CN111901414A - Realization method and realization system of secure desktop transmission protocol based on virtualization environment - Google Patents
Realization method and realization system of secure desktop transmission protocol based on virtualization environment Download PDFInfo
- Publication number
- CN111901414A CN111901414A CN202010732616.3A CN202010732616A CN111901414A CN 111901414 A CN111901414 A CN 111901414A CN 202010732616 A CN202010732616 A CN 202010732616A CN 111901414 A CN111901414 A CN 111901414A
- Authority
- CN
- China
- Prior art keywords
- image data
- virtual machine
- image
- server
- graphics card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/08—Protocols specially adapted for terminal emulation, e.g. Telnet
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2425—Traffic characterised by specific attributes, e.g. priority or QoS for supporting services specification, e.g. SLA
- H04L47/2433—Allocation of priorities to traffic types
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/26—Special purpose or proprietary protocols or architectures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a method for realizing a secure desktop transmission protocol based on a virtualization environment, which comprises the following steps: the virtual machine automatically detects a graphics card mode used by the virtual machine through a deployed agent program, selects image processing equipment to preprocess image data based on the graphics card mode, and transmits the preprocessed image data to a host machine; the host machine receives image data from the virtual machine through the deployed server program and transmits the image data to the terminal equipment through the network; and the terminal equipment receives the image data from the host machine through the deployed client program and displays the image data. The invention also relates to a realization system of the safe desktop transmission protocol based on the virtualization environment. The safe desktop transmission protocol provided by the invention can meet the requirements of various application scenes of the cloud desktop, can provide virtual desktop service similar to a local PC (personal computer) for a user, has excellent image processing performance, and brings powerful functions, high-resolution videos and abundant peripheral VDI (visual desktop interface) experience.
Description
Technical Field
The invention relates to the field of cloud computing, in particular to a method and a system for realizing a secure desktop transmission protocol based on a virtualization environment.
Background
In the last decade, the combination of virtualization technology and cloud computing brings brand-new resource integration and use modes, and stimulates huge technical change, thereby leading to large-scale innovation of office modes.
The desktop cloud is a new mode for providing desktop services, and the remote terminal equipment accesses an application program in the cloud through a network to realize the use experience consistent with that of a PC. The cloud desktop delivers own computing and storage capacity, personalized application and data content to the user through the cloud desktop transmission protocol, so that the transmission protocol determines the efficiency and the display effect of the cloud desktop.
The open source cloud desktop transmission protocol, namely, the SPICE protocol (Simple protocol Independent Computing Environment, short for Simple protocol for Independent Computing Environment), can provide high-performance, dynamically self-adaptive desktop delivery, and can provide better-performance experience for clients due to unique technical architecture and application characteristics. SPICE adopts MJPEG to compress video, the MJPEG algorithm has low compression rate, no consideration is given to the change of the images among frames, a large amount of redundant information is repeatedly stored, the occupied network bandwidth is high, the phenomenon of frame loss is heavier, the instantaneity is poor, and the method is not suitable for the network transmission of the video images.
Disclosure of Invention
The invention aims to provide a Secure Multichannel Enhancement Protocol (SMEP), which is a special desktop transmission Protocol developed for cloud desktop scenes, can meet the requirements of the cloud desktop in various application scenes, is a set of high-performance and dynamically self-adaptive remote network communication components, can provide virtual desktop services similar to local PCs for users by combining the SMEP with bottom layer virtualization, has excellent image processing performance, and brings powerful functions, high-resolution videos and peripheral device enriched VDI experience.
The invention provides a method for realizing a secure desktop transmission protocol based on a virtualization environment, which comprises the following steps:
the virtual machine detects a video card mode used by the virtual machine through a deployed agent program, selects image processing equipment to preprocess image data based on the video card mode, and transmits the preprocessed image data to a host machine running the virtual machine;
the host machine receives image data from the virtual machine through a deployed server program, and transmits the received image data to the terminal equipment through a network after carrying out secondary processing on the received image data;
and the terminal equipment receives the image data from the host machine through the deployed client program, processes the received image data and displays the processed image data.
