Method and device for protecting integrity of kernel of virtual machine
A technology of integrity protection and virtual machine, applied in the field of communication, can solve the problems of kernel integrity damage, damage of kernel control flow and data integrity, etc., and achieve the effect of ensuring normal operation
Inactive Publication Date: 2017-05-31
BEIJING CHINA POWER INFORMATION TECH +3
View PDF6 Cites 2 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
In the process of realizing the present invention, the inventor found that the prior art has at least the following problems: since the virtual machine usually adopts a commercial operating system, the integrity of the kernel is easily damaged, and there are many ways for malicious code to destroy the control flow and data of the kernel integrity
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0046] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be described in further detail below in conjunction with specific embodiments and with reference to the accompanying drawings.
[0047] It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are to distinguish two entities with the same name but different parameters or parameters that are not the same, see "first" and "second" It is only for the convenience of expression, and should not be construed as a limitation on the embodiments of the present invention, which will not be described one by one in the subsequent embodiments.
[0048] figure 1 It is a schematic flowchart of an embodiment of a method for protecting the integrity of a virtual machine kernel provided by the present invention. As shown in the figure, in the first aspect of the embodiment of the present invention, a virtual mach...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a method and device for protecting integrity of a kernel of a virtual machine. The method comprises the following steps: verifying starting integrity of a host machine and the virtual machine and establishing a credible running environment; establishing a first page table for the virtual machine, and storing a mapping relation between a memory page of the virtual machine and a memory page of the host machine in the first page table; judging whether a module running in the virtual machine is an incredible module or not according to the credible running environment in a process of running the virtual machine; establishing a second page table if the incredible module does not exist in the module of the virtual machine; and transferring the mapping relation between the memory page of the incredible module and the memory page of the host machine into the second page table from the first page table. The memory of the incredible module is isolated from the memory of a host machine main body, so that the incredible module can be supervised independently on the premise that the incredible module can be allowed to still run, possible aggressive behaviors of the incredible module can be controlled, and integrity of the kernel of the virtual machine can be protected while normal running of the virtual machine is guaranteed.
Description
technical field [0001] The present invention relates to the technical field of communications, in particular to a method and device for protecting the integrity of a virtual machine kernel. Background technique [0002] A virtual machine (Virtual Machine) refers to a complete computer system that is simulated by software and has complete hardware system functions and runs in a completely isolated environment. Because the virtual machine can make full use of hardware resources and establish a number of simulation systems on the basis of hardware that is far more than the number of hardware, it has good cost performance, so it is widely welcomed by enterprise users. Especially in recent years, with the increasing development of cloud computing technology, virtual machines, as a key part of cloud computing technology, are also constantly evolving and developing. [0003] For users, one of the most concerned issues when using cloud services is whether personal information can b...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455G06F21/56
CPCG06F9/45558G06F21/566G06F2009/45587
Inventor 刘莹李祉岐孙磊刘芮彤曹明明刘晓蕾焦腾宋洁石佳磊唐甜甜李杰苏国华段红超杨璐羽范维杨滢璇尹琴李天啸周强徐岚
Owner BEIJING CHINA POWER INFORMATION TECH