Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Data wiping system in virtualization environment and method thereof

A virtualized environment and data erasure technology, which is applied in the field of data security and user privacy in cloud computing, can solve problems such as leakage, sensitive data leakage, and increasing the time window of sensitive data, achieving minimal performance loss, ensuring confidentiality, The effect of strong scalability

Active Publication Date: 2014-08-20
AVICIT CO LTD
View PDF5 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the process address space of the user running in the client computer may contain sensitive data such as passwords and privacy. Existing research mainly uses encryption or access control methods to protect the page content in the memory of the client computer during operation. These two protections are sensitive The data method has the following problems: (1) Encryption and decryption will inevitably affect the operating efficiency of the virtualization platform, which requires a lot of computing costs; (2) The access control method does not take into account the shared attributes in the virtualization environment, The virtualization platform may dynamically increase or decrease the memory during the running of the virtual machine, and the released memory is allocated to other users. At this time, there is a risk of sensitive data leakage; (3) If the program does not add data wipe when releasing data during the development process The function of deleting, the memory part containing sensitive data will still have the risk of leakage after the process is released, which undoubtedly increases the time window for sensitive data leakage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data wiping system in virtualization environment and method thereof
  • Data wiping system in virtualization environment and method thereof
  • Data wiping system in virtualization environment and method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025]How to avoid the leakage of sensitive data in the cloud environment is a matter of great concern to both cloud service providers and users. The invention utilizes the virtualization technology to realize erasing the data area of ​​the process when the process running in the client computer exits, and reduces the threat faced by the sensitive data when the user client computer is running from the perspective of shortening the time window for sensitive data leakage. The memory space of the running process in the client can be divided into code area, global data area, heap area and stack area. The user's sensitive data may be stored in the global data area in the form of global variables or static variables, or in the stack area in the form of local variables, or in the heap area in the form of dynamic application variables. Considering sensitive data ( Keys, passwords, etc.) are rarely hard-coded into the program in the form of static variables, and the stack area frequent...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a data wiping system in a virtualization environment and a method thereof, and belongs to the field of data safety and user privacy in cloud computing. Based on a Xen virtualization framework, the data wiping system comprises a process monitoring module, a control module, a virtual machine introspection module and a data wiping module. The control module, the virtual machine introspection module and the data wiping module are deployed in a management field, and the process monitoring module is deployed in a virtual machine manager, namely a VMM kernel. The data wiping system in the virtualization environment and the method thereof are used for reducing the threats to sensitive data stored in an internal storage when a user client operates, a time window which is attacked by the sensitive data is shortened at a possibly small cost, and the security of the sensitive data in the user client is guaranteed.

Description

technical field [0001] The invention relates to the fields of data security and user privacy in cloud computing, in particular to a system and method for erasing sensitive data in memory in a virtualized environment. Background technique [0002] Through the abstraction of computing, network, and storage resources, virtualization technology allows clients of different users to share hardware resources, which improves resource utilization and reduces IT management costs. However, the process address space of the user running in the client computer may contain sensitive data such as passwords and privacy. Existing research mainly uses encryption or access control methods to protect the page content in the memory of the client computer during operation. These two protections are sensitive The data method has the following problems: (1) Encryption and decryption will inevitably affect the operating efficiency of the virtualization platform, which requires a lot of computing cost...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53G06F21/60
CPCG06F21/53G06F21/60
Inventor 王亮李文龙
Owner AVICIT CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com