CN100454278C - Control method for accessing computer system and I/0 ports - Google Patents
Control method for accessing computer system and I/0 ports Download PDFInfo
- Publication number
- CN100454278C CN100454278C CNB2006100014828A CN200610001482A CN100454278C CN 100454278 C CN100454278 C CN 100454278C CN B2006100014828 A CNB2006100014828 A CN B2006100014828A CN 200610001482 A CN200610001482 A CN 200610001482A CN 100454278 C CN100454278 C CN 100454278C
- Authority
- CN
- China
- Prior art keywords
- port access
- client modules
- end module
- access control
- port
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
A computer system enabling to control access of its I/O port comprises user operation unit with client end module for carrying out interaction with service end module and for receiving inputted I/O port access control parameters, service operation unit with service end module for carrying out interaction with client end module and for executing said control parameters, virtualizer monitor with I/O switch control module for deciding whether I/O command from user operation unit is to be executed or not according to said control parameters and I/O state monitor for displaying state of I/O port.
Description
Technical field
The present invention relates to computer system, particularly relate to a kind of computer system and I/O port access control method thereof.
Background technology
Along with computer technology and development of internet technology, the office automation level of modern enterprise progressively improves, enterprise also strengthens day by day for the dependence of computing machine and network, and the inevitable significant problem that information security issue also becomes enterprise to be faced, wherein the confidential data leakage problem is the unusual problems of being concerned about of numerous new high-tech enterprises, and this is because confidential data leaks and will cause immeasurable loss to enterprise.Therefore, leak for avoiding confidential data, a lot of enterprises have all taked some measures.Most of enterprises all will store the computing machine and the extranets of confidential data and isolate, and use intranet and private to take precautions against the illegal access of external staff for our unit's data, and reveal for the confidential data of copy mode, many units all take to limit the employee and use floppy drive, CD-ROM drive, USB port to carry out some measures such as copying data.In addition, also some unit leaks by the copy form for fear of confidential data, even floppy drive read write line, CD-ROM drive etc. are removed from physical unit, and seals up USB port, the USB gauge tap of perhaps entrusting some manufacturers to be provided with on main frame to lock outside one only allows keeper's toggle switch.Though the effect of avoiding data to leak by copy mode has also been played in the use of these methods, mode is not too flexible.
For fear of passing through floppy drive, mode such as CD-ROM drive and USB copies classified papers and causes secret to reveal, a kind of confidential information management system has also appearred at present, this system manages concentratedly original document, and be converted into unchangeable peculiar form, the employee is browsed by the reader that is embedded among the IE, these files are become can only be in inner online browsing and can not be to its e-file of making amendment, and all users are provided with specified permission, the user's of different rights access rights are also different, for example the user that rank is high can print, what rank was low can only read, propagate for preventing secondary, also adopt the mode of machine binding, only allow the e-file in the particular machine ability accessed web page in the in-house network.This mode is revealed for the classified papers of copy mode, really play a good role, yet, for many research and development business unit, the perhaps research and development department of business unit inside, promptly in developer's computing machine, preserve under the situation of data such as many confidential datas, classified papers, program design file usually, just can't use this confidential information management system to prevent the secret leakage of copying data mode.
In addition, also has a kind of method that prevents the secret leakage of copy mode, this mode is that other software of kernel level is installed in operating system of user, by other software of this kernel level the I/O port is carried out switch control, but this way can't prevent that the user from entering the safe mode of operating system from being about to other software deletion of this kernel level.
More existing ways or some are extreme, mode is very dumb, can't realize that computer system management person dynamically is provided with the access rights of I/O port as required, perhaps allow the user to use these ports as required temporarily, can not prevent that user oneself from removing the switch control functions of I/O port, in addition, can't allow the user understand the forbidding situation of port intuitively, be which port allows to use, which port blocking uses.
Summary of the invention
For this reason, the method that one object of the present invention just provides a kind of computer system and the I/O port access of this system is controlled makes it possible to dynamically arrange I/O port access authority, can not be changed by unwarranted user.
Another object of the present invention is to, the method that a kind of computer system is provided and the I/O port access of this system is controlled makes the user can see the forbidding situation of I/O port intuitively.
The invention provides a kind of computer system for this reason, comprise at least one operating system of user, the service operations system, virtual machine monitor and hardware platform, and the Nonvolatile rewriteable areas of dielectric and the predetermined region of memory that are used to store I/O port access control parameter information;
Operating system of user comprises client modules, be used to receive the setting of the I/O port access control parameter information of input, and the I/O port access control parameter information after will being provided with sends to the service end module in the service operations system;
The service operations system comprises the service end module, be used to receive the I/O port access control parameter information that described client modules sends, and the setting of execution I/O port access controlled variable, upgrade the I/O port access controlled variable in described Nonvolatile rewriteable areas of dielectric and the predetermined region of memory;
Whether virtual machine monitor comprises the I/O switch control module, be used for allowing the I/O that carries out from operating system of user to instruct according to the I/O port access controlled variable decision of described predetermined region of memory.
Computer system of the present invention also comprises the I/O Status Monitor, is used for intuitively showing according to I/O port access controlled variable the state of I/O port.
In the computer system of the present invention, described service operations system is the sightless embedded OS of user.
Computer system of the present invention also comprises the remote computer that is connected with described service operations system by network, comprise client modules in the described remote computer with network function, the service end module that described service operations system is comprised also has network function, client modules in the remote computer receives the setting of the I/O port access control parameter information of input, the I/O port access controlled variable after being provided with is sent to the service end module of described service operations system by network.
The service operations system is the sightless embedded OS of user in the computer system of the present invention.
Computer system of the present invention, wherein the service end module is Web server, client modules is a browser commonly used.
Computer system of the present invention, wherein service end module and client modules are SNMP server.
The present invention also provides a kind of method that realizes the control of I/O port access in computer system of the present invention, said method comprising the steps of:
Step 6 if parameter is set to forbidding, then forbids carrying out this I/O instruction, otherwise, allow to carry out this I/O instruction.
The method of I/O port access control of the present invention, wherein said step 6 also comprises: I/O port access control parameter information is sent to the I/O Status Monitor.
In the method for I/O port access control of the present invention, further comprising the steps of before the described step 1:
Steps A, the client modules service end module in the service operations system is sent request of access;
Step B, the request of service end module responds client modules also sends I/O port access control parameter information to client modules;
Step C, client modules receive I/O port access control parameter information and intuitively show.
The department of computer science of the present invention I/O port access control method of unifying has not only realized the access control of I/O port flexibly, has prevented that also the user from deleting the access control function to the I/O port voluntarily, and has made the user can see the interface disabling situation intuitively.
Description of drawings
In conjunction with the embodiments the present invention is described in detail below with reference to the accompanying drawings, wherein:
Fig. 1 is the structural representation of computer system of the present invention;
Fig. 2 is the process flow diagram of I/O port access control method of the present invention;
Fig. 3 utilizes client modules to carry out the process flow diagram that parameter is provided with;
Fig. 4 is the data structure diagram of the I/O port access controlled variable in the computer system of the present invention;
Relate to the structural representation that I/O port access controlled variable be provided with the html page of part of Fig. 5 for using in the present invention;
Fig. 6 is the structural representation that is included in the I/O Status Monitor in the Be Controlled computing machine of computer system of the present invention;
Fig. 7 is the synoptic diagram of the state indication panel of I/O Status Monitor shown in Figure 6.
