CN103580885B - The monitoring method and physical node of cloud environment - Google Patents
The monitoring method and physical node of cloud environment Download PDFInfo
- Publication number
- CN103580885B CN103580885B CN201210252209.8A CN201210252209A CN103580885B CN 103580885 B CN103580885 B CN 103580885B CN 201210252209 A CN201210252209 A CN 201210252209A CN 103580885 B CN103580885 B CN 103580885B
- Authority
- CN
- China
- Prior art keywords
- monitoring
- domain
- called
- vmm
- credible
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention is applied to the communications field, there is provided the monitoring method and physical node of a kind of cloud environment, the method include:When the chain-of-trust of cloud environment is expanded to expands to management domain, when monitoring domain is opened, virtual manager VMM drives the memory mapping in the measurement monitoring domain by mini credible platform module mini TPM to management domain;The mini TPM drive and specifically include:Trusted-extension and measurement subfunction in TPM drivings;Whether VMM simultaneously meets the requirements according to the memory mapping in the monitoring domain and judges whether the monitoring domain is credible.The technical scheme that the present invention is provided has the advantages that to be monitored the confidence level for monitoring domain.
Description
Technical field
The invention belongs to the communications field, more particularly to a kind of cloud environment monitoring method and physical node.
Background technology
Intel Virtualization Technology is a kind of new computation schema, and it supports to run multiple isolation simultaneously on single hardware platform
Virtual environment, in these virtual environments, realize multiple service aggregatings in single one physical knot by by different service arrangements
Point, in the Gartner technology trends report that 2008 and 2009 are announced for continuous 2 years, Intel Virtualization Technology all turns into ten big IT
One of key technology, used as the development trend and the focus of Recent study of Computer Architecture, Intel Virtualization Technology is obtained
Significant progress, has driven the general of cloud computing and development therewith, and the cloud platform based on virtual planning technique has powerful money
Source be polymerized and service transfer ability, it can on demand using with dynamic retractility, significantly improve resource utilization, simplify service department
Administration, these advantages have attracted increasing manufacturer deployment services, offer service in cloud environment, however, due to cloud platform clothes
Business provider and the trust problem of cloud user, hinder the development of cloud computing significantly.
In order to solve the trust problem in cloud environment, prior art provides a kind of technical scheme of Ether, and Ether is
A kind of transparent, outside virtual machine malicious code analysis method, Intel Virtualization Technology is aided in by hardware, and it realizes instruction
Perform monitoring, internal memory write, System call interception and limitation specific process internal storage access.Ether system architectures as shown in figure 1,
As shown in figure 1, wherein, Ether system architectures include:Management domain(Dom0)And user domain(DomU), existing cloud environment can
Reliability monitoring is by credible platform module(Trusted Platform Module, TPM)Come what is realized, it has for credible startup
The step of body, includes:Trusted root → basic input output system(Basic Input Output System, BIOS)→ unification is drawn
Helical pitch sequence(GRand Unified Bootloader, GRUB)→ virtual machine manager(Virtual Machine
Management, VMM)→ management domain → monitoring domain, Ether is by Hyperaccess(Hypervisor)Part of module and User Part
Module is constituted, and Hypervisor is responsible for part intercepting and capturing the event occurred in target virtual machine, and these events are called including system, referred to
Order is performed, internal memory is write, context switches.Which information needs to be supervised during User Part module is responsible for control targe virtual machine
Control, while also being responsible for the semantic recovery of monitoring information, is such as converted into system call number system and calls name, is called according to system
Parameter type recovers specific parameter.
The management domain of the technical scheme of prior art is monitored with user by monitoring domain, but monitoring domain confidence level in itself without
Method is monitored.
The content of the invention
The purpose of the embodiment of the present invention is to provide a kind of monitoring method of cloud environment, it is intended to solve prior art monitoring domain
The problem that the confidence level of itself cannot be monitored.
On the one hand, the present invention provides a kind of monitoring method of cloud environment, and methods described includes:
When the chain-of-trust of cloud environment is expanded to expands to management domain, management domain open monitoring domain when, virtual manager
VMM drives the memory mapping in the measurement monitoring domain by mini credible platform module mini TPM;The mini TPM drive
Specifically include:Trusted-extension and measurement subfunction in TPM drivings;
Whether VMM simultaneously meets the requirements according to the memory mapping in the monitoring domain and judges whether the monitoring domain is credible.
Further, embodiments of the invention also provide a kind of physical node of cloud environment, including:Management domain, monitoring domain and
Virtual manager VMM;Wherein
The management domain, for when the chain-of-trust of cloud environment is expanded to and expands to management domain, opening monitoring domain, and notifies
The VMM;
The VMM, the memory mapping for driving the measurement monitoring domain by mini TPM, and according to the monitoring domain
Memory mapping whether meet the requirements and judge whether the monitoring domain credible;
The mini TPM drive and specifically include:Trusted-extension and measurement subfunction in TPM drivings.
Method provided in an embodiment of the present invention drives to monitor the monitoring domain when domain startup is monitored, just by mini TPM
Whether it is credible with realize monitoring domain monitoring, so method provided in an embodiment of the present invention have to monitoring domain carry out credible monitoring
Advantage.
Brief description of the drawings
Fig. 1 is the Ether system architecture diagrams that prior art is provided;
Fig. 2 is the flow chart of the monitoring method of cloud environment provided in an embodiment of the present invention;
Fig. 3 is the operational flowchart in monitoring domain monitoring management domain provided in an embodiment of the present invention;
Specific embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, it is right below in conjunction with drawings and Examples
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
The embodiment of the present invention provides a kind of monitoring method of cloud environment, and the method is held by the guest virtual machine in cloud platform
OK, the method as shown in Fig. 2 including:
S21, when the chain-of-trust of cloud environment is expanded to and expands to management domain, management domain open monitoring domain when, virtual tube
Reason device VMM drives the memory mapping in the measurement monitoring domain by mini TPM;
The mini TPM drive and specifically include:Trusted-extension and measurement subfunction in TPM drivings;
Whether S22, VMM simultaneously meet the requirements according to the memory mapping in the monitoring domain and judge whether the monitoring domain is credible.
It should be noted that above-mentioned, whether satisfactory specific standards can verify it by the credible measurement of TPM
Whether integrality, meet the requirements according to its integrality.
The method that the specific embodiment of the invention is provided drives to monitor the prison when domain startup is monitored, just by mini TPM
Whether control domain is credible to realize the monitoring in monitoring domain, so method provided in an embodiment of the present invention is credible with being carried out to monitoring domain
The advantage of monitoring.
Optionally, when S22 judges that monitoring domain is credible, the above method can also include:
VMM will monitor the memory pages locking in domain.Its mode realized is specifically as follows;Shield other of virtual client
Mapping of the domain to monitoring domain memory pages, is operationally changed this makes it possible to the memory pages for preventing from monitoring domain by other domains,
So as to ensure that integrality operationally to the monitoring of monitoring domain.
Optionally, when judging that monitoring domain is credible, the monitoring domain includes:The semantic solution of different types of operating system
Analysis module, the semantic meaning analysis module includes:It is packaged with the corresponding device drives of different type operating system;The above method may be used also
To include:
When semantic parsing is carried out, the monitoring domain is called and the behaviour according to the type of the semantic corresponding operating system
Make the corresponding semantic meaning analysis module of system to parse the semanteme.It should be noted that above-mentioned different types of operating system
It is specifically as follows, the windows operating systems of such as Microsoft, ios operating systems of Apple Inc. etc..By different operating system
The semantic meaning analysis module of type can shield the difference of multiple operating system, be not in the semantic problem that cannot be parsed.
Optionally, it is above-mentioned also to include when judging that monitoring domain is credible:
When the system of carrying out is called, determine that the system is called as legacy system is called or rapid system is called;
When it is determined that being that legacy system is called, customized function entrance is write the interrupt-descriptor table in the monitoring domain
Called with intercepting the legacy system, after intercepting successfully, into semantic process of analysis;
When it is determined that being that rapid system is called, the system call entry function address register of user domain is set to not deposit
Value, the rapid system is called and is converted into page fault, and the address that will skip leaf is sent to VMM, VMM is by address of skipping leaf
Determine whether normal page fault, it is such as no, intercept the rapid system and call, and enter monitoring flow;
Monitoring flow includes:Rudimentary semanteme of the guest virtual machine when system is called is obtained, according to the rudimentary semantic parsing
Go out high-level semantics to realize the monitoring of the guest virtual machine when system is called.
Interception that system calls and monitoring are carried out when being called by said system can reach the effect of transparent monitoring, i.e., whole
The monitoring guest virtual machine that individual system is called can not be known, so it has the advantages that transparent monitoring.
The specific embodiment of the invention also provides a kind of physical node of cloud environment, and above-mentioned physical node is specifically as follows:
The physical unit 30 of cloud environment, such as server, computer etc., the node as shown in figure 3, including:Management domain 31, monitoring domain 32
With virtual manager VMM33;Wherein
Management domain 31, for when the chain-of-trust of cloud environment is expanded to and expands to management domain, opening monitoring domain 32, and notifies
VMM33;
VMM33, the memory mapping for driving measurement monitoring domain 32 by mini TPM, and according to the internal memory in monitoring domain 33
Whether layout meets the requirements judges whether monitoring domain 33 is credible;
Above-mentioned mini TPM drive and specifically include:Trusted-extension and measurement subfunction in TPM drivings.
The physical node that the specific embodiment of the invention is provided drives to monitor when domain startup is monitored, just by mini TPM
Whether the monitoring domain is credible to realize the monitoring in monitoring domain, so physical node provided in an embodiment of the present invention has to monitoring domain
Carry out the advantage of credible monitoring.
Optionally, in VMM 33 when judging that monitoring domain is credible, VMM33 is further used for the page by domain 32 is monitored
Face locks.
Optionally, monitoring domain 32 includes:The semantic meaning analysis module 321 of different types of operating system, semantic meaning analysis module
321 include:It is packaged with the corresponding device drives of different type operating system;
Monitoring domain 32, it is right according to the semanteme for judging that monitoring domain is credible and when semantic parsing is carried out in VMM33
The type of the operating system answered calls 321 pairs of semantemes of semantic meaning analysis module corresponding with the operating system to parse.
Optionally, in VMM when judging that monitoring domain is credible, above-mentioned physical node also includes:User domain 34;
User domain 34, calls for execution system, and when the system of carrying out is called, triggers judge module 351;
Judge module 351, for judging that the system is called as legacy system is called or rapid system is called, and will determine that
Result is sent to the first blocking module 352 and the second blocking module 353;
First blocking module 352, for when judged result is called for legacy system, by the write-in of customized function entrance
The interrupt-descriptor table for monitoring domain 32 is called with intercepting the legacy system, and after intercepting successfully, triggering monitoring module 354 enters
Monitoring flow;
Second blocking module 353, for when judged result is called for rapid system, by the system of user domain 34 call into
Mouth function address register is set to non-existent value, the rapid system is called and is converted into page fault, and will skip leaf ground
Location is sent to VMM33 so that the VMM33 determines whether normal page fault by address of skipping leaf, such as no, intercepts described
Rapid system is called, and triggers monitoring module 354 into monitoring flow;
Monitoring module 354, for performing monitoring flow, the monitoring flow includes:The client for obtaining the physical node is empty
Rudimentary semanteme of the plan machine when system is called, parses high-level semantics to realize the visitor when system is called according to the rudimentary semanteme
The monitoring of family virtual machine;The system call including:Legacy system is called or rapid system is called.
The specific embodiment of the invention also provides a kind of physical node, and the physical node includes:Processor;
The processor, for when the chain-of-trust of cloud environment is expanded to and expands to management domain, management domain to open monitoring domain
When, control virtual manager VMM drives the memory mapping in the measurement monitoring domain by mini TPM;The mini TPM drive
Specifically include:Trusted-extension and measurement subfunction in TPM drivings;Control VMM and be according to the memory mapping in the monitoring domain
No meeting the requirements judges whether the monitoring domain is credible.
Optionally, the processor is further used for, and control VMM will monitor the memory pages locking in domain.
Optionally, above-mentioned physical node also includes:Memory, the memory is used to store different types of operating system
Semantic meaning analysis module, the semantic meaning analysis module includes:It is packaged with the corresponding device drives of different type operating system;Above-mentioned place
Reason device is used for when semantic parsing is carried out, and control monitoring domain is called and the behaviour according to the type of the semantic corresponding operating system
Make the corresponding semantic meaning analysis module of system to parse the semanteme.
Optionally, above-mentioned processor is further used for, and when the system of carrying out is called, determines that the system is called as tradition is
System is called or rapid system is called;When it is determined that being that legacy system is called, customized function entrance is write into the monitoring domain
Interrupt-descriptor table called with intercepting the legacy system, after intercepting successfully, into semantic process of analysis;When it is determined that being fast
When speed system is called, the system call entry function address register of user domain is set to non-existent value, will be described quick
System is called and is converted into page fault, and the address that will skip leaf is sent to VMM, and VMM is determined whether normally by address of skipping leaf
Page fault, it is such as no, intercept the rapid system and call, and enter monitoring flow;The monitoring flow includes:Obtain client empty
Rudimentary semanteme of the plan machine when system is called, parses high-level semantics to realize the visitor when system is called according to the rudimentary semanteme
The monitoring of family virtual machine.
In said units and system embodiment, included modules or unit are to be divided according to function logic
, but above-mentioned division is not limited to, as long as corresponding function can be realized;In addition, the specific name of each functional module
Claim also only to facilitate mutually distinguishing, the protection domain being not intended to limit the invention.
It will be understood by those skilled in the art that technical scheme all or part of step provided in an embodiment of the present invention can be
Completed by the related hardware of programmed instruction.Such as can run journey by computer to complete.The program can be stored
Read/write memory medium, for example, random access memory, disk, CD etc..
Presently preferred embodiments of the present invention is the foregoing is only, is not intended to limit the invention, it is all in essence of the invention
Any modification, equivalent and improvement made within god and principle etc., should be included within the scope of the present invention.
Claims (6)
1. a kind of monitoring method of cloud environment, it is characterised in that methods described includes:
When the chain-of-trust of cloud environment is expanded to expands to management domain, when monitoring domain is opened, virtual manager VMM leads to management domain
Cross the memory mapping that mini credible platform module mini TPM drive the measurement monitoring domain;The mini TPM drive specific bag
Include:Trusted-extension and measurement subfunction in TPM drivings;
Whether VMM simultaneously meets the requirements according to the memory mapping in the monitoring domain and judges whether the monitoring domain is credible;
Also include when judging that the monitoring domain is credible:
When the system of carrying out is called, determine that the system is called as legacy system is called or rapid system is called;
When it is determined that being that legacy system is called, customized function entrance is write into the interrupt-descriptor table in the monitoring domain to block
Cut the legacy system to call, after intercepting successfully, into semantic process of analysis;
When it is determined that being that rapid system is called, the system call entry function address register of user domain is set to non-existent
Value, the rapid system is called and is converted into page fault, and the address that will skip leaf is sent to VMM, and VMM is judged by address of skipping leaf
Whether it is normal page fault, it is such as no, intercept the rapid system and call, and enter monitoring flow;
The monitoring flow includes:Rudimentary semanteme of the guest virtual machine when system is called is obtained, according to the rudimentary semantic parsing
Go out high-level semantics to realize the monitoring of the guest virtual machine when system is called.
2. method according to claim 1, it is characterised in that methods described also includes when judging that monitoring domain is credible:
VMM will monitor the memory pages locking in domain.
3. method according to claim 1, it is characterised in that the monitoring domain includes:Different types of operating system
Semantic meaning analysis module, the semantic meaning analysis module includes:It is packaged with the corresponding device drives of different type operating system;It is described
Also include when judging that monitoring domain is credible:
When semantic parsing is carried out, the monitoring domain is called and the operation system according to the type of the semantic corresponding operating system
Corresponding semantic meaning analysis module of uniting is parsed to the semanteme.
4. a kind of physical node of cloud environment, it is characterised in that the node includes:Management domain, monitoring domain and virtual manager
VMM;Wherein
The management domain, for when the chain-of-trust of cloud environment is expanded to and expands to management domain, opening monitoring domain, and notifies described
VMM;
The VMM, the memory mapping for driving the measurement monitoring domain by mini TPM, and according in the monitoring domain
Deposit layout and whether meet the requirements and judge whether the monitoring domain is credible;
The mini TPM drive and specifically include:Trusted-extension and measurement subfunction in TPM drivings;
When judging that monitoring domain is credible, the physical node also includes the VMM:User domain;
The user domain, calls for execution system, and when the system of carrying out is called, triggers judge module;
The judge module, for judging that the system is called as legacy system is called or rapid system is called, and will determine that knot
Fruit is sent to the first blocking module and the second blocking module;
First blocking module, for when the judged result is called for legacy system, customized function entrance being write into institute
The interrupt-descriptor table for stating monitoring domain is called with intercepting the legacy system, and after intercepting successfully, triggering monitoring module enters prison
Flow control journey;
Second blocking module, for when the judged result is called for rapid system, by the system call entry letter of user domain
Number address register is set to non-existent value, the rapid system is called and is converted into page fault, and the address hair that will skip leaf
VMM is given so that the VMM determines whether normal page fault by address of skipping leaf, it is such as no, intercept the rapid system
Call, and trigger monitoring module and enter monitoring flow;
The monitoring module, for performing monitoring flow, the monitoring flow includes:Acquisition guest virtual machine is when system is called
Rudimentary semanteme, parse high-level semantics to realize the monitoring of the guest virtual machine when system is called according to the rudimentary semanteme;
The system call including:Legacy system is called or rapid system is called.
5. physical node according to claim 4, it is characterised in that the VMM is described when judging that monitoring domain is credible
VMM is further used for monitoring the memory pages locking in domain.
6. physical node according to claim 4, it is characterised in that the monitoring domain includes:Different types of operation system
The semantic meaning analysis module of system, the semantic meaning analysis module includes:It is packaged with the corresponding device drives of different type operating system;
The monitoring domain, for judging that monitoring domain is credible and when semantic parsing is carried out in the VMM, according to the semanteme
The type of corresponding operating system calls semantic meaning analysis module corresponding with the operating system to parse the semanteme.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210252209.8A CN103580885B (en) | 2012-07-20 | 2012-07-20 | The monitoring method and physical node of cloud environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210252209.8A CN103580885B (en) | 2012-07-20 | 2012-07-20 | The monitoring method and physical node of cloud environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103580885A CN103580885A (en) | 2014-02-12 |
| CN103580885B true CN103580885B (en) | 2017-05-31 |
Family
ID=50051875
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210252209.8A Active CN103580885B (en) | 2012-07-20 | 2012-07-20 | The monitoring method and physical node of cloud environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103580885B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9967319B2 (en) * | 2014-10-07 | 2018-05-08 | Microsoft Technology Licensing, Llc | Security context management in multi-tenant environments |
| CN108491306A (en) * | 2018-03-19 | 2018-09-04 | 广东电网有限责任公司珠海供电局 | One kind being based on enterprise's private clound credibility monitoring method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101834860A (en) * | 2010-04-22 | 2010-09-15 | 北京交通大学 | Method for remote dynamic verification on integrality of client software |
| CN101866408A (en) * | 2010-06-30 | 2010-10-20 | 华中科技大学 | Transparent trust chain constructing system based on virtual machine architecture |
| CN102136043A (en) * | 2010-01-22 | 2011-07-27 | 中国长城计算机深圳股份有限公司 | Computer system and measuring method thereof |
| CN102214277A (en) * | 2010-04-01 | 2011-10-12 | 中国科学院计算技术研究所 | Method and device for establishing trusted environments for virtual machine system of multicore processor |
-
2012
- 2012-07-20 CN CN201210252209.8A patent/CN103580885B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102136043A (en) * | 2010-01-22 | 2011-07-27 | 中国长城计算机深圳股份有限公司 | Computer system and measuring method thereof |
| CN102214277A (en) * | 2010-04-01 | 2011-10-12 | 中国科学院计算技术研究所 | Method and device for establishing trusted environments for virtual machine system of multicore processor |
| CN101834860A (en) * | 2010-04-22 | 2010-09-15 | 北京交通大学 | Method for remote dynamic verification on integrality of client software |
| CN101866408A (en) * | 2010-06-30 | 2010-10-20 | 华中科技大学 | Transparent trust chain constructing system based on virtual machine architecture |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103580885A (en) | 2014-02-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11652852B2 (en) | Intrusion detection and mitigation in data processing | |
| US10902121B2 (en) | Policy-based detection of anomalous control and data flow paths in an application program | |
| CN104715201B (en) | A kind of virtual machine malicious act detection method and system | |
| US10540191B2 (en) | Systems and methods for using dynamic templates to create application containers | |
| US8356285B2 (en) | Facilitated introspection of virtualized environments | |
| CN101866408B (en) | Transparent trust chain constructing system based on virtual machine architecture | |
| US8566823B2 (en) | Systems and methods for triggering scripts based upon an alert within a virtual infrastructure | |
| US20160019393A1 (en) | Trusted Boot of a Virtual Machine | |
| CN102214277B (en) | Method and device for establishing trusted environments for virtual machine system of multicore processor | |
| CN101853346A (en) | Virtual machine snapshot and damage suppress | |
| CN106201566A (en) | The rich big special hot upgrade method of software of profit and equipment | |
| TWI737172B (en) | Computer system, computer program product and computer implement method for incremental decryption and integrity verification of a secure operating system image | |
| Patrascu et al. | Logging system for cloud computing forensic environments | |
| CN103580885B (en) | The monitoring method and physical node of cloud environment | |
| Sanán et al. | Separation kernel verification: The xtratum case study | |
| US10120777B1 (en) | Remediating serialization incompatibilities | |
| Mofrad et al. | SecDATAVIEW: a secure big data workflow management system for heterogeneous computing environments | |
| US11886326B2 (en) | Configuring test operations on a per-module basis | |
| EP3506136A9 (en) | Detecting stack cookie utilization in a binary software component using binary static analysis | |
| Kankhare et al. | A cloud based system to sense security vulnerabilities of web application in open-source private cloud IAAS | |
| US20240135261A1 (en) | Methods and systems for constructing an ontology of log messages with navigation and knowledge transfer | |
| CN107577953A (en) | A kind of system and method based on CUSE simulation credible password modules | |
| Zirari et al. | Cross Virtual Machine Security: A Survey | |
| Chen et al. | A Detection Approach for Buffer Overflow Vulnerability Based on Data Control Flow Graph | |
| Wu et al. | C 2 hunter: Detection and mitigation of covert channels in data centers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171208 Address after: 510640 Guangdong City, Tianhe District Province, No. five, road, public education building, unit 371-1, unit 2401 Patentee after: Guangdong Gaohang Intellectual Property Operation Co., Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: Huawei Technologies Co., Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171229 Address after: 510000 Room 601, room six, No. 1421, No. 1421, Guangzhou Avenue, Baiyun District, Baiyun District, Guangdong Patentee after: Guangdong David project management Limited by Share Ltd Address before: 510640 Guangdong City, Tianhe District Province, No. five, road, public education building, unit 371-1, unit 2401 Patentee before: Guangdong Gaohang Intellectual Property Operation Co., Ltd. |
|
| TR01 | Transfer of patent right | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 510000 601 building, six / F, 1421 St. Plaza, North Guangzhou Avenue, Baiyun District, Guangzhou, Guangdong, China Patentee after: Limited by Share Ltd in central Daan Address before: 510000 601 building, six / F, 1421 St. Plaza, North Guangzhou Avenue, Baiyun District, Guangzhou, Guangdong, China Patentee before: Guangdong David project management Limited by Share Ltd |
|
| CP01 | Change in the name or title of a patent holder |