CN102289620A - Credible equipment virtualization system and method based on Xen safety computer - Google Patents
Credible equipment virtualization system and method based on Xen safety computer Download PDFInfo
- Publication number
- CN102289620A CN102289620A CN201110230453XA CN201110230453A CN102289620A CN 102289620 A CN102289620 A CN 102289620A CN 201110230453X A CN201110230453X A CN 201110230453XA CN 201110230453 A CN201110230453 A CN 201110230453A CN 102289620 A CN102289620 A CN 102289620A
- Authority
- CN
- China
- Prior art keywords
- virtual
- credible
- equipment
- credible equipment
- rear end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention belongs to the field of virtualization technical application, in particular relates to a credible equipment virtualization system and method based on a Xen safety computer. The system comprises virtual credible equipment, wherein the virtual credible equipment comprises a credible equipment virtualization back end drive, a credible equipment virtualization front end drive and a credible back end management module; the credible equipment virtualization front end drive is arranged in a virtual client system, and the virtual client system is internally provided with an application program which is connected with the credible equipment virtualization back end drive arranged in a right-domain operating system through the credible equipment virtualization front end drive; and the credible back end management module is arranged in the right-domain operating system and connected with the credible equipment virtualization back end drive and the hardware credible equipment. Under the condition of ensuring that the virtual client operating system is credible, the invention provides credible equipment services for the virtual client system, releases the dependence of the original credible equipment virtualization technology on a credible equipment simulation tool, and realizes the virtualization of credible equipment made in China.
Description
Technical field
The invention belongs to the Intel Virtualization Technology application, be specifically related to a kind of based on Xen fail-safe computer credible equipment virtualization system and method.
Background technology
Along with developing rapidly and widespread use of computer and network technologies, the global IT application degree improves constantly, and information security is not only inseparable with our daily life, directly has influence on national security, economic development and social stability especially.Particularly in recent years, national implementation information system-level conservation policy, very urgent to the security function demand of computing machine.
In order to solve the problem of information security, country is all formulating the information security that relevant laws and regulations and system are protected oneself with enterprise.Software supplier can stop extraneous malice to invade the security of enhanced system by developing antivirus software, encryption software targetedly to guarantee system both at home and abroad.
On active computer architecture basis, (Trusted Platform Module TPM) makes up the computer security system framework, is representing the especially developing direction of information security industry of following computer industry based on credible equipment.Be different from traditional safety product, not only managed on application software based on the fail-safe computer of credible equipment, the problem that may occur at operating system is controlled especially.Because current Windows series operating system being extensive use of at home, frequent system vulnerability that occurs and the back door problem that may exist are not that traditional fail-safe software can solve.Virtual by to current platform operates on the virtual platform destination OS, realizes safety management under the operating system by the management to platform then.Prevent that back door that operating system may exist from causing the leakage of private information.
But on the one hand, although fail-safe computer has promoted the security of system to a certain extent, it does not ensure the direct safety of mutual virtual client operating system with the general user; On the other hand, original credible equipment Intel Virtualization Technology depends on credible equipment simulation tool (tpm_emulator), and both be not easy to expansion and upgraded, more impossiblely realize the virtual of homemade credible equipment after the same method.
Summary of the invention
Shortcoming at prior art, the purpose of this invention is to provide and a kind ofly guaranteeing to provide the credible equipment service for the virtual client system under the believable situation of virtual client operating system, remove of the dependence of original credible equipment Intel Virtualization Technology, realize that homemade credible equipment is virtualized based on Xen fail-safe computer credible equipment virtualization system and method for the credible equipment simulation tool.
For achieving the above object, a kind of technical scheme of the present invention is:
A kind ofly comprise the virtual credible equipment that is arranged in privileged domain operating system and the virtual client system based on Xen fail-safe computer credible equipment virtualization system, it is used for virtual client system access hardware credible equipment; Described virtual credible equipment comprises credible equipment virtual rear end driving, the virtual front-end driven of credible equipment and credible rear end administration module;
The virtual front-end driven of described credible equipment is arranged in the virtual client system, also be provided with application program in the virtual client system, described application program drives by the virtual rear end of virtual front-end driven of credible equipment and the credible equipment in being arranged on privileged domain operating system and is connected; The virtual front-end driven of described credible equipment customizes, because under normal conditions, drive the virtual credible equipment of registration at the virtual rear end of credible equipment, there is not general device drives to load this virtual credible equipment at front end, therefore need a virtual front-end driven of credible equipment that drives customization at the virtual rear end of credible equipment, the virtual rear end of virtual front-end driven of credible equipment and credible equipment drives and communicates, in virtual Domain, just realized of the visit of virtual client system to virtual credible equipment;
Described credible rear end administration module is arranged in the privileged domain operating system, and credible rear end administration module drives with the virtual rear end of credible equipment and is connected with the hardware credible equipment; Credible rear end administration module should drive with the virtual rear end of credible equipment and carry out alternately, be responsible for providing the virtual credible device service again, and will be according to request of access access hardware credible equipment in time, receiving the access request data that credible equipment virtual rear end driving is sent, credible rear end administration module is by the parsing to data, obtain correct credible equipment command format, the form of data can freely customize, and makes the virtual rear end of credible equipment drive the characteristics that possessed dirigibility.
As a kind of prioritization scheme, the virtual rear end of described credible equipment drives the Virtual PC I equipment that is provided with, Virtual PC I equipment is realized Virtual PC I equipment interface by mapping mode, and the virtual front-end driven of credible equipment drives by the virtual rear end of Virtual PC I equipment interface and credible equipment and is connected.
As further prioritization scheme, Virtual PC I equipment is realized Virtual PC I equipment interface by I/0 port mapping or I/O memory-mapped.
As further prioritization scheme again, during driving, the virtual rear end of described credible equipment is provided with read, the virtual front-end driven of credible equipment is obtained I/O port resource or the I/O memory source that the virtual rear end of credible equipment drives by read, to set up and being connected that the virtual rear end of credible equipment drives.
As another kind of prioritization scheme, described credible rear end administration module is provided with the back end communications channel, and credible rear end administration module drives by the virtual rear end of back end communications channel and credible equipment and is connected.
As further prioritization scheme, described virtual credible equipment also comprises the virtual credible device memory, and the virtual credible device memory is a nonvolatile memory, and it is connected with credible rear end administration module.
Another kind of technical scheme of the present invention is: a kind of method of servicing based on Xen fail-safe computer credible equipment virtualization system is provided, and it may further comprise the steps:
A. the application program of virtual client system is initiated the request of virtual credible device access;
B. the virtual front-end driven of virtual credible equipment calls credible equipment, the virtual rear end of virtual front-end driven of credible equipment and credible equipment drives and connects, and the request of access of virtual credible equipment is transferred to the virtual rear end of credible equipment drive;
C. the virtual rear end of credible equipment drives the request of access that receives is handed to credible rear end administration module;
D. credible rear end administration module is resolved the request of access that receives, and obtains the credible equipment order, judges whether access hardware credible equipment or virtual credible device memory then;
F. credible rear end administration module drives return data to the virtual rear end of credible equipment; Described credible rear end administration module produces corresponding feedback data after carrying out visit information, and credible rear end administration module returns to the virtual rear end of credible equipment with feedback data and drives;
G. the virtual rear end of credible equipment drives the feedback data that receives is returned to the virtual front-end driven of credible equipment, and the virtual front-end driven of credible equipment returns to application program with feedback data again.
As a kind of preferred version, the concrete steps of described step B are:
B1. the virtual rear end of credible equipment drives the Virtual PC I equipment of creating, and described Virtual PC I equipment is created Virtual PC I equipment interface by I/O port or I/O memory-mapped;
B2. the virtual rear end of credible equipment drives the registration read, and the virtual front-end driven of credible equipment is obtained I/O port resource or I/O memory source by read, sets up and being connected that the virtual rear end of credible equipment drives;
B3. the virtual front-end driven of credible equipment drives the one or more request of access of transmission by I/O port resource or the I/O memory source that obtains to the virtual rear end of credible equipment; The virtual front-end driven of the credible equipment request of access of self-application program is in the future carried out the batch transmission, the visit of a virtual client system just triggers repeatedly the I/O operation that the virtual front-end driven of credible equipment drives the virtual rear end of credible equipment, thereby set up front and back end communication interface efficiently, realize the convenient access of virtual client system virtual credible equipment.
B4. I/O port or I/O internal memory return a character according to each request of access operation to the virtual front-end driven of credible equipment.
As further preferred version, among the described step C, credible rear end administration module is registered the back end communications channel in the Xen trusted computer system, the virtual rear end of credible equipment drives is redirected to the request of access of application program to virtual credible equipment in the described back end communications channel, sets up credible equipment virtual rear end driving and is connected with credible rear end administration module.
As further preferred version again, in whole service process, the trusted status of described virtual client system whole life is responsible for by the virtual credible device memory, and credible rear end administration module manages described virtual credible device memory.
Compared with prior art, the present invention has following beneficial effect:
The virtual rear end of credible equipment drives, customizes the virtual front-end driven of credible equipment, sets up front and back end communication interface efficiently by setting up flexibly in the present invention, in conjunction with the present safety requirements of Xen safety computer platform, again design credible equipment is virtual, on the one hand, credible equipment is extended to the virtual client system to the trust chain of privileged operation system, make the virtual client system be measured, guarantee the credible of virtual client system as the part of platform; On the other hand, forgo virtual virtual credible equipment to the dependence of safety chip simulation tool, simplified the function of virtual credible equipment, it is combined with safety computer platform more closely, the credible equipment service is offered the virtual client system, realize the virtual of homemade credible equipment.Especially, also be provided with the virtual credible device memory in the virtual credible equipment, for virtual client system visit Nonvolatile data provides approach.
Description of drawings
Fig. 1 is for a kind of based on Xen fail-safe computer credible equipment virtualization system block diagram among the present invention;
Fig. 2 is for a kind of based on Xen fail-safe computer credible equipment virtual method process flow diagram among the present invention;
Fig. 3 is the process flow diagram of the credible rear end management of the present invention resume module request of access.
Embodiment
Below in conjunction with drawings and Examples the present invention is described in detail.
As shown in Figure 1, first goal of the invention of the present invention provides a kind of based on Xen fail-safe computer credible equipment virtualization system, comprise the virtual credible equipment that is arranged in privileged domain operating system and the virtual client system, it is used for virtual client system access hardware credible equipment 5, and virtual credible equipment comprises credible equipment virtual rear end driving 2, the virtual front-end driven 3 of credible equipment and credible rear end administration module 4;
The virtual front-end driven 3 of credible equipment is arranged in the virtual client system, also be provided with application program 9 in the virtual client system, application program 9 is connected with the virtual front-end driven 3 of credible equipment, the virtual client system drives 2 by the virtual rear end of application program 9 and virtual front-end driven 3 of credible equipment and credible equipment and is connected, and realizes the visit to virtual credible equipment;
The virtual rear end of credible equipment drives 2 and is arranged on the privileged domain operating system, the virtual rear end of credible equipment drives 2 and is provided with Virtual PC I equipment, Virtual PC I equipment is realized Virtual PC I equipment interface 6 by I/0 port mapping or I/O memory-mapped, the virtual rear end of credible equipment drives on 2 and also is provided with read, the virtual front-end driven 3 of credible equipment is obtained the virtual rear end of credible equipment by read and is driven I/O port resource or I/O memory source on 2, to set up and being connected of credible equipment virtual rear end driving 2.
Credible rear end administration module 4 is arranged in the privileged domain operating system, credible rear end administration module 4 is provided with back end communications channel 7, credible rear end administration module 4 drives 2 by the virtual rear end of back end communications channel 7 and credible equipment and is connected, and credible rear end administration module 4 also is connected with hardware credible equipment 5.
As shown in Figure 3, virtual credible equipment also comprises virtual credible device memory 8, and virtual credible device memory 8 is a nonvolatile memory, and it is connected with credible rear end administration module 4.
Below in conjunction with second goal of the invention of the present invention, be described in further detail the course of work of the present invention.
Shown in Fig. 2 and 3, a kind of based on Xen fail-safe computer credible equipment virtual method, may further comprise the steps:
A. the application program 9 of virtual client system is initiated the request of virtual credible device access;
B. virtual credible equipment 1 calls the virtual front-end driven 3 of credible equipment, the virtual front-end driven of credible equipment (3) drives 2 with the virtual rear end of credible equipment and connects, and the request of access of virtual credible equipment 1 is transferred to the virtual rear end of credible equipment drive 2; Its concrete steps are:
B1. the virtual rear end of credible equipment drives 2 and creates Virtual PC I equipment, and Virtual PC I equipment is created Virtual PC I equipment interface 6 by I/O port or I/O memory-mapped;
B2. the virtual rear end of credible equipment drives 2 registration read, the virtual front-end driven 3 of credible equipment is obtained the virtual rear end of credible equipment by read and is driven I/O port resource or I/O memory source on 2, sets up and being connected of credible equipment virtual rear end driving 2;
B3. the virtual front-end driven 3 of credible equipment drives the one or more request of access of 2 transmissions by I/O port resource or the I/O memory source that obtains to the virtual rear end of credible equipment;
B4. I/O port or I/O internal memory return a character according to each request of access operation to the virtual front-end driven 3 of credible equipment.
C. the virtual rear end of credible equipment drives 2 the request of access that receives is handed to credible rear end administration module 4, be specially, credible rear end administration module 4 is registered back end communications channel 7 in the Xen trusted computer system, the virtual rear end of credible equipment drives 2 request of access with 9 pairs of virtual credible equipment of application program and is redirected in the back end communications channel 7, set up the virtual rear end of credible equipment drive 2 with being connected of credible rear end administration module 4, credible equipment virtual rear end driving 2 is handed to credible rear end administration module 4 with the request of access that receives by back end communications channel 7 then.
D. credible rear end administration module 4 is resolved the request of access that receives, and obtains the credible equipment order, judges whether access hardware credible equipment 5 or virtual credible device memory 8 then;
F. credible rear end administration module 4 drives 2 return datas to the virtual rear end of credible equipment: when credible rear end administration module 4 judge need access hardware credible equipment 5 or virtual credible device memory 8 after, corresponding credible equipment order is sent to hardware credible equipment 5 or virtual credible device memory 8, return feedback data after 8 pairs of credible equipment orders of hardware credible equipment 5 or virtual credible device memory are handled and give credible rear end administration module 4, credible rear end administration module 4 is with feedback data or self handle the feedback data that produces after the request of access and send to the virtual rear end of credible equipment and drive 2;
G. the virtual rear end of credible equipment drives 2 the feedback data that receives is returned to the virtual front-end driven 3 of credible equipment, and the virtual front-end driven 3 of credible equipment returns to feedback data application program 9 again.
In whole service process, the trusted status of virtual client system whole life is responsible for by virtual credible device memory 8, and administration module 4 pairs of virtual credible device memory 8 in credible rear end manage.
Claims (10)
1. one kind based on Xen fail-safe computer credible equipment virtualization system, comprise the virtual credible equipment that is arranged in privileged domain operating system and the virtual client system, it is used for virtual client system access hardware credible equipment (5), it is characterized in that described virtual credible equipment comprises that the virtual rear end of credible equipment drives (2), the virtual front-end driven of credible equipment (3) and credible rear end administration module (4);
The virtual front-end driven of described credible equipment (3) is arranged in the virtual client system, also be provided with application program (9) in the virtual client system, described application program (9) drives (2) by the virtual rear end of virtual front-end driven of credible equipment (3) and the credible equipment in being arranged on privileged domain operating system and is connected;
Described credible rear end administration module (4) is arranged in the privileged domain operating system, and credible rear end administration module (4) drives (2) with the virtual rear end of credible equipment and is connected with hardware credible equipment (5).
2. according to claim 1 based on Xen fail-safe computer credible equipment virtualization system, it is characterized in that, the virtual rear end of described credible equipment drives (2) and is provided with Virtual PC I equipment, Virtual PC I equipment is realized Virtual PC I equipment interface (6) by mapping mode, and the virtual front-end driven of credible equipment (3) drives (2) by the virtual rear end of Virtual PC I equipment interface and credible equipment and is connected.
3. according to claim 2ly it is characterized in that Virtual PC I equipment is realized Virtual PC I equipment interface (6) by I/0 port mapping or I/O memory-mapped based on Xen fail-safe computer credible equipment virtualization system.
4. according to claim 3 based on Xen fail-safe computer credible equipment virtualization system, it is characterized in that, the virtual rear end of described credible equipment drives in (2) and is provided with read, the virtual front-end driven of credible equipment (3) is obtained the virtual rear end of credible equipment by read and is driven I/O port resource or I/O memory source on (2), to set up and being connected of the virtual rear end driving of credible equipment (2).
5. according to claim 1 based on Xen fail-safe computer credible equipment virtualization system, it is characterized in that, described credible rear end administration module (4) is provided with back end communications channel (7), and credible rear end administration module (4) drives (2) by the virtual rear end of described back end communications channel (7) and credible equipment and is connected.
6. each is described based on Xen fail-safe computer credible equipment virtualization system according to claim 1 to 5, it is characterized in that, described virtual credible equipment also comprises virtual credible device memory (8), virtual credible device memory (8) is a nonvolatile memory, and it is connected with credible rear end administration module (4).
7. one kind based on Xen fail-safe computer credible equipment virtual method, it is characterized in that, may further comprise the steps:
A. the application program of virtual client system (9) is initiated the request of virtual credible device access;
B. the virtual front-end driven of virtual credible equipment calls credible equipment (3), the virtual front-end driven of credible equipment (3) drives (2) with the virtual rear end of credible equipment and connects, and the request of access of virtual credible equipment is transferred to the virtual rear end of credible equipment drive (2);
C. the virtual rear end of credible equipment drives (2) request of access that receives is handed to credible rear end administration module (4);
D. credible rear end administration module (4) is resolved the request of access that receives, and obtains the credible equipment order, judges whether access hardware credible equipment (5) or virtual credible device memory (8) then;
F. credible rear end administration module (4) drives (2) return data to the virtual rear end of credible equipment: after described credible rear end administration module (4) is carried out request of access, produce corresponding feedback data, credible rear end administration module (4) returns to the virtual rear end of credible equipment with feedback data and drives (2);
G. the virtual rear end of credible equipment drives (2) feedback data that receives is returned to the virtual front-end driven of credible equipment (3), and the virtual front-end driven of credible equipment (3) returns to feedback data application program (9) again.
8. according to claim 7 based on Xen fail-safe computer credible equipment virtual method, it is characterized in that the concrete steps of described step B are:
B1. the virtual rear end of credible equipment drives (2) and creates Virtual PC I equipment, and described Virtual PC I equipment is created Virtual PC I equipment interface (6) by I/O port or I/O memory-mapped;
B2. the virtual rear end of credible equipment drives (2) registration read, and the virtual front-end driven of credible equipment (3) is obtained I/O port resource or I/O memory source by read, sets up with the virtual rear end of credible equipment and drives being connected of (2);
B3. the virtual front-end driven of credible equipment (3) sends one or more request of access by I/O port resource or the I/O memory source that obtains to the virtual rear end driving of credible equipment (2);
B4. I/O port or I/O internal memory return a character according to each request of access operation to the virtual front-end driven of credible equipment (3).
9. according to claim 8 based on Xen fail-safe computer credible equipment virtual method, it is characterized in that, among the described step C, credible rear end administration module (4) is registered back end communications channel (7) in the Xen trusted computer system, the virtual rear end of credible equipment drives (2) request of access of application program (9) to virtual credible equipment (1) is redirected in the described back end communications channel (7), sets up the virtual rear end of credible equipment and drives being connected of (2) and credible rear end administration module (4).