According to one embodiment of the invention, the detecting of the graphics card mode used by the virtual machine comprises: and automatically detecting whether the virtual machine uses a physical display card or a soft display card.
According to one embodiment of the invention, the image processing device is selected based on the graphics card mode to pre-process the image data, and the image processing device comprises: under the condition that the virtual machine uses the physical display card, selecting the physical display card as image processing equipment to preprocess 3D image data; and under the condition that the virtual machine uses the soft graphics card, selecting the soft graphics card as image processing equipment to preprocess 2D image data.
According to one embodiment of the invention, the physical display card comprises GPU virtualization and GPU pass-through, and the soft display card comprises a soft GPU.
According to one embodiment of the invention, the image definition of the virtual machine preprocessing is configured according to the network condition and the user self appeal in the private cloud environment.
According to an embodiment of the present invention, the host and the terminal device transmit communication via a plurality of channels, and the plurality of channels at least include: a 2D image display channel for transmitting 2D graphics image commands and corresponding image and video data streams and a 3D image display channel for transmitting 3D graphics image commands and corresponding image and video data streams.
According to an embodiment of the present invention, the 3D image display channel is selectively turned on or off based on the graphics card mode used by the virtual machine, the 3D image display channel is automatically turned on when the virtual machine uses a physical graphics card, and the 3D image display channel is automatically turned off when the virtual machine uses a soft graphics card.
According to one embodiment of the invention, the terminal device and the host establish a trusted encryption transmission channel after completing the safe mutual authentication, and the image data is transmitted in the trusted encryption transmission channel.
According to one embodiment of the invention, the preprocessing of the image data by the virtual machine comprises image type identification, transcoding, encoding and encryption, and the processing of the image data by the terminal device comprises decryption, decoding and transcoding.
The second aspect of the present invention provides a system for implementing a secure desktop transport protocol based on a virtualized environment, which includes:
a server deployed with a virtualized environment;
a plurality of virtual machines running on the server; and
a terminal device connected to the server via a network,
wherein:
each virtual machine is provided with an agent program which is configured to detect a graphics card mode used by the virtual machine, select image processing equipment to preprocess image data based on the graphics card mode, and transmit the preprocessed image data to the server,
the server is provided with a server program which is configured to receive the image data from the virtual machine and transmit the image data to the terminal equipment after carrying out secondary processing on the received image data,
the terminal device is deployed with a client program configured to receive image data from the server, and display the received image data after processing the image data.
By adopting the technical scheme, the invention at least has the following beneficial effects:
1. the SMEP provided by the invention can meet the requirements of various application scenes of the cloud desktop, can provide virtual desktop service similar to a local PC (personal computer) for a user, has excellent image processing performance, and brings powerful functions, high-resolution videos and rich peripheral VDI (visual desktop interface) experience.
2. The SMEP provided by the invention can automatically detect the graphics card mode used by the virtual machine, automatically adopts different graphics image processing modes aiming at different graphics card modes, and can realize graphics card self-adaptation.
3. The SMEP protocol provided by the invention supports the configuration of definition, and can carry out the configuration of a global or single virtual machine according to the network condition under the private cloud environment and the self appeal of a user so as to meet the personalized requirement of the client.
4. The SMEP provided by the invention realizes the classified transmission of data by using a multi-channel technology, effectively avoids the interference between different types of data, ensures the safety isolation of the data, realizes a dynamic transmission strategy based on priority through channel management control, and improves the instantaneity and the experience.
5. The SMEP provided by the invention adds an encryption measure of a transmission channel on the basis of ensuring the transmission of the pixel-level image, and ensures the safe use of the cloud desktop.
