Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

File redirection technology based virtualized security desktop

A secure desktop and redirection technology, applied in digital data protection, platform integrity maintenance, etc., can solve problems such as hidden dangers of computer data security, high architecture dependence, and complex operating system upgrade return on investment, etc., to ensure reliability, operation, etc. Safe, reliable and controllable

Inactive Publication Date: 2015-01-28
中电科网络安全科技股份有限公司
View PDF3 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] For such a situation, the usual strategy is to directly upgrade to other systems. However, large and medium-sized enterprises, military forces, and agencies, etc., rely heavily on software infrastructure, operating system upgrades are complex, uncertain, and return on investment. Consider that the implementation of a large-scale upgrade will generally be delayed by about 5 years, and the data in the computer will face multiple security risks during this period
[0005] At present, although many information security-related companies at home and abroad have done in-depth research on host data security and released various security protection systems, this protection system is mainly based on processes and functions. Restricting operational behaviors (such as printing and burning) can alleviate these hidden dangers to a certain extent, but it cannot fundamentally solve the hidden dangers of data leakage faced by the host (such as leaking incidents and Yanzhaomen incidents that have occurred in recent years)

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • File redirection technology based virtualized security desktop

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] Virtualized secure desktop based on file redirection technology, such as figure 1 As shown, it includes three parts:

[0027] 1. Ensure the legitimacy of users using the secure desktop through the login control module:

[0028] The startup of the secure desktop system is tightly coupled with the host login control module, and the USBKEY+PIN dual authentication control mechanism is adopted to log in; only users registered and authorized by legal institutions can log in and start the virtual secure desktop, thereby ensuring that users who log in to the virtual desktop is a legitimate user. The basic implementation principle is as follows:

[0029] During the host login stage, the secure desktop system will extract the PIN code entered by the user when logging in, and then verify the validity of the authorization certificate in the USBKey device. Only users who have correctly entered the PIN code and are truly authorized are allowed to log in to the virtual security syst...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a file redirection technology based virtualized security desktop. Validity in using the security desktop is guaranteed through a login control module; operation behavior results of users can be reliably protected by an encrypted virtual storage file system; the operation behavior results of the users in the virtualized security desktop are 'internally' redirected to the encrypted virtual storage file system through a user operation middle layer and the whole redirection process is encrypted and monitored under a communication encryption module and a black and white list control module. The virtualized security desktop system is 'totally separated' from an original desktop, operations of adhering, copying, shifting and the like of the files cannot be performed between the virtualized security desktop system and the original desktop; the files on an original desktop system are mapped to the same catalog on the virtualized desktop; results (files, register lists, temporary cache and the like) generated from operation of the users in the virtualized desktop are encrypted for redirection treatment, and all the operations in the virtualized desktop are guaranteed to be safe, reliable and controllable.

Description

technical field [0001] The invention belongs to host security in the field of information security, and relates to virtualization technology based on file redirection technology, communication encryption technology, host login control technology, etc., to realize login control of virtual desktop, system files, user files, registration Data operations such as tables and files are redirected to prevent internal data leakage and achieve desktop environment security. Background technique [0002] Since Microsoft announced that it will officially stop technical support, system and patch updates for Windows XP on April 8, 2014, according to the report of the market research company Net Applicationd, among the 1.4 billion Windows PCs worldwide in July 2013 (Microsoft data ) 37.2% of personal computers are still using the window XP operating system, and among them, China ranks 72.1%. It can be seen that domestic industry users and individual users are particularly dependent on wind...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62
CPCG06F21/53
Inventor 陈光礼
Owner 中电科网络安全科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products