10. each is described based on Xen fail-safe computer credible equipment virtual method according to claim 6 to 9, it is characterized in that, in whole service process, the trusted status of described virtual client system whole life is responsible for by virtual credible device memory (8), and credible rear end administration module (4) manages described virtual credible device memory (8).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110230453XA CN102289620A (en) | 2011-08-12 | 2011-08-12 | Credible equipment virtualization system and method based on Xen safety computer |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110230453XA CN102289620A (en) | 2011-08-12 | 2011-08-12 | Credible equipment virtualization system and method based on Xen safety computer |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102289620A true CN102289620A (en) | 2011-12-21 |
Family
ID=45336036
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110230453XA Pending CN102289620A (en) | 2011-08-12 | 2011-08-12 | Credible equipment virtualization system and method based on Xen safety computer |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102289620A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103207763A (en) * | 2013-04-26 | 2013-07-17 | 上海交通大学 | Front-end caching method based on xen virtual disk device |
| CN103902884A (en) * | 2012-12-28 | 2014-07-02 | 中国电信股份有限公司 | System and method for protecting data of virtual machine |
| CN103984536A (en) * | 2014-02-14 | 2014-08-13 | 中国科学院计算技术研究所 | I/O (input/output) request counting system and method for cloud computing platform |
| CN103996003A (en) * | 2014-05-20 | 2014-08-20 | 金航数码科技有限责任公司 | Data wiping system in virtualization environment and method thereof |
| CN104468712A (en) * | 2014-10-31 | 2015-03-25 | 中标软件有限公司 | Lightweight class trusted calculating platform, communication method of lightweight class trusted calculating platform and trust chain establishing method |
| CN105556473A (en) * | 2014-12-27 | 2016-05-04 | 华为技术有限公司 | I/O task processing method, device and system |
| CN107179936A (en) * | 2016-03-11 | 2017-09-19 | 中国电子科技集团公司电子科学研究院 | A kind of virtualization partition method based on privilege separation |
| CN107949834A (en) * | 2015-06-27 | 2018-04-20 | 迈克菲有限责任公司 | Virtualize trusted storage device |
| CN108170516A (en) * | 2018-01-03 | 2018-06-15 | 浪潮(北京)电子信息产业有限公司 | Create method, apparatus, equipment and the computer readable storage medium of vTPM |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1896903A (en) * | 2005-07-15 | 2007-01-17 | 联想(北京)有限公司 | Virtual-machine system for supporting trusted evaluation and method for realizing trusted evaluation |
| CN101488174A (en) * | 2009-01-15 | 2009-07-22 | 北京交通大学 | Implementing method for dynamically transparent virtual credible platform module |
| CN101599022A (en) * | 2009-07-07 | 2009-12-09 | 武汉大学 | The Trustworthy computing base cutting method that is used for dummy machine system |
| CN101706757A (en) * | 2009-09-21 | 2010-05-12 | 中国科学院计算技术研究所 | I/O system and working method facing multi-core platform and distributed virtualization environment |
| CN102129531A (en) * | 2011-03-22 | 2011-07-20 | 北京工业大学 | Xen-based active defense method |
-
2011
- 2011-08-12 CN CN201110230453XA patent/CN102289620A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1896903A (en) * | 2005-07-15 | 2007-01-17 | 联想(北京)有限公司 | Virtual-machine system for supporting trusted evaluation and method for realizing trusted evaluation |
| CN101488174A (en) * | 2009-01-15 | 2009-07-22 | 北京交通大学 | Implementing method for dynamically transparent virtual credible platform module |
| CN101599022A (en) * | 2009-07-07 | 2009-12-09 | 武汉大学 | The Trustworthy computing base cutting method that is used for dummy machine system |
| CN101706757A (en) * | 2009-09-21 | 2010-05-12 | 中国科学院计算技术研究所 | I/O system and working method facing multi-core platform and distributed virtualization environment |
| CN102129531A (en) * | 2011-03-22 | 2011-07-20 | 北京工业大学 | Xen-based active defense method |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103902884A (en) * | 2012-12-28 | 2014-07-02 | 中国电信股份有限公司 | System and method for protecting data of virtual machine |
| CN103902884B (en) * | 2012-12-28 | 2017-03-15 | 中国电信股份有限公司 | Virtual-machine data protection system and method |
| CN103207763B (en) * | 2013-04-26 | 2015-11-25 | 上海交通大学 | Based on the front end caching method of xen virtual disk device |
| CN103207763A (en) * | 2013-04-26 | 2013-07-17 | 上海交通大学 | Front-end caching method based on xen virtual disk device |
| CN103984536A (en) * | 2014-02-14 | 2014-08-13 | 中国科学院计算技术研究所 | I/O (input/output) request counting system and method for cloud computing platform |
| CN103996003A (en) * | 2014-05-20 | 2014-08-20 | 金航数码科技有限责任公司 | Data wiping system in virtualization environment and method thereof |
| CN103996003B (en) * | 2014-05-20 | 2016-08-24 | 金航数码科技有限责任公司 | Data erasing system in a kind of virtualized environment and method |
| CN104468712B (en) * | 2014-10-31 | 2018-05-29 | 中标软件有限公司 | Lightweight credible calculating platform and its communication means, trust chain method for building up |
| CN104468712A (en) * | 2014-10-31 | 2015-03-25 | 中标软件有限公司 | Lightweight class trusted calculating platform, communication method of lightweight class trusted calculating platform and trust chain establishing method |
| CN105556473A (en) * | 2014-12-27 | 2016-05-04 | 华为技术有限公司 | I/O task processing method, device and system |
| CN107949834A (en) * | 2015-06-27 | 2018-04-20 | 迈克菲有限责任公司 | Virtualize trusted storage device |
| CN107949834B (en) * | 2015-06-27 | 2021-08-24 | 迈克菲有限责任公司 | Virtualizing trusted storage |
| CN107179936A (en) * | 2016-03-11 | 2017-09-19 | 中国电子科技集团公司电子科学研究院 | A kind of virtualization partition method based on privilege separation |
| CN108170516A (en) * | 2018-01-03 | 2018-06-15 | 浪潮(北京)电子信息产业有限公司 | Create method, apparatus, equipment and the computer readable storage medium of vTPM |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102289620A (en) | Credible equipment virtualization system and method based on Xen safety computer | |
| CN102262557B (en) | Method for constructing virtual machine monitor by bus architecture and performance service framework | |
| US8782795B1 (en) | Secure tenant assessment of information technology infrastructure | |
| CN101488174B (en) | Implementing method for dynamically transparent virtual credible platform module | |
| CN109361517A (en) | A kind of virtualization cloud cipher machine system and its implementation based on cloud computing | |
| CN102707985A (en) | Access control method and system for virtual machine system | |
| CN102541558B (en) | Method for integrating Android application system in television system based on Android inner core | |
| CN102136043A (en) | Computer system and measuring method thereof | |
| CN104539672A (en) | Mobile application program message pushing agent system based on cloud computing | |
| CN104216741A (en) | Android plug-in implementation method and device based on APK (Android Package) dynamic loading and interaction method | |
| CN106127059B (en) | The realization of credible password module and method of servicing on a kind of ARM platform | |
| CN109002344A (en) | A kind of method of cloud management platform resetting KVM virtual machine password | |
| Achemlal et al. | Trusted platform module as an enabler for security in cloud computing | |
| CN102811239A (en) | Virtual machine system and safety control method thereof | |
| WO2016101587A1 (en) | Link aggregation method and system for virtualization server, and intelligent network adapter thereof | |
| US10411957B2 (en) | Method and device for integrating multiple virtual desktop architectures | |
| CN103996003B (en) | Data erasing system in a kind of virtualized environment and method | |
| CN104756132A (en) | Virtualizing a hardware monotonic counter | |
| CN110175457A (en) | A kind of dual Architecture trusted operating system and method | |
| CN105046138A (en) | FT-processor based trust management system and method | |
| CN105893055A (en) | Method for triggering process engine platformization | |
| Murugesan et al. | Cloud based mobile application testing | |
| CN103685564A (en) | Plug-in application ability layer introduced industry application online operation cloud platform architecture | |
| CN105721613A (en) | Method and system for virtual desktop to close cloud terminal through one touch | |
| CN202003361U (en) | Credible computer system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20111221 |