Virtual platform information security protection method

A virtualization platform and virtual platform technology, applied in the field of computer information security, can solve the problems of increased configuration management, unable to protect, unable to capture, etc., to achieve the effect of strong practicability, convenient tracking and processing, and easy promotion

Inactive Publication Date: 2015-02-25
LANGCHAO ELECTRONIC INFORMATION IND CO LTD
View PDF3 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, while this architecture brings convenience and efficiency to people, there are also many security risks, such as hypervisor security, possible attacks and security blind spots between different virtual machines, due to The communication between virtual machines is completed inside the virtualization platform without the participation of external networks. Therefore, the traditional network boundary cannot capture this information, so it cannot be protected. However, as the scale of virtual machines increases, the existing Some configuration management adds a lot of pressure, and how to effectively configure and manage virtual machines has become a problem that needs to be solved

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virtual platform information security protection method
  • Virtual platform information security protection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0026] The present invention provides a method for protecting information security under a virtualization platform, which can be integrated with virtualization platforms (Vmware, KVM and Xen). The traffic with the virtual machine is inspected and filtered through the host firewall to filter out unsafe services and illegal user requests, control external access to the virtual machine, monitor Internet security and give early warning to prevent DDoS attacks or other attacks. By deploying a virtual platform protection layer on the hypervisor layer of the virtualization platform, detection and filtering between east-west traffic and north-south traffic are realized, network access control is realized, and traffic is detected and analyzed, thereby reducing the possibility of stepping stone attacks. .

[0027] as attached figure 1 , figure 2 As s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a virtual platform information security protection method. The method includes setting a virtual platform detection system, a virtual platform protection system and a virtual platform management system; acquiring network traffic, and performing host firewall security rule matching on the traffic through the virtual platform detection system; allowing a virtual interpreter to forward the matched traffic on the hypervisor layer of the virtual platform protection system, judging whether a set network access control strategy is met or not through a virtual platform protection layer after forwarding, and refusing to forward if the strategy is met; analyzing traffic information without limitation, when a traffic security strategy is not met, filtering the traffic. Compared with the prior art, the method had the advantages that the access control between virtual machines can be implemented; by means of QoS arrangement, VLAN classification and traffic filtering functions, the probability of malicious traffic communication can be reduced.

Description

technical field [0001] The invention relates to the technical field of computer information security, in particular to a method for protecting information security under a virtualization platform with strong practicability. Background technique [0002] With the advent of the era of cloud computing and big data, server virtualization technology has achieved rapid development. Server virtualization refers to running multiple logical computers on one server at the same time, and each virtual logical computer can run different operating systems. , each system provides one or more services to the outside world, and each logical computer can run independently of each other without affecting each other, which can significantly improve the work efficiency of the computer. However, while this architecture brings convenience and efficiency to people, there are also many security risks, such as hypervisor security, possible attacks and security blind spots between different virtual ma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0227H04L63/0272H04L63/10H04L63/1458
Inventor 宋洪涛
Owner LANGCHAO ELECTRONIC INFORMATION IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap