many problems such as security monitoring management, distributed intrusion detection engine, user identity authentication, and user space isolation brought about by dynamic splitting of resources and large-scale sharing of components in a large-scale distributed environment
Similar capability service application virtual environment security research At present, there are no related technologies and solutions in the business world and academia

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion detection system facing cloud calculating environment
  • Intrusion detection system facing cloud calculating environment
  • Intrusion detection system facing cloud calculating environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The ability server architecture for virtual computing environment has large-scale sharing of resources, low cost, ease of use, configuration flexibility, easy management, security, scalability and high availability. main guiding principles. Among them, the security architecture is a very important aspect in the design of the capability server, which involves issues such as identity authentication, authorization, credit, integrity, confidentiality, service and information availability, auditing and accounting, and service protection of the capability server. Its main content is to provide safe and reliable identity authentication, virtual distributed and scalable intrusion detection, safe and intelligent resource monitoring and management, and safe and reliable resource aggregation multiplexing access protocol for the capability service domain in the virtual computing environment. Scale Distributed Security Infrastructure (SDSI) for capability servers in virtual computin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

According to the invention, a safety problem based on splitting and under large-scale shared virtual calculating environment is discussed. And the invention provides a safety framework based on a virtual machine and facing the virtual calculating environment and a large-scale distributed extensible intrusion detection system. The system provides resource access monitoring identity authentication inside and outside an ability service domain and an encrypted data transmission channel for a user, provides isolation and protection of a user space and a system space and finally guarantees application safety based on an ability server. By using the system of the invention, many safety problems under the ability server, such as, a large-scale dynamic user quantity, large-scale dynamic virtual resource objects, a calculating load of dynamic increase and reduction, user space isolation, user system isolation and protection, internal and external network attack prevention, equipment safety reuse and sharing, communication safety, uniform authentication, access control and the like, are solved.

Description

technical field [0001] The present invention relates to security detection in a cloud computing environment, in particular to an intrusion detection system oriented to a cloud computing environment Background technique [0002] The virtualization technology aimed at improving resource utilization and realizing large-scale resource sharing has developed rapidly in recent years. Currently, there are two main research directions in virtualization technology: node-level virtualization and application-level virtualization. At present, the hot issue of application-level virtualization research in the world is to use grid and P2P methods to make most computers coordinate their work so as to utilize the idle resources of each PC. However, since the personal computer is designed as a closed and complete system, it is difficult to guarantee the efficiency of sharing through this inherent system barrier. The traditional node-level virtualization technology cannot fully achieve this g...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 曾宇
Owner BEIJING COMPUTING CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap