CN104811941A - Offline virtual machine safety management method and device - Google Patents
Offline virtual machine safety management method and device Download PDFInfo
- Publication number
- CN104811941A CN104811941A CN201510217434.1A CN201510217434A CN104811941A CN 104811941 A CN104811941 A CN 104811941A CN 201510217434 A CN201510217434 A CN 201510217434A CN 104811941 A CN104811941 A CN 104811941A
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- host
- user
- ukey
- public key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention provides an offline virtual machine safety management method and device. The method includes: a host operating system and a VM (virtual machine) basic mirror image are pre-installed in a hose machine; CA roof certificates are pre-planted into the hose operating system; the public key certificate contents in a user UKEY are read during starting of the hose machine, the validity of the public certificates in the user UKEY is verified according the preset CA root certificates, wherein the public key certificates in the user UKEY are acquired when a user applies to the CA roof certificates for the public key certificates and private keys, and the public key certificates and the private keys are pre-written into the user UKEY. By the arrangement, the method has the advantages that user identity can be authenticated under an offline state, and the problem that user safety management cannot be performed under the offline state especially in a mobile scene is solved.
Description
Technical field
The present invention relates to communication technical field, particularly relate to a kind of off-line secure virtual machine management method and device.
Background technology
A kind of like this scene of reality is had in prior art field, due to carrying out of field conduct business, Field Force needs to use mobile device (as notebook, panel computer PAD etc.) to carry out related work to scene, instead of carry out in office, according to incompletely statistics, the time of Field Force nearly 80% on business tripsly carries out work on the spot.This just determines field personnel can not as traditional department personnel, in office, use every day permanent plant to process work transaction, time more, field personnel needs to finish the work outside office, so a lot of unit develops mobile office support system.
But current mobile device has following problem:
1. people more than uses a mobile device in turn, and the confusion of data and then initiation may be caused to divulge a secret;
2. mobile device is once lose, and appropriator can obtain sensitive information by the mode that disk is plug-in;
3. system is once be in off-line state, and the operation of employee just cannot be supervised and manage;
In order to realize the information security of mobile office, a lot of unit wishes to customize safe and reliable mobile office equipment.
Virtual desktop architecture (VDI, Virtual Desktop Infrastructure) is the new mode that many mechanisms are assessing at present.VDI is intended to for intelligent distributed calculating brings outstanding responding ability and the Consumer's Experience of customization, and by providing management and security advantages based on the pattern of server.It can be videoed for whole desktop and provide the management of centralization.All clients calculates, figure and memory source must be placed in data center, and storage system must meet the operating system of every user, application and data demand.For the user of mobile office, notebook can be used by desktop host-host protocol to be obtained the virtual machine desktop operated in the middle of data center server.Because desktop host-host protocol is handed down to the figure display of the just virtual machine desktop of client, so have the benefit that data do not land, the problem that loss of data and the leaking data caused is lost, usurped to notebook effectively can be solved.
But, because VDI needs lasting network to connect, be therefore unsuitable for requiring the ambulant occasion of off-line.
Summary of the invention
The invention provides a kind of off-line secure virtual machine management method and device, in order to solve under off-line state the problem cannot carrying out safety management in particularly mobile context to user.
The invention provides a kind of off-line secure virtual machine management method, described method comprises:
Host prepackage host operating system;
Pre-implantation CA root certificate in host operating system;
Public key certificate content in user UKEY is read during host start, and the legitimacy of public key certificate in authentication of users UKEY is carried out by preset described CA root certificate, in described user UKEY, public key certificate is that user obtains when CA applies for public key certificate and private key, and public key certificate and private key write in user UKEY in advance.
The present invention also provides a kind of off-line secure virtual machine management devices, and described device comprises:
Initialization module, for pre-installing host operating system in host;
Certificate arranges module, implants CA root certificate for pre-in host operating system;
Inspection module, for reading public key certificate content in user UKEY when host is started shooting, and the legitimacy of public key certificate in UKEY is verified by preset described CA root certificate, in described user UKEY, public key certificate is that user obtains when CA applies for public key certificate and private key, and public key certificate and private key write in user UKEY in advance.
Off-line secure virtual machine management method of the present invention and device, by adopting technique scheme, pre-implantation CA root certificate in host operating system, and use CA root certificate to carry out legitimate verification to the public key certificate in user UKEY, under off-line state, certification can be carried out to user identity, solve under off-line state the problem cannot carrying out safety management in particularly mobile context to user.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
The off-line secure virtual machine management method flow chart that Fig. 1 provides for the embodiment of the present invention one;
The off-line secure virtual machine management method flow chart that Fig. 2 provides for the embodiment of the present invention two;
The off-line secure virtual machine management method flow chart that Fig. 3 provides for the embodiment of the present invention three;
The off-line secure virtual machine management method flow chart that Fig. 4 provides for the embodiment of the present invention four;
The off-line secure virtual machine management devices structural representation that Fig. 5 provides for the embodiment of the present invention five.
Embodiment
For making the object of the embodiment of the present invention, technical scheme and advantage clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
In order to meet the safety requirements of field conduct and mobile office, solve because mobile device loses the managerial confusion that data safety management under the leaking data and off-line state caused and many people cause in turn, the present invention proposes a kind of scheme realizing safety management under off-line state.
The off-line secure virtual machine management method flow chart that Fig. 1 provides for the embodiment of the present invention one, specifically comprises the following steps:
101, host prepackage host operating system.
Host can be mobile device, such as notebook, a PAD etc., also can be a PC.
201, pre-implantation CA root certificate in host operating system.
301, public key certificate content in user UKEY is read during host start, and the legitimacy of public key certificate in authentication of users UKEY is carried out by preset described CA root certificate, in described user UKEY, public key certificate is that user obtains when CA applies for public key certificate and private key, and public key certificate and private key write in user UKEY in advance.
Here public key certificate (usually also referred to as digital certificate) is exactly a series of data indicating communication parties identity information in internet communication, provide a kind of mode at the upper identity verification of Internet (internet), it acts on the identity card in the driving license or daily life being similar to driver.It is by authoritative institution's-----CA mechanism, be also called certificate granting (Certificate Authority) center distribution, people can in the online identity identifying the other side with it.Digital certificate is a file comprising public-key cryptography owner information and public-key cryptography through certificate authority digital signature.
Digital certificate addition of the signature of user profile and CA after client public key.PKI is a part for double secret key, and another part is private key.PKI is made public, and who can use.Private key only has oneself to be known.Can only be deciphered by the private key corresponded by the information of public key encryption.For guaranteeing the mail that only has someone could read oneself, sender is with the public key encryption mail of addressee; Addressee just can decipher mail with the private key of oneself.Equally, for confirming the identity of sender, sender signs to mail with the private key of oneself; Addressee can use the PKI of sender to verify signature, to confirm the identity of sender.
In the present embodiment, CA root certificate is the certificate of mark CA identity, a CA only has a CA root certificate, and the public key certificate that user applies for CA is different for each user, belong to the public key certificate that this user is special, each user is a corresponding UKEY also, the legitimacy of the public key certificate that each user applies at CA can be verified by CA root certificate, namely verify the legitimacy of public key certificate in each user UKEY, such as: owing to addition of CA signature after public key certificate in UKEY, this signature is that CA uses the private key of oneself to be encrypted the information in the public key certificate of each user to obtain, and in CA root certificate, comprise CA PKI, the CA public key decryptions CA in CA root certificate is used to sign, namely can the legitimacy of public key certificate in authentication of users UKEY.
UKEY is the carrier of a storage key and user profile, its concrete form can be a USB flash disk, can be connected on host before host start, also can be point out user to be connected on host when host is started shooting, it should be noted that, here the example that UKEY understands just is facilitated, do not limit the concrete form of UKEY, connected mode and connect hours etc., such as also can be connected on host by other interface of host, accordingly, the concrete carrier of UKEY is also different along with the difference of concrete connected mode.
After the legitimacy using public key certificate in CA root certification authentication user UKEY, host can operate accordingly according to result, such as, if certificate is legal, then allow start, if certificate is illegal, then stop start process, we do not do any restriction to the operation after checking legitimacy, and those skilled in the art can use different modes of operation according to different situations.
In addition, when the public key certificate that user is applied for and private key write user UKEY, user can be pointed out to input PIN code (be similar to and user cipher is set), accordingly, host start is in reading user UKEY before public key certificate content, user can be pointed out to input PIN code (be similar to input user cipher verify), the fail safe of UKEY can be ensured so further, but whether PIN code be arranged to UKEY and do not limit the solution of the present invention.
The present embodiment implants CA root certificate by pre-in host operating system, and use CA root certificate to carry out legitimate verification to the public key certificate in user UKEY, under off-line state, certification can be carried out to user identity, solve under off-line state the problem cannot carrying out safety management in particularly mobile context to user.
The off-line secure virtual machine management method flow chart that Fig. 2 provides for the embodiment of the present invention two, the present embodiment is compared embodiment one and is added the method that host monitors user right, specific as follows:
Also comprise in step 101: host prepackage VM (Virtual Machine) virtual machine foundation image.
Wherein VM is the English abbreviation of virtual machine, VM virtual machine foundation image is an initial virtual machine mirror image being arranged on host, for the different user using same host, its VM virtual machine foundation image is identical, is wherein provided with all related softwares needed for work.
The rules of competence that keeper authorizes user operation VM can also be comprised in public key certificate, VM monitoring agent program in VM virtual machine foundation image, can also be comprised;
Step 201 ~ 301 are identical with embodiment one, repeat no more, and can also comprise the following steps after step 301:
401, in user UKEY public key certificate checking legal after, user opens virtual machine, and the running status in virtual machine is passed to host by described monitoring agent program, and host is according to described rules of competence supervision virtual machine.
Running status in virtual machine can comprise: virtual hardware utilization rate, process status etc.
Running status in virtual machine can be passed to host by virtual serial port passage or network (such as Ethernet) by monitoring agent program; the present invention does not limit concrete transmission means; as long as the running status in virtual machine can be passed to the transmission means of host, all within protection scope of the present invention.
Concrete, in the present embodiment, the rules of competence can have a variety of, and host can be monitored virtual machine according to the different rules of competence.
The rules of competence can comprise VM process white list or VM process blacklist, if what the rules of competence were arranged is VM process white list, any process list so except VM process white list is all included in VM process blacklist, namely VM process white list is the list outside the set of VM process blacklist, now, when host monitors virtual machine unlatching blacklist, management and control operation is carried out to virtual machine, such as can positive closing virtual machine, also can by the operation note of user in host, or can both positive closing virtual machines, simultaneously also by the operation note of user in host, the present invention does not limit concrete management and control operation,
The rules of competence can comprise VM and allow the program of installation or VM to forbid the program of installing, if what the rules of competence were arranged is the program that VM allows to install, any program so except the program that VM allows installation is all included in VM and forbids in the program of installing, namely VM allow install program be VM forbid install collection of programs outside program, now, host monitor virtual machine install forbid install program time, management and control operation is carried out to virtual machine, such as can positive closing virtual machine, also can by the operation note of user in host, or can both positive closing virtual machines, simultaneously also by the operation note of user in host, the present invention does not limit concrete management and control operation,
The rules of competence can comprise VM and allow the outer net IP of access or the outer net IP of VM disable access, if that the rules of competence are arranged is the outer net IP that VM allows access, any outer net IP so except the outer net IP that VM allows access is all included in the outer net IP of VM disable access, namely the outer net IP of VM permission access is the outer net IP outside the outer net IP set of VM disable access, now, when host monitors the outer net IP of virtual machine access disable access, management and control operation is carried out to virtual machine, such as can positive closing virtual machine, also can by the operation note of user in host, or can both positive closing virtual machines, simultaneously also by the operation note of user in host, the present invention does not limit concrete management and control operation,
The rules of competence can comprise the peripheral hardware that VM allows the peripheral hardware of use or VM to prohibit the use, if what the rules of competence were arranged is the peripheral hardware that VM allows to use, any peripheral hardware so except VM allows the peripheral hardware that uses all is included in the peripheral hardware that VM prohibits the use, namely the peripheral hardware outside the peripheral hardware set that the outer VM of being set to that VM permission uses prohibits the use, now, host monitors virtual machine when using the peripheral hardware prohibitted the use, management and control operation is carried out to virtual machine, such as can positive closing virtual machine, also can by the operation note of user in host, or can both positive closing virtual machines, simultaneously also by the operation note of user in host, the present invention does not limit concrete management and control operation.
It should be noted that, the rules of competence not only can be defined as above several mode, such as can also comprise restriction of registry access etc., and the various rules of competence can singlely exist, also can two or more rules of competence exist simultaneously, the present embodiment just have selected several preferred rules of competence and is described, but does not form restriction to the present invention program.
The present embodiment adds the scheme that host is monitored user right on the basis of embodiment one, and the behavior of user right to user operation virtual machine can authorized according to keeper under off-line state is monitored, and prevents the unauthorized operation of user.
The off-line secure virtual machine management method flow chart that Fig. 3 provides for the embodiment of the present invention three, the present embodiment compares the method that embodiment one adds host encrypting user image file, specific as follows:
Step 101 ~ 301 are identical with embodiment two, repeat no more, and can also comprise the following steps after step 301:
501, in user UKEY public key certificate checking legal after, host spanned file encryption keys stores the virtual machine image file of user.
In the present embodiment, file encryption key is preferably symmetric cryptographic key, because the amount of calculation of symmetric encipherment algorithm is little, the fast efficiency of encryption/decryption speed is high, for this larger file of image file, use symmetric encipherment algorithm can be more excellent, it should be noted that, also can use other algorithm, such as rivest, shamir, adelman, just will lower than symmetric encipherment algorithm in computational efficiency.
The virtual machine image file that host is encrypted can be complete image file, also can be increment image file, complete image file and foundation image file add increment image file, for same host, its foundation image file is fixing, also be that different user is when using same host, its foundation image file is all identical, the increment image file that different user's meetings is corresponding different, the operation that each user carries out in virtual machine is equivalent to the change made on the basis of foundation image file, capital is recorded in increment image file corresponding to this user, maintaining secrecy or preventing extraneous appropriator from stealing data and can being realized by the mode of only encrypting increment image file therefore for data message between different user, and the size of increment image file will much smaller than complete image file, therefore preferred increment image file to be encrypted, like this can on the basis of reducing encryption and decryption time and raising efficiency, data message between different user can be realized equally maintain secrecy and prevent extraneous appropriator from stealing the object of data.
Further, realize to make the data message on different hosts machine between different user maintaining complete secrecy between any two, need to make file encryption key and host hardware and user's one_to_one corresponding, the file encryption key that namely different hosts is corresponding different with different users.
And the generating mode of file encryption key can have multiple, such as, can stochastic generation file encryption key, as long as it is different with the key of different user to meet different hosts machine, now need the corresponding relation storing this file encryption key and host hardware user in the nonvolatile memory (such as hard disk) of host, so that the file encryption key that same user uses before can giving for change when using UKEY to start same host;
The mode automatically being generated key by condition code can also be used, such as, can use the encrypted private key host hardware characteristics code VALUE2 spanned file encryption key VALUE4 in user UKEY,
Further, now host can be decrypted VALUE4 by the PKI of public key certificate in UKEY, and value deciphering obtained and host hardware characteristics code VALUE2 contrast, to confirm the identity of UKEY holder,
Or VALUE3 can be generated according to foundation image characteristic value VALUE1 and host hardware characteristics code VALUE2, use the encrypted private key VALUE3 spanned file encryption key VALUE4 in user UKEY,
Further, now host can be decrypted VALUE4 by the PKI of public key certificate in UKEY, and contrast deciphering the value obtained, to confirm the identity of UKEY holder with the VALUE3 generated according to foundation image characteristic value VALUE1 and host hardware characteristics code VALUE2.
Here in the two kinds of modes exemplified, because the generation of file encryption key VALUE4 all needs calculating by the private key in host hardware characteristics code VALUE2 and user UKEY, file encryption key and host hardware and user's one_to_one corresponding thus can be guaranteed.
Use this mode automatically being generated key by condition code, due to for same host and same user, the file encryption key VALUE4 of each generation is all identical, therefore this key can be kept at nonvolatile memory, and only be kept in volatile memory (such as internal memory); In addition, because the private key for user encryption employed in UKEY obtains VALUE4, and private key is only present in UKEY, so the external world cannot calculate VALUE4 according to VALUE3, therefore confidentiality is better.
The present embodiment, by being stored the image file of user by host spanned file encryption keys, can effectively prevent appropriator from stealing data by modes such as plug-in hard disks, and each user that can realize on host has an independently system space.
The off-line secure virtual machine management method flow chart that Fig. 4 provides for the embodiment of the present invention four, present embodiments provide a preferably implementation, concrete steps are as follows:
S1, host prepackage host operating system and VM virtual machine foundation image.
All related softwares needed for work and a VM monitoring agent program are wherein installed in VM virtual machine foundation image.
S2, pre-implantation CA root certificate in host operating system.
S3, public key certificate content in user UKEY is read during host start, and the legitimacy of public key certificate in authentication of users UKEY is carried out by preset CA root certificate, in described user UKEY, public key certificate is that user obtains when CA applies for public key certificate and private key, and public key certificate and private key write in user UKEY in advance.
S4, in user UKEY public key certificate checking legal after, host generates the increment image file of symmetric cryptographic key cryptographic storage user.
S5, in user UKEY public key certificate checking legal after, user opens virtual machine, and the running status in virtual machine is passed to host by described monitoring agent program, host supervises virtual machine according to the rules of competence, and public key certificate comprises the rules of competence that keeper authorizes user operation VM.
The present embodiment scheme, except comprising above-mentioned steps, can also comprise the following steps:
S6, recording user uses UKEY to open all operations of host, uploads relevant information, to call to account afterwards after being connected into network to intranet server.
S7, up-to-date CRL CRL (CertificateRevocation List) downloaded by host after being connected into network, to needing the certificate of cancelling to cancel.
In addition, the certificate on user UKEY, once expired or authority needs adjustment, can be written in UKEY be realized by the new certificate of application.
The off-line secure virtual machine management devices structural representation that Fig. 5 provides for the embodiment of the present invention five, described device comprises:
Initialization module 10, for pre-installing host operating system in host;
Certificate arranges module 20, implants CA root certificate for pre-in host operating system;
Inspection module 30, for reading public key certificate content in user UKEY when host is started shooting, and the legitimacy of public key certificate in UKEY is verified by preset described CA root certificate, in described user UKEY, public key certificate is that user obtains when CA applies for public key certificate and private key, and public key certificate and private key write in user UKEY in advance.
The present embodiment implants CA root certificate by pre-in host operating system, and use CA root certificate to carry out legitimate verification to the public key certificate in user UKEY, under off-line state, certification can be carried out to user identity, solve under off-line state the problem cannot carrying out safety management in particularly mobile context to user.
In order to the behavior of user right to user operation virtual machine that host can be allowed to authorize according to keeper under off-line state is monitored, prevent the unauthorized operation of user, the scheme that host is monitored user right can be increased.
It is therefore further alternative,
Described initialization module 10 is also for pre-installing VM virtual machine foundation image in host;
Also comprise the rules of competence that keeper authorizes user operation VM in described public key certificate, described virtual machine foundation image comprises VM monitoring agent program, and off-line secure virtual machine device also comprises:
Monitoring module 40, after legal for the checking of public key certificate in user UKEY, user opens virtual machine, and the running status in virtual machine is passed to host by described monitoring agent program, and host is according to described rules of competence supervision virtual machine.
The rules of competence can have a variety of, and host can be monitored virtual machine according to the different rules of competence, further alternative,
The described rules of competence comprise: VM process white list or VM process blacklist, and wherein VM process white list is the list outside the set of VM process blacklist,
When described monitoring module 40 opens described process blacklist specifically for monitoring virtual machine at host, management and control operation is carried out to virtual machine;
And/or the described rules of competence comprise: VM allow install program, or VM forbid install program, wherein VM allow install program be VM forbid install collection of programs outside program,
When described monitoring module 40 installs the program of forbidding installing specifically for monitoring virtual machine at host, management and control operation is carried out to virtual machine;
And/or the described rules of competence comprise: VM allows the outer net IP of access, or the outer net IP of VM disable access, the outer net IP that wherein VM permission is accessed is the outer net IP outside the outer net IP of VM disable access gathers,
When described monitoring module 40 accesses the outer net IP of disable access specifically for monitoring virtual machine at host, management and control operation is carried out to virtual machine;
And/or the described rules of competence comprise: VM allows the peripheral hardware used, or the peripheral hardware that VM prohibits the use, the peripheral hardware outside the peripheral hardware set that the outer VM of being set to that wherein VM permission uses prohibits the use,
When described monitoring module 40 uses specifically for monitoring virtual machine at host the peripheral hardware prohibitted the use, management and control operation is carried out to virtual machine.
It is further alternative,
Described initialization module 10 is also for pre-installing VM virtual machine foundation image in host;
Off-line secure virtual machine management devices also comprises:
Encrypting module 50, after legal for the checking of public key certificate in user UKEY, host spanned file encryption keys stores the virtual machine image file of user.
By being stored the image file of user by host spanned file encryption keys, can effectively prevent appropriator from stealing data by modes such as plug-in hard disks, and each user that can realize on host have an independently system space.
Because the amount of calculation of symmetric encipherment algorithm is little, the fast efficiency of encryption/decryption speed is high, for this larger file of image file, use symmetric encipherment algorithm can be more excellent, and therefore further alternative, described file encryption key is symmetric cryptographic key.
Further alternative, described virtual machine image file is increment image file.
Preferably increment image file is encrypted, on the basis of reducing encryption and decryption time and raising efficiency, can realizes data message between different user equally and maintain secrecy and prevent extraneous appropriator from stealing the object of data like this.
Further alternative, described file encryption key and host hardware and user's one_to_one corresponding.
Further alternative, off-line secure virtual machine management devices also comprises:
Key production module 60, for generating VALUE3 according to foundation image characteristic value VALUE1 and host hardware characteristics code VALUE2, uses the encrypted private key VALUE3 spanned file encryption key VALUE4 in user UKEY; Or, use the encrypted private key host hardware characteristics code VALUE2 spanned file encryption key VALUE4 in user UKEY.
Use this mode automatically being generated key by condition code, due to for same host and same user, the file encryption key VALUE4 of each generation is all identical, therefore this key can be kept at nonvolatile memory, and only be kept in volatile memory (such as internal memory); In addition, because the private key for user encryption employed in UKEY obtains VALUE4, and private key is only present in UKEY, so the external world cannot calculate VALUE4 according to VALUE3, therefore confidentiality is better.
Further alternative, off-line secure virtual machine management devices also comprises:
Identity validation module 70, for generating VALUE3 in key production module 60 according to foundation image characteristic value VALUE1 and host hardware characteristics code VALUE2, when using the encrypted private key VALUE3 spanned file encryption key VALUE4 in user UKEY, by the PKI of public key certificate in UKEY, VALUE4 is decrypted, and contrast deciphering the value obtained, to confirm the identity of UKEY holder with the VALUE3 generated according to foundation image characteristic value VALUE1 and host hardware characteristics code VALUE2; Or, when using the encrypted private key host hardware characteristics code VALUE2 spanned file encryption key VALUE4 in user UKEY in key production module 60, by the PKI of public key certificate in UKEY, VALUE4 is decrypted, and value deciphering obtained and host hardware characteristics code VALUE2 contrast, to confirm the identity of UKEY holder.
One of ordinary skill in the art will appreciate that: all or part of step realizing said method embodiment can have been come by the hardware that program command is relevant, aforesaid program can be stored in a computer read/write memory medium, this program, when performing, performs the step comprising said method embodiment; And aforesaid storage medium comprises: ROM, RAM, magnetic disc or CD etc. various can be program code stored medium.
Device embodiment described above is only schematic, the module wherein illustrated as separating component or unit or can may not be and physically separate, parts as unit display can be or may not be physical location, namely can be positioned at a place, or also can be distributed at least two network element.Some or all of module wherein or unit can be selected according to the actual needs to realize the object of the present embodiment scheme.Those of ordinary skill in the art, when not paying performing creative labour, are namely appreciated that and implement.
Last it is noted that above embodiment is only in order to illustrate technical scheme of the present invention, be not intended to limit; Although with reference to previous embodiment to invention has been detailed description, those of ordinary skill in the art is to be understood that: it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein portion of techniques feature; And these amendments or replacement, do not make the essence of appropriate technical solution depart from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (14)
1. an off-line secure virtual machine management method, is characterized in that, described method comprises:
Host prepackage host operating system;
Pre-implantation CA root certificate in host operating system;
Public key certificate content in user UKEY is read during host start, and the legitimacy of public key certificate in authentication of users UKEY is carried out by preset described CA root certificate, in described user UKEY, public key certificate is that user obtains when CA applies for public key certificate and private key, and public key certificate and private key write in user UKEY in advance.
2. method according to claim 1, is characterized in that,
Described method also comprises: host prepackage VM virtual machine foundation image;
Also comprise the rules of competence that keeper authorizes user operation VM in described public key certificate, described virtual machine foundation image comprises VM monitoring agent program;
Described method also comprises: in user UKEY public key certificate checking legal after, user opens virtual machine, and the running status in virtual machine is passed to host by described monitoring agent program, and host is according to described rules of competence supervision virtual machine.
3. method according to claim 2, is characterized in that,
The described rules of competence comprise: VM process white list or VM process blacklist, and wherein VM process white list is the list outside the set of VM process blacklist,
Described host comprises according to described rules of competence supervision virtual machine: host monitors virtual machine when opening described process blacklist, carries out management and control operation to virtual machine;
And/or the described rules of competence comprise: VM allow install program or VM forbid install program, wherein VM allow install program be VM forbid install collection of programs outside program,
Described host comprises according to described rules of competence supervision virtual machine: host monitors virtual machine when installing the program of forbidding installing, and carries out management and control operation to virtual machine;
And/or the described rules of competence comprise: VM allows the outer net IP of access or the outer net IP of VM disable access, the outer net IP that wherein VM permission is accessed is the outer net IP outside the outer net IP of VM disable access gathers,
Described host comprises according to described rules of competence supervision virtual machine: when host monitors the outer net IP of virtual machine access disable access, carry out management and control operation to virtual machine;
And/or the described rules of competence comprise: the peripheral hardware that VM allows the peripheral hardware of use or VM to prohibit the use, the peripheral hardware outside the peripheral hardware set that the outer VM of being set to that wherein VM permission uses prohibits the use,
Described host comprises according to described rules of competence supervision virtual machine: host monitors virtual machine when using the peripheral hardware prohibitted the use, and carries out management and control operation to virtual machine.
4. method according to claim 1, is characterized in that, described method also comprises:
Described method also comprises: host prepackage VM virtual machine foundation image;
In user UKEY public key certificate checking legal after, host spanned file encryption keys stores the virtual machine image file of user.
5. method according to claim 4, is characterized in that, described virtual machine image file is increment image file.
6. the method according to any one of claim 4 ~ 5, is characterized in that, described file encryption key and host hardware and user's one_to_one corresponding.
7. method according to claim 6, is characterized in that, file encryption key generates by the following method:
Generate VALUE3 according to foundation image characteristic value VALUE1 and host hardware characteristics code VALUE2, use the encrypted private key VALUE3 spanned file encryption key VALUE4 in user UKEY;
Or, use the encrypted private key host hardware characteristics code VALUE2 spanned file encryption key VALUE4 in user UKEY.
8. an off-line secure virtual machine management devices, is characterized in that, described device comprises:
Initialization module, for pre-installing host operating system in host;
Certificate arranges module, implants CA root certificate for pre-in host operating system;
Inspection module, for reading public key certificate content in user UKEY when host is started shooting, and the legitimacy of public key certificate in UKEY is verified by preset described CA root certificate, in described user UKEY, public key certificate is that user obtains when CA applies for public key certificate and private key, and public key certificate and private key write in user UKEY in advance.
9. device according to claim 8, is characterized in that,
Described initialization module is also for pre-installing VM virtual machine foundation image in host;
Also comprise the rules of competence that keeper authorizes user operation VM in described public key certificate, described virtual machine foundation image comprises VM monitoring agent program;
Described device also comprises:
Monitoring module, after legal for the checking of public key certificate in user UKEY, user opens virtual machine, and the running status in virtual machine is passed to host by described monitoring agent program, and host is according to described rules of competence supervision virtual machine.
10. device according to claim 9, is characterized in that,
The described rules of competence comprise: VM process white list or VM process blacklist, and wherein VM process white list is the list outside the set of VM process blacklist,
When described monitoring module opens described process blacklist specifically for monitoring virtual machine at host, management and control operation is carried out to virtual machine;
And/or the described rules of competence comprise: VM allow install program or VM forbid install program, wherein VM allow install program be VM forbid install collection of programs outside program,
When described monitoring module installs the program of forbidding installing specifically for monitoring virtual machine at host, management and control operation is carried out to virtual machine;
And/or the described rules of competence comprise: VM allows the outer net IP of access or the outer net IP of VM disable access, the outer net IP that wherein VM permission is accessed is the outer net IP outside the outer net IP of VM disable access gathers,
When described monitoring module accesses the outer net IP of disable access specifically for monitoring virtual machine at host, management and control operation is carried out to virtual machine;
And/or the described rules of competence comprise: the peripheral hardware that VM allows the peripheral hardware of use or VM to prohibit the use, the peripheral hardware outside the peripheral hardware set that the outer VM of being set to that wherein VM permission uses prohibits the use,
When described monitoring module uses specifically for monitoring virtual machine at host the peripheral hardware prohibitted the use, management and control operation is carried out to virtual machine.
11. devices according to claim 8, is characterized in that,
Described initialization module is also for pre-installing VM virtual machine foundation image in host;
Described device also comprises:
Encrypting module, after legal for the checking of public key certificate in user UKEY, host spanned file encryption keys stores the virtual machine image file of user.
12. devices according to claim 11, is characterized in that, described virtual machine image file is increment image file.
13. devices according to any one of claim 11 ~ 12, is characterized in that, described file encryption key and host hardware and user's one_to_one corresponding.
14. devices according to claim 13, is characterized in that, described device also comprises:
Key production module, for generating VALUE3 according to foundation image characteristic value VALUE1 and host hardware characteristics code VALUE2, uses the encrypted private key VALUE3 spanned file encryption key VALUE4 in user UKEY; Or, use the encrypted private key host hardware characteristics code VALUE2 spanned file encryption key VALUE4 in user UKEY.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510217434.1A CN104811941B (en) | 2015-04-30 | 2015-04-30 | Offline secure virtual machine management method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510217434.1A CN104811941B (en) | 2015-04-30 | 2015-04-30 | Offline secure virtual machine management method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104811941A true CN104811941A (en) | 2015-07-29 |
| CN104811941B CN104811941B (en) | 2018-09-11 |
Family
ID=53696333
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510217434.1A Active CN104811941B (en) | 2015-04-30 | 2015-04-30 | Offline secure virtual machine management method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104811941B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107689943A (en) * | 2016-08-04 | 2018-02-13 | 深圳市深信服电子科技有限公司 | A kind of method of data encryption, user terminal, server and system |
| US9912478B2 (en) | 2015-12-14 | 2018-03-06 | International Business Machines Corporation | Authenticating features of virtual server system |
| CN108600240A (en) * | 2018-05-02 | 2018-09-28 | 济南浪潮高新科技投资发展有限公司 | A kind of communication system and its communication means |
| CN110110505A (en) * | 2019-05-08 | 2019-08-09 | 上海航天电子有限公司 | Equipment is encrypted based on USBkey and registration sequence number remote control bound |
| CN114301597A (en) * | 2021-12-13 | 2022-04-08 | 零信技术(深圳)有限公司 | Key verification method, device and readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1743991A (en) * | 2005-09-29 | 2006-03-08 | 浪潮电子信息产业股份有限公司 | Computer local safety access control method |
| CN101534194A (en) * | 2008-03-12 | 2009-09-16 | 航天信息股份有限公司 | Method for protecting safety of trusted certificate |
| CN102567682A (en) * | 2011-12-31 | 2012-07-11 | 曙光信息产业股份有限公司 | User access method based on BIOS (Basic Input Output System) setting |
-
2015
- 2015-04-30 CN CN201510217434.1A patent/CN104811941B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1743991A (en) * | 2005-09-29 | 2006-03-08 | 浪潮电子信息产业股份有限公司 | Computer local safety access control method |
| CN101534194A (en) * | 2008-03-12 | 2009-09-16 | 航天信息股份有限公司 | Method for protecting safety of trusted certificate |
| CN102567682A (en) * | 2011-12-31 | 2012-07-11 | 曙光信息产业股份有限公司 | User access method based on BIOS (Basic Input Output System) setting |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9912478B2 (en) | 2015-12-14 | 2018-03-06 | International Business Machines Corporation | Authenticating features of virtual server system |
| CN107689943A (en) * | 2016-08-04 | 2018-02-13 | 深圳市深信服电子科技有限公司 | A kind of method of data encryption, user terminal, server and system |
| CN108600240A (en) * | 2018-05-02 | 2018-09-28 | 济南浪潮高新科技投资发展有限公司 | A kind of communication system and its communication means |
| CN110110505A (en) * | 2019-05-08 | 2019-08-09 | 上海航天电子有限公司 | Equipment is encrypted based on USBkey and registration sequence number remote control bound |
| CN114301597A (en) * | 2021-12-13 | 2022-04-08 | 零信技术(深圳)有限公司 | Key verification method, device and readable storage medium |
| CN114301597B (en) * | 2021-12-13 | 2024-02-09 | 零信技术(深圳)有限公司 | Key verification method, device and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104811941B (en) | 2018-09-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110892691B (en) | Secure execution platform cluster | |
| JP6525478B2 (en) | A method and apparatus for securing encryption keys in an unsecured computing environment, as applied to securing and managing virtualization and cloud computing. | |
| CN102271037B (en) | Based on the key protectors of online key | |
| EP3522580B1 (en) | Credential provisioning | |
| CN102063592B (en) | Credible platform and method for controlling hardware equipment by using same | |
| US20140112470A1 (en) | Method and system for key generation, backup, and migration based on trusted computing | |
| US20140040633A1 (en) | Secure transaction method from a non-secure terminal | |
| CN105103488A (en) | Policy enforcement with associated data | |
| CN103580855B (en) | Usbkey management method based on sharing technology | |
| WO2021139338A1 (en) | Data access permission verification method and apparatus, computer device, and storage medium | |
| CN104811941A (en) | Offline virtual machine safety management method and device | |
| JP2009103774A (en) | Secret sharing system | |
| CN110138548A (en) | Based on unsymmetrical key pond to and DH agreement quantum communications service station cryptographic key negotiation method and system | |
| CN114679270A (en) | Data cross-domain encryption and decryption method based on privacy calculation | |
| CN112787996B (en) | Password equipment management method and system | |
| CN113592497A (en) | Financial transaction service security authentication method and device based on block chain | |
| CN111190694A (en) | Virtualization security reinforcement method and device based on Roc platform | |
| KR101262844B1 (en) | Apparatus for relaying remote meter data for controlling network access and method thereof | |
| CN109644185A (en) | Method and apparatus for carrying out secure electronic data communication | |
| CN115801232A (en) | Private key protection method, device, equipment and storage medium | |
| CN113221139A (en) | Electronic information encryption method | |
| KR100769439B1 (en) | Database Security System Using Key Profile based on Public Key Infrastructure Mechanism | |
| CN101478538A (en) | Storage method, apparatus or system for safety management device | |
| CN110138547A (en) | Based on unsymmetrical key pond to and sequence number quantum communications service station cryptographic key negotiation method and system | |
| CN116827653B (en) | Data encryption and authorization management method based on Hyperledger Fabric alliance chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor Patentee after: RUIJIE NETWORKS Co.,Ltd. Address before: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor Patentee before: Beijing Star-Net Ruijie Networks Co.,Ltd. |