Virtualized cloud password service system based on channel isolation and implementation method thereof

A cryptographic service, virtualized cloud technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve problems such as inability to ensure tenant isolation and security, inconsistent use of cryptographic equipment, and difficulties in equipment operation and maintenance, and achieve adaptation Strong performance, efficient management of cryptographic resources, and the effect of ensuring business performance

Pending Publication Date: 2022-01-18
中安网脉(北京)技术股份有限公司
View PDF0 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Traditional applications rely on cryptographic machines and other hardware devices to ensure the information security of applications. However, there are many problems in using common cryptographic devices in cloud compu

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virtualized cloud password service system based on channel isolation and implementation method thereof
  • Virtualized cloud password service system based on channel isolation and implementation method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The present invention will be further described below with reference to the accompanying drawings and embodiments, and the mode of the present invention includes but not limited to the following embodiments.

[0030] Such as figure 1 As shown, the implementation method of a virtualized cloud encryption service system based on channel isolation disclosed by the present invention includes the following steps:

[0031] Step 1: The cloud password management subsystem issues a physical password card initialization command, initializes the physical password card, authenticates the administrator of the physical password card, and generates the device key of the physical password card, so that the physical password card enters the working state;

[0032] Step 2: The cloud password management subsystem issues an initialization command of the cloud password service system, initializes the cloud password service system, authenticates the administrator of the system, and generates ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a virtualized cloud password service system based on channel isolation and an implementation method thereof, and belongs to the field of password engineering. The system is used for solving the problem of use of common password equipment in a cloud computing environment. The system is characterized in that the DMA of the PCI-E physical password card is isolated into a plurality of independent channels, and each channel corresponds to one character device of a driving layer and is configured to a virtual cipher machine through a Linux device mounting technology. And the virtual cipher machine calls the cipher card through the character device to realize key access and cipher calculation, and provides a safely isolated cipher operation service for the tenant. The physical password card is virtualized on the basis of channel isolation, the password resources are pooled, the password resources are used more efficiently, an administrator can manage the password resources more easily, meanwhile, secret key safety isolation of tenants is guaranteed through an isolation mechanism with multiple measures simultaneously, and therefore it is guaranteed that password service calling obtains the highest safety.

Description

technical field [0001] The invention relates to the field of cryptographic engineering, in particular to a virtualized cloud cryptographic service system based on channel isolation and an implementation method thereof. Background technique [0002] With the development of cloud computing technology, more and more traditional applications are migrating to the cloud. Utilize the unique high reliability and high scalability of the cloud computing environment to realize centralized data management and efficient utilization of hardware resources. [0003] Traditional applications rely on cryptographic machines and other hardware devices to ensure the information security of applications. However, there are many problems in using common cryptographic devices in cloud computing environments. For example, the use of common cryptographic devices does not conform to the cloud environment, the security of tenant isolation cannot be ensured, and equipment operation and maintenance are d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/40H04L67/10
CPCH04L63/02H04L63/083H04L67/10H04L63/0428H04L63/20H04L63/06
Inventor 刘歆林惠民王亮王天顺赵善
Owner 中安网脉(北京)技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap