Virtualization technology based terminal trust enhancement method and system

A virtualization technology and a terminal technology, which are applied in the field of terminal trust enhancement methods and systems, can solve the problems that the internal information leakage or tampering of the terminal operating system cannot be prevented, and achieve the effect of preventing leakage or tampering

Inactive Publication Date: 2016-02-24
PLA PEOPLES LIBERATION ARMY OF CHINA STRATEGIC SUPPORT FORCE AEROSPACE ENG UNIV +1
View PDF4 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, these traditional operating system security technologies can only prevent malicious attacks and unauthorized access from the outside, and cannot prevent the leakage or tampering of internal information of the terminal operating system.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virtualization technology based terminal trust enhancement method and system
  • Virtualization technology based terminal trust enhancement method and system
  • Virtualization technology based terminal trust enhancement method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0050] see Figure 1A , the embodiment of the present invention provides a method for enhancing terminal trustworthiness based on virtualization technology. In the embodiment of the present invention, the trusted terminal is designed and developed based on the bare-bones virtual machine technology and trusted computing technology, and the trusted terminal is managed uniformly through the management center to realize the trusted enhancement of the trusted terminal. In the present invention, the trusted terminal may be a terminal device such as a computer, a gateway, or a PAD (Portable Android Device, tablet computer). The method specifically includes the following steps:

[0051] Wherein, when realizing the trust enhancement of the trusted terminal, the management center first performs the initial configuration on the trusted terminal through the following steps 101-104.

[0052] Step 101: the management center generates Ukey (small storage device) configuration information, s...

Embodiment 2

[0098] see figure 2 , an embodiment of the present invention provides a virtualization technology-based terminal trust enhancement system, the system is used to implement the above virtualization technology-based terminal trust enhancement method. The system specifically includes: a management center 201 and a trusted terminal 202;

[0099] The management center 201 is used to generate Ukey configuration information, store the Ukey configuration information in the Ukey corresponding to the trusted terminal 202, obtain the whitelist configuration file, and send the bare-model virtual machine installation program and the whitelist configuration file to the trusted terminal 202. The Ukey configuration information includes verification information, and the whitelist configuration file includes the identification of the application, the identification of the dynamic library of the application, and the summary value of the application;

[0100] The trusted terminal 202 is used to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a virtualization technology based terminal trust enhancement method and system. The method comprises: a trusted terminal, according to verification information stored in a Ukey, performing completeness verification on an operation system kernel file and a bare-type virtual machine related file, and starting an operation system after verification is passed; and the trusted terminal, according to a whitelist configuration file and a whitelist drive program, performing completeness verification on an application, a service and an external device drive that are loaded dynamically, so as to implement trust enhancement of the trusted terminal. According to the virtualization technology based terminal trust enhancement method and system provided by the present invention, the operation system is started according to verification information stored in the Ukey, a static trust chain is established, and operation system information is prevented from being leaked or tampered from internally; and completeness verification is performed on the loaded application according to the whitelist configuration file, a dynamic trust chain is established, and malicious attacks and unauthorized access are prevented from externally.

Description

technical field [0001] The present invention relates to the field of trusted computing, in particular to a method and system for enhancing terminal trustworthiness based on virtualization technology. Background technique [0002] With the popularization of terminals, terminal security has become an important issue that people pay attention to. How to realize terminal security and provide users with a reliable terminal computing environment has become an urgent problem to be solved. [0003] At present, for terminal security issues, especially terminal operating system security issues, traditional operating system security technologies such as firewalls, intrusion detection, and virus protection are mainly used to block illegal users who attempt to share information resources and access unauthorized access from the outside. [0004] However, these traditional operating system security technologies can only prevent malicious attacks and unauthorized access from the outside, a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/64
CPCG06F21/55G06F21/64
Inventor 王飞王宇孙鸿鹏李晋丽吴忠望韩伟杰
Owner PLA PEOPLES LIBERATION ARMY OF CHINA STRATEGIC SUPPORT FORCE AEROSPACE ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap