Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

System and method for dynamically configuring virtual machine migration security policy

A virtual machine migration and security policy technology, which is applied in the field of virtual machine migration security policy dynamic configuration system, can solve problems such as inability to guarantee the overall security of the system, and achieve the effect of simplifying security assessment methods and saving update efficiency

Active Publication Date: 2013-12-18
CEC CYBERSPACE GREAT WALL
View PDF3 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Aiming at the problem that the overall security of the system cannot be guaranteed when the virtual machine is migrated in the prior art, the present invention proposes a method that can automatically discover the address of the source host node and the address of the target host node for migration, and compare the addresses of the virtual machine before and after migration. The security policy corresponding to the security status of the operating environment is comparatively analyzed, unified coordinated and correspondingly modified to ensure that the security of the whole system remains consistent before and after the migration of the virtual machine; a virtual machine migration security policy dynamic configuration system; and a method for realizing the system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for dynamically configuring virtual machine migration security policy
  • System and method for dynamically configuring virtual machine migration security policy
  • System and method for dynamically configuring virtual machine migration security policy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The present invention will be described below in conjunction with the accompanying drawings.

[0036] In the following description, some specific details are provided to provide those skilled in the computer arts with a general understanding of the present invention. In the embodiments, elements for realizing specific functions are shown in the form of schematic diagrams or block diagrams, so as to highlight technical points without obscuring the present invention in unnecessary details. For example, since those of ordinary skill in the art can understand the details disclosed in this field about network communication, electromagnetic signal command technology, user interface or input / output technology, etc., the maximum degree of The above technical details are omitted above, and these details are not considered to be the necessary features to obtain the complete technical solution of the present invention.

[0037] Such as figure 1 As shown, the virtual machine migr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a system and method for dynamically configuring a virtual machine migration security policy. A source host node and a target host node are both provided with strategy agent modules; a security policy database and a policy coordination module are respectively connected with a security management center; the policy coordination module is further connected with all the strategy agent modules; the security management center is used for inquiring the security policy database to judge whether a local security policy intermediate value violates a global security policy or not; if yes, the local security policy intermediate value is adjusted to be a security policy final value; if not, the local security policy intermediate value is set to be the security policy final value. Due to the fact that the global security policy is introduced in the process of generating the security policy final value, the security policy final value can violate the global security policy under no circumstances; after a virtual machine is migrated, a local security policy on the target host node is adjusted and brought into global security policy planning, and therefore the virtual machine is effectively prevented from lowering in security before and after migration.

Description

technical field [0001] The invention relates to an information security system and method, in particular to a virtual machine migration security policy dynamic configuration system and method. Background technique [0002] Cloud computing is an Internet-oriented distributed computing service. As a delivery model for IT resources and services, it can obtain the required resources from a shared pool of configurable computing resources anytime, anywhere, conveniently, and on demand. (such as networks, servers, storage, applications, services, etc.), these resources can be quickly provisioned and released, while minimizing management costs or service provider intervention. In the cloud computing environment, the implementation of security policies faces many difficulties due to the virtualization of the network. Virtualization makes the boundaries of traditional networks blurred. Different networks divided according to virtual machines are no longer restricted by physical networ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 陈幼雷张雅哲
Owner CEC CYBERSPACE GREAT WALL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com