6. The SMEP provided by the invention can effectively utilize the vGPU hard coding capability of the server and the hard decoding capability of the terminal GPU, thereby improving the coding and decoding efficiency, reducing the CPU pressure of the server and the terminal, and improving the virtual machine density of the server and the local operation experience of the terminal to a certain extent.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are required to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
FIG. 1 is a process flow diagram of a method for implementing a secure desktop transport protocol based on a virtualization environment provided by the present invention;
fig. 2 shows a schematic architecture diagram of the SMEP protocol provided by the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the following embodiments of the present invention are described in further detail with reference to the accompanying drawings.
The first aspect of the present invention relates to a method for implementing a secure desktop transport protocol based on a virtualization environment, as shown in fig. 1, the method 100 includes: step 102: the virtual machine detects a video card mode used by the virtual machine through a deployed agent program, selects image processing equipment to preprocess image data based on the video card mode, and transmits the preprocessed image data to a host machine running the virtual machine; step 104: the host machine receives the image data from the virtual machine through the deployed server program, and transmits the received image data to the terminal equipment through the network after carrying out secondary processing on the received image data; step 106: the terminal equipment receives the image data from the host machine through deploying the client program, and displays the received image data after processing the received image data.
The step 102 of detecting the graphics card mode used by the virtual machine includes automatically detecting whether the virtual machine uses a physical graphics card or a soft graphics card. Under the condition that the virtual machine uses a physical display card, selecting the physical display card as image processing equipment to preprocess 3D image data; and under the condition that the virtual machine uses the soft display card, selecting the soft display card as image processing equipment to preprocess the 2D image data.
The physical display card comprises GPU (graphic processing unit) virtualization and GPU transparent transmission, and the soft display card comprises a soft GPU.
The image definition of the virtual machine preprocessing can be configured according to the network condition and the user appeal in the private cloud environment.
Wherein, through a plurality of passageways transmission communication between host computer and the terminal equipment, a plurality of passageways include: main channel for transmission of control and configuration instructions: 2D image display channel for transmitting 2D graphics image commands and corresponding image and video data streams: 3D image display channel for transmitting 3D graphics image commands and corresponding image and video data streams: input channels for keyboard and mouse input: cursor channels for sending and receiving coordinates of the command device and shape of the cursor: the recording channel is used for the client to receive the audio data from the server for playing: the playback channel is used for collecting the audio data of the client and sending the audio data to the server: and the USB channel is used for redirecting and data transmission of the USB peripheral equipment.
The 3D image display channel is selectively opened or closed based on the video card mode used by the virtual machine. Specifically, after automatically detecting a graphics card mode used by the virtual machine, the agent program on the virtual machine transmits a detection result to the server program on the host, and the server program selectively opens or closes a 3D image display channel based on the detection result: under the condition that the virtual machine uses the physical display card, the 3D image display channel is automatically started; and in the case that the virtual machine uses the soft graphics card, the 3D image display channel is automatically closed.
The terminal equipment and the host machine establish a credible encryption transmission channel after completing safe mutual authentication, and the image data is transmitted in the credible encryption transmission channel.
The virtual machine preprocesses the image data and comprises image type identification, transcoding, encoding and encryption, and the terminal equipment processes the image data and comprises decryption, decoding and transcoding.
The following describes in detail an implementation method of the SMEP protocol based on a virtualization environment, which is provided by the present invention, with reference to fig. 2.
The SMEP protocol mainly comprises three parts: SMEP Server: a server program, which is deployed and integrated on a virtualization host (i.e., host), belongs to a part of a virtualization layer, and exists as a backend program of a virtual machine; SMEP Client: the client program is deployed and integrated on a terminal (client), belongs to a part of a cloud desktop client and is used as a core part for image processing at the cloud desktop terminal side; SMEP Agent: and the agent program is installed and deployed in an operating system (GuestOS) of the Virtual Machine (VM) and realizes image data communication with the server program.
The SMEP protocol has the following features:
1. graphics card adaptation
The SMEP protocol can automatically detect the graphics card mode used by the virtual machine, judge whether a physical graphics card (GPU virtualization (vGPU) or GPU transparent transmission (pGPU)) or a soft graphics card (soft GPU) is used, and automatically adopt different graphics image processing modes aiming at different graphics card modes. Under the condition of using a physical display card, the image data is processed through the physical display card, and under the condition of adopting a soft display card, only the 2D image data is processed.
2. Resolution configurable
Because the desktop transmission protocol transmits the graphic image data of the server to the terminal for local processing and display through the network, the definition has high dependence on the transmission quality of the network (especially a scene with rapid image change), for the private cloud, a definition or a full self-adaptive mode is completely adopted, which often cannot achieve an ideal effect, SMEP supports the definition configuration, and the configuration of a global or single virtual machine can be carried out according to the network condition under the private cloud environment and the personal appeal of a user, so as to meet the personalized requirement of the client.
3. Multi-channel transmission
Data communication between a server and a client is transmitted through channels (based on a TCP or UDP protocol), each channel is used for transmitting specific types of data, and the following methods are mainly used:
a main channel: a channel for transmitting control and configuration instructions;
2D image display channel: transmitting a 2D graphics image command and corresponding image and video data streams;
3D image display channel: transmitting a 3D graphics image command and corresponding image and video data streams;
an input channel: input for keyboard and mouse;
cursor channel: sending and receiving coordinates of the command device and the shape of the cursor;
recording channel: the channel is used for the client to receive the audio data from the server to play;
playback channel: collecting audio data of a client and sending the audio data to a server;
USB channel: redirection and data transmission for the USB peripheral;
the data are classified and transmitted by using a multi-channel technology, the interference among different types of data is effectively avoided, the data safety isolation is ensured, a dynamic transmission strategy based on priority can be realized through channel management control, and the instantaneity and the experience are improved.
4. Encrypted transmission
The cloud desktop naturally has certain security advantages, namely data are stored in the cloud, and a terminal at the user side is only used for displaying a virtual machine operating system picture, but the terminal is only guaranteed not to be secret (the data do not fall in the local terminal), but a desktop image can still be captured by a certain technical means in the transmission process. The SMEP protocol adds an encryption measure of a transmission channel on the basis of ensuring the transmission of pixel-level images, a client and a server establish a credible encryption transmission channel after completing safe mutual authentication, and all image data and control instructions are transmitted in the security channel, so that the safe use of the cloud desktop is ensured.
5. Hard coding and decoding
SMEP can effectively utilize vGPU hard coding capacity of the server and hard decoding capacity of the terminal GPU, so that coding and decoding efficiency is improved, CPU pressure of the server and the terminal is reduced, virtual machine density of the server can be improved to a certain extent, and local operation experience of the terminal can be improved. Generally, a compression algorithm with a higher compression ratio is adopted by a cloud desktop transmission protocol in order to reduce the data transmission amount, so that the CPU pressure of a server and a terminal is increased to obtain a proper and adverse experience effect, and SMEP effectively avoids the problem by utilizing a hard coding and decoding technology.
The realization of the 3D desktop technology needs to depend on a physical display card, and comprises display card direct connection and display card virtualization. Aiming at the virtualization of the display card, the server side supports the AMD display card and the Nvidia Tesla series display card. The process of the display card virtualization is to slice the display card and distribute the display card time slices to the virtual machine for use. The display card supporting the virtualization of the display card can be generally divided into time slices with different specifications according to needs, so that the time slices can be distributed to a plurality of virtual machines for use.
After the QEMU (virtual operating system simulator) of the virtual machine has the vGPU, the vGPU takes over image processing and display output of the virtual machine, at the moment, the soft GPU is in an idle state, and the Agent module part of the SMEP protocol can monitor the states of the vGPU and the soft GPU and ensure that the virtual machine can always have correct display output equipment and obtain correct image data. Under the condition of having the vGPU, the SMEP Agent can obtain image data from the vGPU, automatically starts a 3D graphics image transmission channel, transmits the image data to an SMEP Server module of a host through a special image channel after a series of preprocessing (including image type identification, transcoding, coding, encryption and the like) on the image data, transmits the data to a client component on a terminal through the 3D graphics image transmission channel after carrying out secondary processing on the data, and displays the image after the client component on the terminal receives the image data and carries out a series of processing (including decryption, decoding, transcoding and the like).
The image data of the vGPU can be analyzed and optimized according to the transmission requirement in the SMEP Agent preprocessing stage so as to meet the requirements on graphic instruction processing, image definition, bandwidth occupation and the like, and other data and instructions except the image data of the vGPU are communicated with the client and the server and with the inside of the virtual machine through other channels.
The second aspect of the present invention relates to a system for implementing a secure desktop transport protocol based on a virtualized environment, which includes: a server deployed with a virtualized environment; a plurality of virtual machines running on a server; and a terminal device connected to the server through a network. The method comprises the following steps that an agent program is deployed on each virtual machine and is configured to detect a graphics card mode used by the virtual machine, image processing equipment is selected based on the graphics card mode to preprocess image data, and the preprocessed image data are transmitted to a server; the server is provided with a server program and is configured to receive the image data from the virtual machine, and transmit the received image data to the terminal equipment after secondary processing is carried out on the received image data; the terminal device is deployed with a client program configured to receive image data from the server, and display the received image data after processing the image data.
In summary, the SMEP protocol provided by the invention can meet the requirements of cloud desktop in various application scenes, can provide virtual desktop service similar to local PC for users, has excellent image processing performance, and brings powerful functions, high-resolution videos and rich peripheral VDI experience.
Finally, it should be noted that, as will be understood by those skilled in the art, all or part of the processes of the methods of the above embodiments may be implemented by a computer program, which may be stored in a computer-readable storage medium, and when executed, may include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like. Embodiments of the computer program may achieve the same or similar effects as any of the preceding method embodiments to which it corresponds.
In addition, the apparatuses, devices and the like disclosed in the embodiments of the present invention may be various electronic terminal devices, such as a mobile phone, a Personal Digital Assistant (PDA), a tablet computer (PAD), a smart television and the like, or may be a large terminal device, such as a server and the like, and therefore the scope of protection disclosed in the embodiments of the present invention should not be limited to a specific type of apparatus, device. The client disclosed in the embodiment of the present invention may be applied to any one of the above electronic terminal devices in the form of electronic hardware, computer software, or a combination of both.
Furthermore, the method disclosed according to an embodiment of the present invention may also be implemented as a computer program executed by a CPU, and the computer program may be stored in a computer-readable storage medium. The computer program, when executed by the CPU, performs the above-described functions defined in the method disclosed in the embodiments of the present invention.
Further, the above method steps and system elements may also be implemented using a controller and a computer readable storage medium for storing a computer program for causing the controller to implement the functions of the above steps or elements.
Further, it should be appreciated that the computer-readable storage media (e.g., memory) described herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of example, and not limitation, nonvolatile memory can include Read Only Memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which can act as external cache memory. By way of example and not limitation, RAM is available in a variety of forms such as synchronous RAM (DRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The storage devices of the disclosed aspects are intended to comprise, without being limited to, these and other suitable types of memory.
Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as software or hardware depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the disclosed embodiments of the present invention.
The various illustrative logical blocks, modules, and circuits described in connection with the disclosure herein may be implemented or performed with the following components designed to perform the functions described herein: a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination of these components. A general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP, and/or any other such configuration.
The steps of a method or algorithm described in connection with the disclosure herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC. The ASIC may reside in a user terminal. In the alternative, the processor and the storage medium may reside as discrete components in a user terminal.
In one or more exemplary designs, the functions may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer. By way of example, and not limitation, such computer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a general-purpose or special-purpose computer, or a general-purpose or special-purpose processor. Also, any connection is properly termed a computer-readable medium. For example, if the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, Digital Versatile Disc (DVD), floppy disk, blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.
The foregoing is an exemplary embodiment of the present disclosure, but it should be noted that various changes and modifications could be made herein without departing from the scope of the present disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosed embodiments of the invention may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
Claims (10)
1. A method for implementing a secure desktop transport protocol based on a virtualization environment is characterized by comprising the following steps:
the virtual machine detects a video card mode used by the virtual machine through a deployed agent program, selects image processing equipment to preprocess image data based on the video card mode, and transmits the preprocessed image data to a host machine running the virtual machine;
the host machine receives image data from the virtual machine through a deployed server program, and transmits the received image data to the terminal equipment through a network after carrying out secondary processing on the received image data;
and the terminal equipment receives the image data from the host machine through the deployed client program, processes the received image data and displays the processed image data.
2. The method for implementing a secure desktop transport protocol based on a virtualized environment as claimed in claim 1, wherein detecting the graphics card mode used by the virtual machine comprises: and automatically detecting whether the virtual machine uses a physical display card or a soft display card.
3. The method as claimed in claim 2, wherein selecting the image processing device to pre-process the image data based on the graphics card mode comprises: under the condition that the virtual machine uses the physical display card, selecting the physical display card as image processing equipment to preprocess 3D image data; and under the condition that the virtual machine uses the soft graphics card, selecting the soft graphics card as image processing equipment to preprocess 2D image data.
4. The method as claimed in claim 2 or 3, wherein the physical graphics card includes GPU virtualization and GPU pass-through, and the soft graphics card includes soft GPU.
5. The method for implementing the secure desktop transport protocol based on the virtualization environment as claimed in claim 1, wherein the image definition of the virtual machine preprocessing is configured according to network conditions and user's own appeal in a private cloud environment.
6. The method for implementing a secure desktop transport protocol based on a virtualized environment as claimed in claim 1, wherein the host and the terminal device communicate via a plurality of channels, the plurality of channels at least comprising: a 2D image display channel for transmitting 2D graphics image commands and corresponding image and video data streams and a 3D image display channel for transmitting 3D graphics image commands and corresponding image and video data streams.
7. The method as claimed in claim 6, wherein the 3D image display channel is selectively turned on or off based on the graphics card mode used by the virtual machine, and when the virtual machine uses a physical graphics card, the 3D image display channel is automatically turned on, and when the virtual machine uses a soft graphics card, the 3D image display channel is automatically turned off.
8. The method for implementing a secure desktop transport protocol based on a virtualized environment as claimed in claim 1, wherein the terminal device and the host establish a trusted encryption transport channel after completing secure mutual authentication, and the image data is transmitted in the trusted encryption transport channel.
9. The method for implementing the secure desktop transport protocol based on the virtualization environment as claimed in claim 1, wherein the pre-processing of the image data by the virtual machine includes image type identification, transcoding, encoding and encryption, and the processing of the image data by the terminal device includes decryption, decoding and transcoding.
10. A realization system of a secure desktop transmission protocol based on a virtualization environment is characterized by comprising:
a server deployed with a virtualized environment;
a plurality of virtual machines running on the server; and
a terminal device connected to the server via a network,
wherein:
each virtual machine is provided with an agent program which is configured to detect a graphics card mode used by the virtual machine, select image processing equipment to preprocess image data based on the graphics card mode, and transmit the preprocessed image data to the server,
the server is provided with a server program which is configured to receive the image data from the virtual machine and transmit the image data to the terminal equipment after carrying out secondary processing on the received image data,
the terminal device is deployed with a client program configured to receive image data from the server, and display the received image data after processing the image data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010732616.3A CN111901414A (en) | 2020-07-27 | 2020-07-27 | Realization method and realization system of secure desktop transmission protocol based on virtualization environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010732616.3A CN111901414A (en) | 2020-07-27 | 2020-07-27 | Realization method and realization system of secure desktop transmission protocol based on virtualization environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111901414A true CN111901414A (en) | 2020-11-06 |
Family
ID=73190945
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010732616.3A Pending CN111901414A (en) | 2020-07-27 | 2020-07-27 | Realization method and realization system of secure desktop transmission protocol based on virtualization environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111901414A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112416279A (en) * | 2020-11-16 | 2021-02-26 | 新华三云计算技术有限公司 | Server display method, device, equipment and storage medium |
| CN112732399A (en) * | 2021-03-31 | 2021-04-30 | 统信软件技术有限公司 | Switching method of desktop display protocol, computing device and readable storage medium |
| CN113254130A (en) * | 2021-05-13 | 2021-08-13 | 贵州海誉科技股份有限公司 | Method for adaptively adjusting resolution of cloud desktop |
| CN114115657A (en) * | 2021-11-23 | 2022-03-01 | 北京百度网讯科技有限公司 | Display mode switching method, device, equipment and medium of cloud mobile phone |
| CN114117283A (en) * | 2021-12-01 | 2022-03-01 | 上海安超云软件有限公司 | Method for displaying cache in lossless mode based on remote desktop protocol and application |
| WO2023045442A1 (en) * | 2021-09-27 | 2023-03-30 | 中兴通讯股份有限公司 | Application group transmission method and device, storage medium, and electronic device |
| CN115883658A (en) * | 2022-12-07 | 2023-03-31 | 长安大学 | Cross-platform image information transmission method, system, equipment and readable storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130067345A1 (en) * | 2011-09-14 | 2013-03-14 | Microsoft Corporation | Automated Desktop Services Provisioning |
| CN103491188A (en) * | 2013-09-30 | 2014-01-01 | 上海沃帆信息科技有限公司 | Implementation method for enabling multiple users to share graphic workstation by using virtual desktop and GPU pass-through |
| CN104660711A (en) * | 2015-03-13 | 2015-05-27 | 华存数据信息技术有限公司 | Remote visualized application method based on virtualization of graphic processor |
| CN106020929A (en) * | 2016-05-13 | 2016-10-12 | 深圳市青葡萄科技有限公司 | System and method for supporting 3D application in virtual environment |
| CN106406977A (en) * | 2016-08-26 | 2017-02-15 | 山东乾云启创信息科技股份有限公司 | Virtualization implementation system and method of GPU (Graphics Processing Unit) |
| CN106557310A (en) * | 2015-09-30 | 2017-04-05 | 北京奇虎科技有限公司 | A kind of remote desktop management method and system |
| CN109358951A (en) * | 2018-10-29 | 2019-02-19 | 北京京航计算通讯研究所 | The straight-through display methods with virtual video card of Intelligent Support video card based on SPICE protocol |
-
2020
- 2020-07-27 CN CN202010732616.3A patent/CN111901414A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130067345A1 (en) * | 2011-09-14 | 2013-03-14 | Microsoft Corporation | Automated Desktop Services Provisioning |
| CN103491188A (en) * | 2013-09-30 | 2014-01-01 | 上海沃帆信息科技有限公司 | Implementation method for enabling multiple users to share graphic workstation by using virtual desktop and GPU pass-through |
| CN104660711A (en) * | 2015-03-13 | 2015-05-27 | 华存数据信息技术有限公司 | Remote visualized application method based on virtualization of graphic processor |
| CN106557310A (en) * | 2015-09-30 | 2017-04-05 | 北京奇虎科技有限公司 | A kind of remote desktop management method and system |
| CN106020929A (en) * | 2016-05-13 | 2016-10-12 | 深圳市青葡萄科技有限公司 | System and method for supporting 3D application in virtual environment |
| CN106406977A (en) * | 2016-08-26 | 2017-02-15 | 山东乾云启创信息科技股份有限公司 | Virtualization implementation system and method of GPU (Graphics Processing Unit) |
| CN109358951A (en) * | 2018-10-29 | 2019-02-19 | 北京京航计算通讯研究所 | The straight-through display methods with virtual video card of Intelligent Support video card based on SPICE protocol |
Non-Patent Citations (1)
| Title |
|---|
| 程礼铭: "虚拟化技术如何应对3D时代", 《通讯世界》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112416279A (en) * | 2020-11-16 | 2021-02-26 | 新华三云计算技术有限公司 | Server display method, device, equipment and storage medium |
| CN112732399A (en) * | 2021-03-31 | 2021-04-30 | 统信软件技术有限公司 | Switching method of desktop display protocol, computing device and readable storage medium |
| CN112732399B (en) * | 2021-03-31 | 2021-07-16 | 统信软件技术有限公司 | Switching method of desktop display protocol, computing device and readable storage medium |
| CN113254130A (en) * | 2021-05-13 | 2021-08-13 | 贵州海誉科技股份有限公司 | Method for adaptively adjusting resolution of cloud desktop |
| CN113254130B (en) * | 2021-05-13 | 2022-11-29 | 贵州海誉科技股份有限公司 | Method for adaptively adjusting resolution of cloud desktop |
| WO2023045442A1 (en) * | 2021-09-27 | 2023-03-30 | 中兴通讯股份有限公司 | Application group transmission method and device, storage medium, and electronic device |
| CN114115657A (en) * | 2021-11-23 | 2022-03-01 | 北京百度网讯科技有限公司 | Display mode switching method, device, equipment and medium of cloud mobile phone |
| CN114115657B (en) * | 2021-11-23 | 2024-04-02 | 北京百度网讯科技有限公司 | Display mode switching method, device, equipment and medium of cloud mobile phone |
| CN114117283A (en) * | 2021-12-01 | 2022-03-01 | 上海安超云软件有限公司 | Method for displaying cache in lossless mode based on remote desktop protocol and application |
| CN115883658A (en) * | 2022-12-07 | 2023-03-31 | 长安大学 | Cross-platform image information transmission method, system, equipment and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111901414A (en) | Realization method and realization system of secure desktop transmission protocol based on virtualization environment | |
| US9191425B2 (en) | Systems and methods for remotely presenting a multimedia stream | |
| US9055066B2 (en) | Apparatus and method for providing a game service in cloud computing environment | |
| KR102562877B1 (en) | Methods and apparatus for distribution of application computations | |
| KR101780782B1 (en) | Method and apparatus for cloud streaming service | |
| CN108881916A (en) | The video optimized processing method and processing device of remote desktop | |
| WO2021159770A1 (en) | Video playback method, device, apparatus, and storage medium | |
| JP2013514044A (en) | Decomposed multi-stream (DMS) technique for video display systems | |
| US11128739B2 (en) | Network-edge-deployed transcoding methods and systems for just-in-time transcoding of media data | |
| CN114902686A (en) | Web browser multimedia redirection | |
| CN115022179B (en) | Cloud desktop system, network redirection method, device and storage medium | |
| US20170171579A1 (en) | Method and Device for Transcoding Live Video | |
| CN117097907A (en) | Audio and video transcoding device, method, equipment, medium and product | |
| KR102199270B1 (en) | System for cloud streaming service, method of cloud streaming service based on still image and apparatus for the same | |
| US20230388526A1 (en) | Image processing method and apparatus, computer device, storage medium and program product | |
| US20150271441A1 (en) | Method and Device for Extracting Subtitles | |
| KR20160131830A (en) | System for cloud streaming service, method of cloud streaming service of providing multi-view screen based on resize and apparatus for the same | |
| KR20140117889A (en) | Client apparatus, server apparatus, multimedia redirection system and the method thereof | |
| US10231004B2 (en) | Network recording service | |
| KR20160131827A (en) | System for cloud streaming service, method of image cloud streaming service using alpha level of color bit and apparatus for the same | |
| CN106658070B (en) | Method and device for redirecting video | |
| CN114760309A (en) | Business interaction method, device, equipment and medium of terminal based on cloud service | |
| WO2016107174A1 (en) | Method and system for processing multimedia file data, player and client | |
| KR20160131829A (en) | System for cloud streaming service, method of image cloud streaming service using alpha value of image type and apparatus for the same | |
| KR102273143B1 (en) | System for cloud streaming service, method of cloud streaming service based on still image and apparatus for the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201106 |
|
| RJ01 | Rejection of invention patent application after publication |