Method for realizing security isolation of virtual machine based on OpenStack

A security isolation and virtual machine technology, applied in the field of virtual machine security isolation based on OpenStack, can solve the problems of confidential information leakage, server insecurity factors, etc., and achieve the effect of improving security

Pending Publication Date: 2020-12-18
北京思特奇信息技术股份有限公司
View PDF8 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the existing solution, visitors from the external network or the internal network can access services based on the OpenStack platform, but when important confidential information is placed in the server, if all visitors can access this information, it will give the server Bringing unsafe factors and the possibility of leaking confidential information

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing security isolation of virtual machine based on OpenStack
  • Method for realizing security isolation of virtual machine based on OpenStack
  • Method for realizing security isolation of virtual machine based on OpenStack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] The embodiment of the present application provides a method and a related device for implementing security isolation of virtual machines under the OpenStack platform, which are used to implement physical isolation on the network between virtual machines accessing Internet services and intranet application virtual machines based on the OpenStack platform.

[0054] The technical solution in this application will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of this application. Obviously, the described embodiments are only some of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0055] The method of the present application can be applied to a router, a network switch having a layer-3 switching function, or...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for realizing virtual machine security isolation based on OpenStack and a related device, and realizes isolation between a virtual machine accessing an Internet service on an OpenStack platform and an intranet application virtual machine on a network. The method comprises the following steps: creating a first available area AZ and a second available area AZ througha Nova component; allocating a first physical link access mode to network cards of a server accessed to the first AZ, the server comprising two or more than two network cards, and the first physicallink access mode being used for accessing a management network switch and an intranet switch; allocating a second physical link access mode to network cards of a server accessed to the second AZ, theserver comprising two or more than two network cards, and the second physical link access mode being used for accessing the management network switch and a DMZ area switch; selecting the server accessed to the first AZ, and configuring a first dynamic host configuration protocol DHCP service for the server; and selecting the server accessed to the second AZ, and configuring a second DHCP service for the server.

Description

technical field [0001] The embodiment of the present application relates to the field of information security management, and specifically relates to a method and a related device for implementing security isolation of virtual machines based on OpenStack. Background technique [0002] OpenStack cloud computing management platform is a free and open source cloud computing platform jointly developed and initiated by NASA (National Aeronautics and Space Administration) and Rackspace, one of the world's three major cloud computing centers. It mainly uses pooling Virtual resources are used to build and manage private clouds and public clouds. It can be installed on hardware platforms from different manufacturers in the data center to manage computing, network, and storage resources in a unified manner. OpenStack consists of multiple components. For example, Nova is the component responsible for computing resources, Neutron is the component that provides the network, and Heat is t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455
CPCG06F9/45558G06F2009/45587G06F2009/45595
Inventor 冯四化
Owner 北京思特奇信息技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap