Data transmission control method, key management method, configuration method and related devices

A technology for data transmission control and control devices, which is applied in the field of data security and can solve problems such as reducing the performance of encrypted virtual machines

Pending Publication Date: 2021-01-22
HYGON INFORMATION TECH CO LTD
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, DMA technology itself is introduced to avoid memory copying by the CPU, and the above-mentioned encrypted virtual machine rebound buffer mechanism requi

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data transmission control method, key management method, configuration method and related devices
  • Data transmission control method, key management method, configuration method and related devices
  • Data transmission control method, key management method, configuration method and related devices

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0099] Computer peripherals refer to hardware devices connected outside the computer host, referred to as peripherals, which play the role of transmission, transfer and storage of data and information, and are an important part of the computer system.

[0100] As mentioned in the background section, at present, when dealing with DMA data interaction between encrypted virtual machines and peripherals, the Bounce Buffer mechanism is generally used, that is, the encrypted virtual machine allocates an additional piece of ordinary memory, that is, non-encrypted memory, as a temporary memory for DMA transmission. The DMA control device can directly access the ordinary memory, and the CPU copies data between the ordinary memory and the encrypted virtual machine memory.

[0101] In order to more clearly illustrate the working principle of the above-mentioned Bounce Buffer mechanism, the structure and data interaction process of a DMA transmission system will be described below.

[010...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Disclosed are a data transmission control method, key management method, configuration method and related devices. The data transmission control method is suitable for directly storing data transmission between an access control device and a first storage device controlled by the access control device and a peripheral, the first storage device is suitable for storing encrypted data of an encryptedvirtual machine, and the data transmission control method comprises the following steps: acquiring and storing key control information configured by the security processing device in response to thedirect storage access transmission initiation request; acquiring direct storage access transmission control information configured by the encrypted virtual machine; and acquiring corresponding key control information according to the direct storage access transmission control information, and controlling a key processing device to process data transmitted between the first storage device and the peripheral through the key control information according to a data transmission direction.

Description

technical field [0001] The embodiments of the present invention relate to the technical field of data security, and in particular to a data transmission control method, a key management method, a configuration method and related devices. Background technique [0002] The host operating system can run multiple virtual machines, and the host operating system can see the virtual machine memory at will. However, once the host is hijacked, there is a potential risk of leakage of guest virtual machine data before the emergence of memory encryption technology. Therefore, CPU chip manufacturers propose virtual machine encryption technology to make up for this risk. Specifically, on the CPU chip architecture, the memory encryption technology is introduced, and different virtual machines can be configured with their own encryption keys, but the host operating system does not know the memory encryption keys of the currently running virtual machines. There is no way to peek at custome...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/60
CPCG06F21/602G06F21/606
Inventor 姜新应志伟
Owner HYGON INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap