XEN cloud platform-based virtual machine block device isolation method

A virtual machine and cloud platform technology, applied in the field of information security, can solve problems such as user information leakage and serious cloud information security problems, and achieve the effect of improving security and realizing isolation protection.

Inactive Publication Date: 2013-11-27
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF0 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, the leakage of various user information in the cloud has made the problem of cloud information security increasingly serious.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • XEN cloud platform-based virtual machine block device isolation method
  • XEN cloud platform-based virtual machine block device isolation method
  • XEN cloud platform-based virtual machine block device isolation method

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment

[0077] Specific embodiments of the present invention are as follows: (participate in figure 2 , image 3 with Figure 4 )

[0078] 1) When creating a new virtual machine, the key management system generates a key for this Dom U (client virtual machine), and establishes a mapping set UUID (Universally Unique Identifier) ​​between the virtual machine and the corresponding key, and maps The table is stored in the local key database, and the generated protection key is placed on the remote server, which ensures that the key and the mapping table cannot be obtained at the same time, thereby improving the security performance of the key system.

[0079] 2) The client virtual machine Dom U and the remote server Dom0 are connected through a key: the key negotiation module sends a KC_HELLO packet to the remote server to request a secure connection; the remote server generates a large prime number ρ and Its original root integer r and the private key KA, after calculating the public...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an XEN cloud platform-based virtual machine block device isolation method and belongs to the information security field. The method comprises the following steps that: S1, generation and access of protection keys are performed when a client virtual machine is newly built; S2, a secure connection is constructed between the client virtual machine and a remote server; S3, the client virtual machines makes a block device read-write request to the remote server, and encryption and decryption processing is performed on block data before the remote server executes the request; and S4, a physical layer performs reading operation on the block data. According to the XEN cloud platform-based virtual machine block device isolation method of the invention, a key management and encryption mechanism is introduced to a system isolation scheme so as to protect the access of the block device; when writing and reading data, the remote server can see the data, while, the data that can be seen by the remote server is the data which have been subjected to encryption protection, so the remote server cannot correctly analyze the meaning of the data, and therefore, a purpose of ''being seen but not understood'' can be achieved.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to a virtual machine block device isolation method based on a XEN cloud platform. Background technique [0002] The concept of cloud was first proposed by American John McCarthy in the 1990s. At that time, he pointed out that computer resources can be provided to the public as a service like water and electricity, which became the origin of cloud thought. From March 2006, Amazon (Amazon) launched the elastic computing cloud (EC2, Elastic Computer Cloud) service, to Google CEO Eric Schmidt (Eric Schmidt) first proposed " The concept of "cloud computing", until now cloud computing has gradually entered an era of rapid growth, the cloud has gradually penetrated into people's production and life, and has become a part of people's lives. [0003] However, the leakage of various user information in the cloud has made the problem of cloud information security incr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/30H04L29/08H04L29/06
Inventor 徐亚运邵长庚刘丹
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap