CN102752301A - Data transmission system and data transmission method applied to virtualized environment - Google Patents
Data transmission system and data transmission method applied to virtualized environment Download PDFInfo
- Publication number
- CN102752301A CN102752301A CN2012102288315A CN201210228831A CN102752301A CN 102752301 A CN102752301 A CN 102752301A CN 2012102288315 A CN2012102288315 A CN 2012102288315A CN 201210228831 A CN201210228831 A CN 201210228831A CN 102752301 A CN102752301 A CN 102752301A
- Authority
- CN
- China
- Prior art keywords
- data
- virtual machine
- terminal
- data transmission
- virtualized environment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a data transmission method and a data transmission system applied to a virtualized environment. The data transmission system comprises a virtual machine and a terminal, wherein both the virtual machine and the terminal comprise a data encryption and decryption unit; the data encryption and decryption unit is used for encrypting the current data before a local-end virtual machine/terminal transmits the data to an opposite-end virtual machine/terminal; and after the data transmitted by the opposite-end virtual machine/terminal is received, the data is decrypted. According to the embodiment, the data is encrypted by the virtual machine/terminal before the data passes through an external channel, and the data is encrypted when the data is transmitted to the opposite-end virtual machine/terminal through the external channel, so that the network security of the data stream in the transmission process of the external channel can be guaranteed, and the reliability can be improved.
Description
Technical field
The present invention relates to communication technical field, relate in particular to a kind of data transmission system and method that is applied to virtualized environment.
Background technology
Peripheral hardware and port mapping technology, the technology of promptly in the desktop virtual USB peripheral hardware, serial ports and the parallel port device redirection at terminal being used in the virtual desktop.
In the virtualized environment; Use the I/O that peripheral hardware the provided service on terminal thin client or the PC through peripheral hardware and port mapping technology; As USB device, serial ports and and jaws equipment etc.; This makes that the user experience of virtual desktop environment and conventional table environment is more approaching, and the user can use various peripheral hardwares easily, easily.
In the process that peripheral hardware and port mapping technology are used, all I/O requests all are redirected to the terminal thin client by virtual desktop or the PC end is handled, and the former road of process result is returned.These I/O data streams all transmit through local area network (LAN) or wide area network usually, and this moment, internet security just became a problem of should emphasis considering.And the I/O data stream in the conventional art all is a not encrypted, internet security, and especially the problem of wide area network fail safe is needed solution badly.
Summary of the invention
The object of the present invention is to provide a kind of data transmission system and method that is applied to virtualized environment, the internet security problem during peripheral hardware and the port mapping technology that solves is used.
The objective of the invention is to realize through following technical scheme:
A kind of data transmission system that is applied to virtualized environment comprises virtual machine and terminal, and said virtual machine and terminal include a data encrypting and deciphering unit;
Said data encrypting and deciphering unit is used at local terminal before data are sent at the virtual machine/terminal of opposite end, current data being carried out encryption; When the data that receive from the virtual machine/terminal of opposite end, these data are carried out decryption processing.
Preferably, in the said system, the quantity at said virtual machine and terminal is at least one.
A kind of data transmission method that is applied to virtualized environment comprises:
Virtual machine carried out encryption with all data earlier and re-sends to the purpose terminal before sending data flow;
Decipher these data earlier after receiving data at said purpose terminal, handles again.
Preferably, said method also comprises:
Encrypt the result data earlier after to the data processing after the deciphering at said purpose terminal, and the result data after will encrypting again return to said virtual machine.
Preferably, said method also comprises:
Said virtual machine is deciphered the result data that receive, and feeds back to operating system afterwards.
Compared with prior art, the embodiment of the invention has following beneficial effect:
In the embodiment of the invention; Through virtual machine/terminal before the peripheral channel data are carried out encryption in data; Decode operation is deciphered at virtual machine/terminal after data transfer to the opposite end through peripheral channel; So just guarantee the internet security of data flow in peripheral hardware channel transfer process, improved reliability.
Description of drawings
Fig. 1 is the data transmission system structure chart that is applied to virtualized environment in the embodiment of the invention.
Fig. 2 is the data transmission method flow chart that is applied to virtualized environment in the embodiment of the invention.
Embodiment
In order to make the object of the invention, technical scheme and advantage clearer,, the present invention is further elaborated below in conjunction with accompanying drawing and embodiment.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
See also Fig. 1, the data transmission system that is applied to virtualized environment in the present embodiment comprises virtual machine and terminal, and virtual machine and terminal adopt virtual machine end assembly and terminal assembly to realize the transmission of data respectively.As shown in the figure, virtual machine and terminal establish a communications link, and the data flow at two ends is through peripheral channel transmission, and peripheral channel is the data path that equipment or port redirection are set up to virtual desktop on the terminal.
Handle for realizing encryption and decryption; Virtual machine end assembly and terminal assembly all include a data encrypting and deciphering unit; Be used for before sending data, these data being carried out encryption, when receiving the data of peripheral channel transmission, these data carried out decryption processing to peripheral channel.
See also Fig. 2, the data transmission method that is applied to virtualized environment in the present embodiment comprises step:
201, virtual machine end assembly is before sending data flow, and the data encrypting and deciphering unit through local terminal carries out encryption with all data earlier, re-sends to terminal assembly.
202, terminal assembly is deciphered the data that receive earlier after receiving data, handles again.
203, terminal assembly is encrypted the result data earlier after handling, and the result data after will encrypting again return to virtual machine end assembly.
204, virtual machine end assembly is deciphered the result data that receive, and feeds back to operating system afterwards, finally feeds back to the user.
To sum up, present embodiment has carried out encryption to all data of peripheral hardware channel transfer, has improved the internet security in the use of equipment and port mapping so greatly, has improved data reliability.
The above is merely preferred embodiment of the present invention, not in order to restriction the present invention, all any modifications of within spirit of the present invention and principle, being done, is equal to and replaces and improvement etc., all should be included within protection scope of the present invention.
Claims (5)
1. a data transmission system that is applied to virtualized environment comprises virtual machine and terminal, it is characterized in that, said virtual machine and terminal include a data encrypting and deciphering unit;
Said data encrypting and deciphering unit is used at local terminal before data are sent at the virtual machine/terminal of opposite end, current data being carried out encryption; When the data that receive from the virtual machine/terminal of opposite end, these data are carried out decryption processing.
2. be applied to the data transmission system of virtualized environment according to claim 1, it is characterized in that, in this system, the quantity at said virtual machine and terminal is at least one.
3. a data transmission method that is applied to virtualized environment is characterized in that, this method comprises:
Virtual machine carried out encryption with all data earlier and re-sends to the purpose terminal before sending data flow;
Decipher these data earlier after receiving data at said purpose terminal, handles again.
4. like the said data transmission method that is applied to virtualized environment of claim 3, it is characterized in that this method also comprises:
Encrypt the result data earlier after to the data processing after the deciphering at said purpose terminal, and the result data after will encrypting again return to said virtual machine.
5. like the said data transmission method that is applied to virtualized environment of claim 4, it is characterized in that this method also comprises:
Said virtual machine is deciphered the result data that receive, and feeds back to operating system afterwards.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012102288315A CN102752301A (en) | 2012-07-04 | 2012-07-04 | Data transmission system and data transmission method applied to virtualized environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012102288315A CN102752301A (en) | 2012-07-04 | 2012-07-04 | Data transmission system and data transmission method applied to virtualized environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102752301A true CN102752301A (en) | 2012-10-24 |
Family
ID=47032201
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012102288315A Pending CN102752301A (en) | 2012-07-04 | 2012-07-04 | Data transmission system and data transmission method applied to virtualized environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102752301A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107533471A (en) * | 2015-04-23 | 2018-01-02 | 阿尔卡特朗讯公司 | Virtualization applications performance is improved by disabling unnecessary function |
| CN109858265A (en) * | 2018-11-22 | 2019-06-07 | 海光信息技术有限公司 | A kind of encryption method, device and relevant device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1936761A (en) * | 2005-09-23 | 2007-03-28 | 联想(北京)有限公司 | Computer system of bottom identity identification and method therefor |
| CN101902719A (en) * | 2010-08-20 | 2010-12-01 | 福建三元达软件有限公司 | Method and system for opening mobile phone number in air |
| CN101977183A (en) * | 2010-10-09 | 2011-02-16 | 南京博智软件科技有限公司 | High reliable digital content service method applicable to multiclass terminal equipment |
-
2012
- 2012-07-04 CN CN2012102288315A patent/CN102752301A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1936761A (en) * | 2005-09-23 | 2007-03-28 | 联想(北京)有限公司 | Computer system of bottom identity identification and method therefor |
| CN101902719A (en) * | 2010-08-20 | 2010-12-01 | 福建三元达软件有限公司 | Method and system for opening mobile phone number in air |
| CN101977183A (en) * | 2010-10-09 | 2011-02-16 | 南京博智软件科技有限公司 | High reliable digital content service method applicable to multiclass terminal equipment |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107533471A (en) * | 2015-04-23 | 2018-01-02 | 阿尔卡特朗讯公司 | Virtualization applications performance is improved by disabling unnecessary function |
| US11095616B2 (en) | 2015-04-23 | 2021-08-17 | Alcatel Lucent | Virtualized application performance through disabling of unnecessary functions |
| CN109858265A (en) * | 2018-11-22 | 2019-06-07 | 海光信息技术有限公司 | A kind of encryption method, device and relevant device |
| CN109858265B (en) * | 2018-11-22 | 2022-01-28 | 海光信息技术股份有限公司 | Encryption method, device and related equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2018389883B2 (en) | Device and method for transmitting data between a first and a second network | |
| CN103905435A (en) | Communication method of front end page and rear end server | |
| CN106713360B (en) | Method for realizing web encryption access and information encryption storage based on gateway equipment | |
| JP2008035272A5 (en) | ||
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| CN103580851A (en) | Information encryption and decryption method | |
| CN101707767A (en) | Data transmission method and devices | |
| CN105337954A (en) | Method and device for encryption and decryption of IP message in satellite communication | |
| CN104270380A (en) | End-to-end encryption method and system based on mobile network and communication client side | |
| CN102932345B (en) | A kind of information transferring method, Apparatus and system | |
| CN104065669B (en) | A kind of spatial network encryption method | |
| CN102624892A (en) | Method for preventing plug-in client from simulating hyper text transmission protocol (HTTP) request | |
| CN102752301A (en) | Data transmission system and data transmission method applied to virtualized environment | |
| CN104217171A (en) | Password cracking method, device and system | |
| KR101709276B1 (en) | Endpoint Security Server Management System | |
| CN104158788A (en) | Method of end-to-end data transmission | |
| CN110035061A (en) | Trust server information processing method and system | |
| CN106385423A (en) | Data encrypting transmission method and system | |
| CN100364305C (en) | Information security method of industrial control network and security function block | |
| CN102843335B (en) | The processing method of streaming medium content and equipment | |
| CN105471831A (en) | Method and device for encrypting real-time transport protocol (RTP) packet | |
| CN104462994A (en) | Data encryption and decryption operation method | |
| CN104469758B (en) | More equipment safety login methods | |
| CN205249272U (en) | Multistage information encapsulation encryption device | |
| CN104580129A (en) | SSL asynchronization agent method based on stream processing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20121024 |