Embodiment
Fig. 1 shows the structural representation of computer system of the present invention, and shown controlled computer comprises service operations system (SOS), operating system of user (COS), virtual machine monitor (VMM), I/O Status Monitor and hardware platform.Wherein, operating system of user is the operating system that the final user uses, such as widows XP; The service operations system is the operating system that various services are provided for operating system of user; Virtual machine monitor is highest level " the privilege layer " that runs directly on the hardware, has the system resource control, be used for the software layer that hardware control system resource (processor, internal memory, miscellaneous equipment etc.) is distributed, described operating system of user and service operating system are on this virtual machine monitor; The I/O Status Monitor is used to show the forbidding situation of current I/O port; Wherein, described hardware platform virtual support computations.
Above-mentioned operating system of user includes client modules, be used for carrying out alternately to realize the visit of I/O port access controlled variable with the service end module of service operations system, the system manager can be by the service end module of this client modules from the service operations system configuration information that gets parms, so that check the situation that is provided with of the I/O port access controlled variable of controlled computer, also can by client modules to parameter setting change, the I/O port access control parameter information after client modules will be changed sends to the service end module in the service operations system.
In above-mentioned service operations system, include the service end module, be used for carrying out alternately and carrying out the setting of I/O port access controlled variable with client modules, the service end module receives the request of I/O port access controlled variable, the configuration information that gets parms of client's module and sends to client modules, the changed information that reception is provided with from the parameter of client modules, and according to the changed information that is received I/O port access controlled variable is upgraded.
Operation has the I/O switch control module in above-mentioned virtual machine monitor (VMM), be used for according to I/O port access controlled variable, whether decision allows to carry out the I/O instruction from operating system of user, to transmit control signal simultaneously to the I/O Status Monitor, to show the forbidding situation of current I/O port.
In the computer system shown in Fig. 1, each controlled computer links together by network.Preferably, use remote computer controlled computer to be carried out centralized control by the system manager by network.Therefore, the service end module in the preferred service operating system has network function, and the client modules that comprises in the remote computer also has network function to carry out alternately with the service end module in the remote computer.Should be pointed out that the controlled computer shown in Fig. 1 can be provided with I/O access control parameter by the client modules in the operating system of user, therefore a controlled computer also can constitute computer system of the present invention.
For safety, in computer system of the present invention, client modules can adopt some restrictions to the visit of service operations system, makes to have only the keeper can change setting, such as by modes such as authentications.
Be presented in the computer system of the present invention below with reference to Fig. 2, carry out the method step of I/O port access control.
Fig. 2 shows the process flow diagram of I/O port access control method of the present invention.At first, operating system of user sends the request of I/O port access.Particularly, in operating system of user, user's operation or the request of application triggers I/O port access, this request of access is submitted to the operating system of user kernel after being converted into function call, hardware drive program in the operating system of user kernel is converted to the I/O instruction that I/O port access controller can be discerned with this function call, submits to I/O port access controller by CPU then and goes to carry out.
Then, virtual machine monitor is intercepted and captured the instruction from the I/O of service operations system.Owing to adopted Intel Virtualization Technology in the present invention, therefore on hardware platform of the present invention, CPU supports the instruction of two classes, one class is to use the ROOT instruction for virtual machine monitor specially, another kind of is specially for operating in the NON-ROOT instruction that operating system is used on the virtual machine monitor, therefore, when CPU receives from the I/O of operating system of user instruction, just give virtual machine monitor with control, for example, call the VM-ENTRY order, make to become the ROOT pattern from the NON-ROOT mode switch, and virtual machine monitor is transferred in the I/O instruction handled, virtual machine monitor been has just has been intercepted and captured the I/O instruction from operating system of user like this.
Then, I/O switch control module in the virtual machine monitor is according to the type of these I/O instructions of being intercepted and captured, configuration information gets parms from the predetermined region of memory of storage I/O port access controlled variable, and judge it is to forbid that these I/O instructions carry out according to the parameter information that obtains, still allow to carry out this instruction.It should be noted that, because virtual monitor mainly is responsible for operating system and carries out resources allocation and management, and can not be based on self demand from such as directly obtaining I/O port access controlled variable configuration information on the hard disk, therefore need in predetermined region of memory, preserve a I/O port access control parameter information, the configuration information so that virtual machine monitor can get parms, for example, can be when system start-up will be stored in such as the I/O port access controlled variable in the hard disk and copy in the predetermined region of memory, and also need to upgrade the parameter setting in this predetermined region of memory after the parameter change by the service operations system.
