Vitualization environment data security partition method and system

A virtualization environment and data security technology, applied in the field of data security isolation in a virtualization environment, can solve the problems of virtual machine image data isolation and inability to guarantee user data security, etc.

Active Publication Date: 2013-05-15
CEC CYBERSPACE GREAT WALL
View PDF8 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Aiming at the problem that the existing technology cannot conveniently and effectively isolate the user's virtual machine image data and thus cannot guarantee the security of user data, the present invention provides a method for securely isolating data in a virtualized environment, through data dynamic transparent encryption and decryption technology and user key The combination of resource generation and management technology can safely isolate the user's virtual machine image data, and achieve a good user experience while ensuring user data security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vitualization environment data security partition method and system
  • Vitualization environment data security partition method and system
  • Vitualization environment data security partition method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The present invention will be described below in conjunction with the accompanying drawings.

[0026] The present invention relates to a virtualized environment data security isolation method, the principle of which is as follows: figure 1 As shown, the method uses key resource pool 2 to store user information and provide users with key resource generation and management services, and computing resource pool 3 provides computing resources for users and uses data dynamic transparent encryption and decryption technology and key resource pool 2 interaction, the computing resource pool 3 uses the key resource generated by the key resource pool 2 to dynamically decrypt the stored user's virtual machine image data before use, and encrypts the data after the computing resource is operated, and stores it as a storage resource in the storage resource pool4. figure 1 The user 1 shown in is the virtual machine user of the cloud computing platform; the key resource pool 2 is used ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a vitualization environment data security partition method and a system. According to the method, a secret key resource pool is used for storing user information and supplying generation and management service of secret key resources for a user, a computation resource pool is used for supplying computation resources and carrying out deciphering before use on virtual machine image data trends of the stored user through the secret key resources generated by the secret key resource pool by adopting data dynamic transparent encryption and decryption technology, data encryption is carried out after computation resource operation, and the resources are used as stored resources to be stored in a stored resource pool. By means of the vitualization environment data security partition method and the system, through combination of the data dynamic transparent encryption and decryption technology and user secret key resource generation and management technology, virtual machine mirror data of the user can be partitioned safely, and good user experience can be achieved while user data security can be guaranteed.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method and system for safely isolating data in a virtualized environment. Background technique [0002] In a virtualized environment, the user's working environment is transferred from a personal computer to a virtual machine, and computing resources, storage resources, etc. are separated from the user's physical control. It is possible that multiple users' virtual machine image data are stored on the same physical disk. If the user's virtual machine image data is obtained and used by an illegal user, it may cause losses to the user. Although access to user data can be strictly restricted through means such as access control, and a certain degree of data isolation can be implemented, it is still impossible to restrict privileged users such as administrators from accessing user data. Another typical protection method is to encrypt and store all users' virtual mach...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L9/32
Inventor 张兴王海洋张雅哲
Owner CEC CYBERSPACE GREAT WALL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap