Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Dual-system security policy isolation method between containers, electronic equipment and storage medium

A security policy and system security technology, applied in the field of vehicle system security, can solve problems such as policy isolation not being realized, historical policy loss, and inability to upgrade host machines and containers.

Active Publication Date: 2021-07-06
ECARX (HUBEI) TECHCO LTD
View PDF13 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the policy isolation between the host and each container has not been realized. Specifically, for example, the host and each container cannot be upgraded independently. lost history policy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dual-system security policy isolation method between containers, electronic equipment and storage medium
  • Dual-system security policy isolation method between containers, electronic equipment and storage medium
  • Dual-system security policy isolation method between containers, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] At present, the security policy isolation between the host and each container has not been realized. Specifically, for example, the host and each container cannot be upgraded independently, and the policies of the host and each container (such as the SEPolicy policy) cannot be upgraded multiple times. ), it is also easy to cause the loss of historical strategies. If the security policy isolation between the host machine and each container cannot be realized, the resources between the on-board systems on the vehicle cannot be fully shared. Being fully utilized not only increases the cost, but also reduces the communication efficiency between the two.

[0036] In view of the above problems, an embodiment of the present invention provides a dual-system security policy isolation method between containers. This approach could ultimately enable independent upgrades between in-vehicle systems. The security policy isolation may be SELinux (SecurityEnhanced Linux) policy isola...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a dual-system security strategy isolation method between containers, electronic equipment and a storage medium. The method includes judging whether the final isolated file exists during the startup process of the host machine; if the final isolated file exists, then judging whether the intermediate isolated files corresponding to the host machine and each container exist; if the intermediate isolated file exists, verifying that each If all intermediate isolation files pass the verification, load the final isolation file; if any intermediate isolation files fail the verification, compile a new final isolation file according to the intermediate isolation files corresponding to the host and each container file, and load a new final quarantine file; start the system security policy, and perform isolation control on the host machine and each container according to the loaded final quarantine file, so as to realize independent upgrade between the host machine and different containers.

Description

technical field [0001] The invention relates to the technical field of vehicle system security, in particular to a method for isolating security policies between containers of a dual system, electronic equipment and a storage medium. Background technique [0002] At present, there are many in-vehicle systems on the vehicle, such as in-vehicle infotainment systems and instrumentation systems, etc., and the sharing of hardware resources between the in-vehicle systems can be realized through the host machine and the container. However, the policy isolation between the host and each container has not been realized. Specifically, for example, the host and each container cannot be upgraded independently. Lost history strategy. Contents of the invention [0003] In view of the above problems, a dual-system security policy isolation method between containers, an electronic device, and a storage medium are proposed to overcome the above problems or at least partially solve the abo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/53
CPCG06F21/53
Inventor 赵拯楼赵辉吴超
Owner ECARX (HUBEI) TECHCO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com