Carry out if allow, CPU submits to the execution of I/O port access controller with these I/O instructions so, transmit control signal simultaneously and make its I/O of demonstration port status directly perceived to the I/O Status Monitor, behind the complete operation, the CPU power of will operating is given operating system of user, for example calls the VM-EXIT order, makes to become the NON-ROOT pattern from the ROOT mode switch, the hardware drive program of operating system of user returns to operating system of user with request results after obtaining the result of I/O request; Otherwise, forbid the execution of I/O instruction, and transmit control signal and make it show the I/O port status intuitively to the I/O Status Monitor, afterwards, the power of will operating is given operating system of user, for example, CPU calls the VM-EXIT order, become the NON-ROOT pattern from the ROOT mode switch, the hardware drive program of operating system of user returns to operating system of user with request results after obtaining the result of I/O request.Certainly, also can be arranged to the modification indicating status that under the situation that the parameter setting changes, just transmits control signal.The service operations optimum system choosing does not have the embedded OS of Presentation Function.
In the described method of Fig. 2, the I/O switch control module that is arranged in virtual machine monitor is according to the I/O port access controlled variable that sets in advance, and determines whether allowing CPU to give I/O port access controller from the I/O instruction of user's operating system and carries out.Below, will be described in the department of computer science of the present invention the process that I/O port access controlled variable is provided with by client modules with reference to figure 3.
Fig. 3 shows by client modules and carries out the process flow diagram that parameter is provided with.At first, the keeper sends request of access by the service end module of client modules in the service operations system.Then, the service end module in the service operations system is obtained the I/O port access controlled variable configuration information that is stored in system's Nonvolatile rewriteable medium (such as hard disk, EEPROM, FLASH etc.), and these information are sent to client modules.Then, client modules shows after receiving parameter information, the keeper according to demand to I/O port access controlled variable setting change.Then, the parameter information after client modules will be changed sends to the service end module.After the service end module receives parameter setting information after the change, information updating parameter setting after using these to be provided with, comprise and revise the I/O port access controlled variable configuration information that is stored in (such as hard disk, EEPROM, FLASH etc.) in the Nonvolatile rewriteable medium, update stored in the I/O port access controlled variable of predetermined region of memory simultaneously.
When client modules operates in the operating system of user, in this case, client modules can carry out data transmission by shared drive and service end module that virtual machine monitor provides, and data layout can be arranged based on the demand of I/O port switch controlled variable setting.
In addition, can also carry out this parameter setting up procedure by network.At this moment client modules may operate in the operating system of user, also may operate in the remote computer.In computer network, the keeper can be provided with I/O port switch controlled variable by client modules in remote computation.At this moment, service end module and client modules all need have network function.Introduce the process that I/O access control parameter is set by computer network below.At first, the client modules in the remote computer can send request of access to the service end module by the IP address of using the service end module; Then be arranged in the service operations system and be in the service end module of waiting for the request of access state is sent to I/O port access control parameter information remote computer by network client modules; The keeper can check existing I/O port access controlled variable, and as required I/O port access controlled variable is provided with by client modules.I/O port access controlled variable after being provided with is sent to service end module in the controlled computer by the client modules in the remote computer by network.The service end module is used amended parameter information then, and the undated parameter setting comprises the parameter setting information that updates stored in the predetermined region of memory.
Among the present invention, be used to provide the service end module of network function to realize in Web Server mode, client modules just can use directly that existing web browser software communicates with in the operating system like this, realizes that finally controlled variable is provided with function.In addition, can also adopt alternate manner to realize, realize that with SNMP Server the client modules on the remote computer can use SNMPServer, and communicates by snmp protocol between the two such as the service end module.In addition, it should be noted that conducts interviews for the service operations system in the controlled computer need carry out control of authority, such as can the control that authentication realizes power that parameter is provided with being set at service end module place.
In the present invention, can designing of the data structure of I/O port access controlled variable as Fig. 4, mainly comprise I/O controller sequence number, three fields of I/O controller title and on off state, can allow and disabled status by " 0 " and " 1 " expression respectively, also can make expression otherwise, allow and " 0 " expression forbidding, perhaps use " Y " and " N " expression respectively such as " 1 " expression.
Fig. 5 shows under the situation of using the network settings parameter, and that can use in the present invention relates to the structural representation that I/O port access controlled variable is provided with the html page of part.It is corresponding that the display result of this page and parameter shown in Figure 4 are provided with, and wherein on off state is in disabled status for the floppy drive and the USB of " 1 ", and on off state is in the permission user mode for other I/O port of " 0 ".
The I/O Status Monitor that is comprised in the controlled computer of computer system of the present invention, be mainly used in the state that shows the I/O port, make the user intuitively understand I/O interface disabling situation in the computing machine, its structure mainly comprises connecting line joint, singlechip control chip and state indicating member composition as shown in Figure 6.The connecting line joint is used for connecting with the controlled computer main frame, and connected mode can be serial ports, parallel port, the multiple mode of USB mouth; Singlechip control chip is used for the dynamic demonstration of basis from the signal controlling state indicating member of main frame; The state indicating member is used for showing current I/O interface disabling situation according to the control signal from singlechip control chip that simple state indicating member comprises pilot lamp, such as light emitting diode, indicates I/O interface disabling situation by the state of pilot lamp.Certainly, under the situation of only using single indicator elment, also can omit singlechip control chip.
Fig. 7 is the synoptic diagram of the state indication panel of I/O Status Monitor shown in Figure 6.Each pilot lamp is represented a corresponding I/O port status.Realize that I/O port status function for monitoring also need transmit control signal to the I/O monitor intuitively to show the state of I/O port after obtaining status information in I/O port access control procedure.
Computer system provided by the present invention and I/O port access control method thereof, by the I/O switch control module in the virtual machine monitor, realized the control of I/O port access, make managerial personnel that I/O port access controlled variable can be set neatly by the service end module in client modules and the service operations system, and prevented module or information deletion that the unauthorized user will be relevant with this function effectively.In addition, the present invention can also show I/O interface disabling situation intuitively, and making the final user can be well understood to current which port can use, and which port blocking uses.
More than describe and introduced the present invention, but the present invention is not limited in described embodiment by the mode of embodiment.Should be noted in the discussion above that and without departing from the spirit and scope of the present invention situation under, also have many alternative modes and modification, also can adopt form of software to be presented in the operating system of user such as the I/O Status Monitor, check for the final user.
Claims (10)
1. computer system, comprise at least one operating system of user, service operations system, virtual machine monitor and hardware platform, and the Nonvolatile rewriteable areas of dielectric and the predetermined region of memory that are used to store I/O port access control parameter information, it is characterized in that:
Operating system of user comprises client modules, be used to receive the setting of the I/O port access control parameter information of input, and the I/O port access control parameter information after will being provided with sends to the service end module in the service operations system;
The service operations system comprises the service end module, be used to receive the I/O port access control parameter information that described client modules sends, and the setting of execution I/O port access controlled variable, upgrade the I/O port access controlled variable in described Nonvolatile rewriteable areas of dielectric and the predetermined region of memory;
Whether virtual machine monitor comprises the I/O switch control module, be used for allowing the I/O that carries out from operating system of user to instruct according to the I/O port access controlled variable decision of described predetermined region of memory.
2. computer system according to claim 1 is characterized in that also comprising the I/O Status Monitor, is used for intuitively showing according to I/O port access controlled variable the state of I/O port.
3. computer system according to claim 1 and 2 is characterized in that, described service operations system is the sightless embedded OS of user.
4. according to the computer system shown in claim 1 or 2, it is characterized in that, also comprise the remote computer that is connected with described service operations system by network, comprise client modules in the described remote computer with network function, the service end module that described service operations system is comprised also has network function, client modules in the remote computer receives the setting of the I/O port access control parameter information of input, the I/O port access controlled variable after being provided with is sent to the service end module of described service operations system by network.
5. computer system according to claim 4 is characterized in that, described service operations system is the sightless embedded OS of user.
6. computer system according to claim 4 is characterized in that the service end module is Webserver, and client modules is a browser commonly used.
7. computer system according to claim 4 is characterized in that, service end module and client modules are SNMP server.
8. the method for I/O port access control said method comprising the steps of:
Step 1, the setting to I/O port access control parameter information of client modules receiving management person input, and the I/O port access control parameter information after will being provided with sends the service end module to;
Step 2, described service end module receives the I/O port access control parameter information that described client modules sends, and the setting of execution I/O port access controlled variable, Nonvolatile rewriteable areas of dielectric in the update calculation machine system and the I/O port access controlled variable in the predetermined region of memory;
Step 3, operating system of user are sent the I/O operation requests;
Step 4, virtual machine monitor are intercepted and captured the I/O instruction from operating system of user;
Step 5, the region of memory predetermined from system obtains I/O port access controlled variable, and setting judges whether disabled ports according to parameter;
Step 6 if parameter is set to forbidding, then forbids carrying out this I/O instruction, otherwise, allow to carry out this I/O instruction.
9. method according to claim 8 is characterized in that, described step 6 also comprises: I/O port access control parameter information is sent to the I/O Status Monitor.
10. according to Claim 8 or 9 described methods, it is characterized in that, further comprising the steps of before the described step 1:
Steps A, the client modules service end module in the service operations system is sent request of access;
Step B, the request of service end module responds client modules also sends I/O port access control parameter information to client modules;
Step C, client modules receive I/O port access control parameter information and intuitively show.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100014828A CN100454278C (en) | 2006-01-19 | 2006-01-19 | Control method for accessing computer system and I/0 ports |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100014828A CN100454278C (en) | 2006-01-19 | 2006-01-19 | Control method for accessing computer system and I/0 ports |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101004767A CN101004767A (en) | 2007-07-25 |
| CN100454278C true CN100454278C (en) | 2009-01-21 |
Family
ID=38703901
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100014828A Active CN100454278C (en) | 2006-01-19 | 2006-01-19 | Control method for accessing computer system and I/0 ports |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100454278C (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7908403B2 (en) * | 2008-02-14 | 2011-03-15 | International Business Machines Corporation | Reserved device access contention reduction |
| CN101271401B (en) * | 2008-04-23 | 2010-04-14 | 北京航空航天大学 | Server cluster unit system with single system image |
| GB201220692D0 (en) * | 2012-11-16 | 2013-01-02 | Overnet Data Man Ltd | Software deployment and control method and system |
| CN103077018B (en) * | 2012-12-27 | 2016-04-27 | 广州英码信息科技有限公司 | A kind of control method of the equipment interface based on Android system and system |
| EP3144838B1 (en) * | 2014-05-13 | 2019-02-27 | Nippon Telegraph and Telephone Corporation | Security system, management apparatus, permission apparatus, terminal apparatus, security method and program |
| JP6465376B2 (en) * | 2014-06-16 | 2019-02-06 | 株式会社インタラクティブソリューションズ | Display information management system |
| CN104301430B (en) * | 2014-10-29 | 2016-04-13 | 北京麓柏科技有限公司 | Software definition storage system, method and common control equipment thereof |
| CN105282241B (en) * | 2015-09-28 | 2021-11-16 | 青岛海尔智能家电科技有限公司 | Control method and device for Internet of things equipment |
| CN108600044B (en) * | 2018-03-30 | 2020-11-20 | 新华三信息安全技术有限公司 | Interface state acquisition method, device and equipment |
| CN110245527A (en) * | 2019-06-14 | 2019-09-17 | 深圳市同泰怡信息技术有限公司 | A kind of USB port right management method and device and equipment |
| CN111753340B (en) * | 2020-05-18 | 2023-07-18 | 贵州电网有限责任公司 | USB interface information security prevention and control method and system |
| CN112968790B (en) * | 2021-01-19 | 2024-01-05 | 英莱科技(苏州)有限公司 | Communication protection method for laser vision sensor and external equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN86105553A (en) * | 1985-07-31 | 1987-07-15 | 株式会社日立制作所 | The input/output control mode of virtual computer system |
| JPH10275116A (en) * | 1997-03-28 | 1998-10-13 | Mitsubishi Electric Corp | Computer system |
| US20050081212A1 (en) * | 2003-09-30 | 2005-04-14 | Goud Gundrala D. | Switching between a service virtual machine and a guest virtual machine in a virtual machine monitor environment |
-
2006
- 2006-01-19 CN CNB2006100014828A patent/CN100454278C/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN86105553A (en) * | 1985-07-31 | 1987-07-15 | 株式会社日立制作所 | The input/output control mode of virtual computer system |
| JPH10275116A (en) * | 1997-03-28 | 1998-10-13 | Mitsubishi Electric Corp | Computer system |
| US20050081212A1 (en) * | 2003-09-30 | 2005-04-14 | Goud Gundrala D. | Switching between a service virtual machine and a guest virtual machine in a virtual machine monitor environment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101004767A (en) | 2007-07-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100454278C (en) | Control method for accessing computer system and I/0 ports | |
| US10728255B2 (en) | System and method for protection of entities across availability zones | |
| EP2513789B1 (en) | A secure virtualization environment bootable from an external media device | |
| Ta-Min et al. | Splitting interfaces: Making trust between applications and operating systems configurable | |
| JP4537022B2 (en) | A data processing method, a storage area control method, and a data processing system that limit data arrangement. | |
| Berger et al. | TVDc: managing security in the trusted virtual datacenter | |
| EP2378711B1 (en) | Network policy implementation for a multi-virtual machine appliance | |
| CN102460382B (en) | Annotating virtual application processes | |
| US20130275973A1 (en) | Virtualisation system | |
| CN104040525B (en) | Overwrite media is accessed by network connection | |
| JP2010061556A (en) | Information processing system, and control method for information processing system | |
| CN103890717B (en) | Basic input/output is provided in privileged domain(BIOS)Function | |
| US9244705B1 (en) | Intelligent micro-virtual machine scheduling | |
| JP5134149B1 (en) | Network system and control method thereof | |
| JP6255336B2 (en) | Secure data storage method and device | |
| JP2014182791A (en) | Customer centric method and adapter for copyright management system | |
| US8239862B2 (en) | Apparatus, method, and computer program product for processing information | |
| US10965616B2 (en) | Nonstop computing fabric arrangements | |
| WO2013145434A1 (en) | Network system and method for controlling same | |
| Dufrasne et al. | IBM System Storage DS8000 Copy Services Scope Management and Resource Groups | |
| KR100735875B1 (en) | System and method for remote access to a server and running multiple operating systems using live booting medium | |
| Valdez et al. | Retrofitting the ibm power hypervisor to support mandatory access control | |
| JP4314311B2 (en) | Information processing apparatus and information processing system | |
| JP5180399B2 (en) | Information processing apparatus, information processing method, and program | |
| US11977753B2 (en) | BIOS NVRAM storage extension system and method for secure and seamless access for various boot architectures |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |