CN104134038B - A kind of secure and trusted running protection method based on virtual platform - Google Patents
A kind of secure and trusted running protection method based on virtual platform Download PDFInfo
- Publication number
- CN104134038B CN104134038B CN201410371685.0A CN201410371685A CN104134038B CN 104134038 B CN104134038 B CN 104134038B CN 201410371685 A CN201410371685 A CN 201410371685A CN 104134038 B CN104134038 B CN 104134038B
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- platform
- monitor
- guest
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 20
- 230000004224 protection Effects 0.000 title claims abstract description 10
- 238000004458 analytical method Methods 0.000 claims abstract description 29
- 238000005259 measurement Methods 0.000 claims abstract description 19
- 230000009471 action Effects 0.000 claims abstract description 15
- 108010028984 3-isopropylmalate dehydratase Proteins 0.000 claims abstract description 14
- 239000000203 mixture Substances 0.000 claims abstract description 7
- 230000003068 static effect Effects 0.000 claims abstract description 7
- 238000010200 validation analysis Methods 0.000 claims abstract description 7
- 238000002955 isolation Methods 0.000 claims description 25
- 238000012544 monitoring process Methods 0.000 claims description 12
- 230000008569 process Effects 0.000 claims description 9
- 238000013461 design Methods 0.000 claims description 6
- 238000011156 evaluation Methods 0.000 claims description 6
- 239000000284 extract Substances 0.000 claims description 5
- 238000005457 optimization Methods 0.000 claims description 5
- 230000000694 effects Effects 0.000 claims description 3
- 238000007689 inspection Methods 0.000 claims description 3
- 238000012360 testing method Methods 0.000 claims description 3
- 230000002547 anomalous effect Effects 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 abstract description 9
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 239000011800 void material Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The present invention provides a kind of secure and trusted running protection method based on virtual platform, the safety problem existed around virtual platform, by the monitor of virtual machine static analysis of LLVM, the completeness of platform remote validation of TPM and IPMI, management domain virtual machine integrity measurement, user virtual machine integrity measurement and data stream consistency analysis module based on software action composition realize the secure and trusted of virtual platform and run guarantee model, it is widely applied in conjunction with current cloud computing virtual technology, bring the present situation of the relevant security challenge of virtual technology simultaneously, the most ripe in conjunction with trust computing technology of safeguards system and hardware security in information security.It is through herein in virtual platform introducing reliable computing technology, runs the protected modes such as integrity in conjunction with dynamic measurement, management domain, monitor of virtual machine, client territory, build a safe and reliable virtual platform.Trust chain transitive trust is as a kind of model of trust computing, it is possible to the absolute confidence of lower chain on virtual platform is accepted in protection, runs with the secure and trusted that this ensures virtual platform.
Description
Technical field
The present invention relates to field of computer technology, a kind of secure and trusted based on virtual platform runs to be protected
Maintaining method.
Background technology
The present invention proposes secure and trusted based on virtual platform and runs guarantee model, in conjunction with current cloud computing virtual technology
It is widely applied, brings the present situation of the relevant security challenge of virtual technology simultaneously, protect in information security in conjunction with trust computing
The technology of barrier system and hardware security is the most ripe.It is through in virtual platform introducing reliable computing technology, knot herein
Close the protected modes such as dynamic measurement, management domain, monitor of virtual machine, client territory operation integrity, build a secure and trusted
Virtual platform.Trust chain transitive trust is as a kind of model of trust computing, it is possible to lower chain on virtual platform is accepted in protection
Absolute confidence, with this ensure virtual platform secure and trusted run.
Summary of the invention
It is an object of the invention to provide a kind of secure and trusted running protection method based on virtual platform.
It is an object of the invention to realize in the following manner, the safety problem existed around virtual platform, by LLVM's
Monitor of virtual machine static analysis module, the completeness of platform remote validation module of TPM and IPMI, management domain virtual machine integrity
Metric module, user virtual machine integrity measurement module and data stream consistency analysis module based on software action composition realize
The secure and trusted of virtual platform runs and ensures, each module characteristic is as follows:
Monitor of virtual machine static analysis module based on LLVM, according to LLVM provide compiling optimization, link optimized,
Line compiling optimizes, monitor of virtual machine is recompiled by code building function, analyses in depth its logic invariance controlling stream,
Tolerance controls the integrity of stream on this basis;
Completeness of platform remote validation module based on TPM and IPMI, the autonomous characteristic that IPMI is good, it is not rely on
The processor of server, BIOS or operating system are operated, and therefore, the trust computing Service Design provided in conjunction with TPM is a kind of
Use the minimum credible base TCB of method construct of hardware, then acted on behalf of by tolerance mutual with IPMI and TPM respectively, finally make
The tolerance to monitor of virtual machine is achieved by hiding isolation model;
Management domain virtual machine integrity measurement module, this module is positioned at inside monitor of virtual machine, and major function is to pipe
The key data structure in reason territory splits, the establishment of Main Analysis territory, IDD, three Partial key data knots of emulator model
The code segment of structure, subsystem call table and IDT, design philosophy be capture systems call, interrupt, anomalous event, when these events
During generation, the last state of system is implemented dynamic measurement;
User virtual machine integrity measurement module, this module realizes two functions: one is transparent to operating system of user
The type of Guest OS carries out real time monitoring function;Two is the page base ground of the depositor to Guest OS, heap, stack, current process
The variable parameter of location event, the instruction pointer running process and stack pointer are monitored, for first function, by with IDT
Associated hardware status information, registers including IDTR, MSR-sysenter-cs, MSR-sysenter-eip and software data knot
Structure information includes that subsystem call table, process chained list use iterative algorithm to combine white list and realize, and second functional realiey mode is
One illegal address is set, causes shielding failure to be absorbed in monitor of virtual machine, then measured again by monitor of virtual machine, need
It should be noted that debugging depositor should be used to preserve this illegal address, in order to can arrange after monitor of virtual machine inspection
The correct return address of Context;
Data stream consistency analysis module based on software action, this module is by analysis agent, administration agent, monitoring agent
Three part compositions, monitor of virtual machine, management domain, the software action track in client territory are evaluated and tested by analysis agent, extract
Go out expected behavior feature, form expected behavior feature database;Monitoring agent is to monitor of virtual machine, management domain, the software in client territory
Behavior running example monitors in real time, then extracts agenda feature;Administration agent according to analysis agent provide pre-
The agenda feature that phase behavior characteristics provides with monitoring agent, uses software action to analyze automat and carries out a dynamic credible
Evaluation and test is analyzed, and finally obtains the credible evaluation result of the software in monitor of virtual machine, management domain, client territory;
Guest virtual machine Network Isolation module, the Network Isolation to guest virtual machine is the place at this guest virtual machine place
Realize on main frame, owing to being to detect in real time at guest virtual machine completeness of platform the Network Isolation of insincere guest virtual machine
On the basis of complete, so the effect that realizes of the Network Isolation of insincere guest virtual machine is showed themselves in that when detect that client is empty
After the completeness of platform of plan machine is destroyed, isolate this virtual machine immediately rather than as the Network Isolation to host,
The completeness of platform of host is verified after being in trusted status and just allows host access network;
The guest virtual machine that locating platform integrity is destroyed can not depend on IP address and the MAC of guest virtual machine
Address has been gone, if assailant obtains the root authority of this guest virtual machine or this guest virtual machine is a malice
Guest virtual machine, then the IP address of this guest virtual machine and MAC Address are likely to be modified, if still utilizing Ethernet
Bridge fire wall removes the guest virtual machine that isolation platform integrity is destroyed, then this isolation model is to be very easily by-passed,
So, other effective informations can only be selected to carry out location client virtual machine, and this information must be the owner of guest virtual machine
Can not revise.
The purpose of the present invention provides the benefit that: the present invention proposes secure and trusted based on virtual platform and runs guarantee mould
Type, is widely applied in conjunction with current cloud computing virtual technology, brings the present situation of the relevant security challenge of virtual technology, knot simultaneously
Close trust computing technology of safeguards system and hardware security in information security the most ripe.It is through in virtualization flat herein
Platform introduces reliable computing technology, runs the protections such as integrity in conjunction with dynamic measurement, management domain, monitor of virtual machine, client territory
Mode, builds a safe and reliable virtual platform.Trust chain transitive trust is as a kind of model of trust computing, it is possible to protect
Protect and accept the absolute confidence of lower chain on virtual platform, run with the secure and trusted that this ensures virtual platform.
Accompanying drawing explanation
Completeness guarantee's model framework figure when Fig. 1 is virtual platform operation.
Detailed description of the invention
Below the Figure of description a kind of based on virtual platform the secure and trusted running protection method work to the present invention
Explain.
Embodiment
Secure and trusted based on virtual platform runs the credibility ensureing that model mainly comprises when virtual Domain is run, and i.e. manages
Territory run time integrity, monitor of virtual machine (hypervisor) operation time integrity, client territory run time integrity.
See that accompanying drawing 1 gives completeness guarantee's model framework when virtual platform runs.Described integrity refers mainly to management domain, virtual machine
When watch-dog, client territory are run, its main data structure, system are called etc. and will not be distorted or the person of being hacked by rogue program
Acquisition highest weight limits.The most important principle of the integrity of guarantee three is to management domain when running, monitor of virtual machine, visitor
Territory, family carries out real-time integrity verification.Described real-time refers to that certain key point performing program in virtual environment implements inspection
Survey scheme.
By the monitor of virtual machine static analysis of LLVM, the completeness of platform remote validation of TPM and IPMI, management domain void
Plan machine integrity measurement, user virtual machine integrity measurement and data stream consistency analysis module based on software action composition are real
The secure and trusted of existing virtual platform runs and ensures, each module characteristic is as follows:
Monitor of virtual machine static analysis module based on LLVM, according to LLVM provide compiling optimization, link optimized,
Monitor of virtual machine (hypervisor) is recompiled by the functions such as line compiling optimization, code building, analyses in depth it and controls
The logic invariance of stream, tolerance controls the integrity of stream on this basis.
Completeness of platform remote validation module based on TPM and IPMI, the autonomous characteristic that IPMI is good, it is not rely on
The processor of server, BIOS or operating system are operated.Therefore, the trust computing Service Design provided in conjunction with TPM goes out one
The method planting tolerance hypervisor.Its implementation is to use the minimum credible base (TCB) of method construct of hardware, then passes through
Tolerance agency is mutual with IPMI and TPM respectively, and the isolation model that final utilization is hidden achieves the tolerance to hypervisor.
Management domain virtual machine integrity measurement module, this module is positioned at inside hypervisor, and major function is to management
The key data structure in territory splits, the establishment of Main Analysis territory, IDD, three Partial key data structures of emulator model
Code segment, subsystem call table and IDT.Design philosophy be capture systems call, interrupt, the event such as abnormal, when these events
During generation, the last state of system is implemented dynamic measurement.
User virtual machine integrity measurement module, this module realizes two functions: one is transparent to operating system of user
The type of (Guest OS) carries out real time monitoring function;Two is the depositor to Guest OS, heap, stack, the page base of current process
Address, the variable parameter of event, the instruction pointer running process and stack pointer are monitored.For first function, by with
IDT associated hardware status information (mainly IDTR register, MSR-sysenter-cs, MSR-sysenter-eip) and
Software data structure information (mainly subsystem call table, process chained list) uses iterative algorithm to combine white list and realizes.Second
Functional realiey mode is to arrange an illegal address, causes protection fault to be absorbed in Hypervisor, then by
Hypervisor measures again.It should be noted that and debugging depositor should be used to preserve this illegal address, in order to
Hypervisor can arrange the correct return address of Context after checking.
Data stream consistency analysis module based on software action, this module is by analysis agent, administration agent, monitoring agent
Three part compositions.Hypervisor, management domain, the software action track in client territory are evaluated and tested by analysis agent, extract
Expected behavior feature, forms expected behavior feature database;Monitoring agent is to hypervisor, management domain, the software action in client territory
Running example monitors in real time, then extracts agenda feature;The expection row that administration agent provides according to analysis agent
The agenda feature provided with monitoring agent is provided, uses software action to analyze automat and carry out a dynamic credible evaluation and test
Analyze, finally obtain the credible evaluation result of the software in hypervisor, management domain, client territory.
Client (user) virtual machine network isolation module, the Network Isolation to guest virtual machine is in this guest virtual machine institute
Host on realize.Owing to being real at guest virtual machine completeness of platform to the Network Isolation of insincere guest virtual machine
Time detection on the basis of complete, so the effect that realizes of the Network Isolation of insincere guest virtual machine is showed themselves in that when detect
After the completeness of platform of guest virtual machine is destroyed, isolate this virtual machine immediately rather than as the Network Isolation to host
Equally, the completeness of platform at host just allows host access network after being verified and being in trusted status.
The guest virtual machine that locating platform integrity is destroyed can not depend on IP address and the MAC of guest virtual machine
Address has been gone.If assailant obtains the root authority of this guest virtual machine or this guest virtual machine is a malice
Guest virtual machine, then the IP address of this guest virtual machine and MAC Address all can be modified.If still utilized
Ebtables removes the guest virtual machine that isolation platform integrity is destroyed, then this isolation model is to be very easily by-passed
's.So, other effective informations can only be selected to carry out location client virtual machine, and this information must be having of guest virtual machine
Person can not revise.
In addition to the technical characteristic described in description, it is the known technology of those skilled in the art.
Claims (1)
1. a secure and trusted running protection method based on virtual platform, it is characterised in that the peace existed around virtual platform
Full problem, by monitor of virtual machine static analysis module, management system TPM and the IPMI of compiler LLVM
The completeness of platform remote validation module of IPMI, management domain virtual machine integrity measurement module, user virtual machine integrity measurement
Module, data stream consistency analysis module based on software action and guest virtual machine Network Isolation module, composition realizes virtual
The secure and trusted of platform runs and ensures, each module characteristic is as follows:
Monitor of virtual machine static analysis module based on LLVM, according to LLVM provide compiling optimization, link optimized, compile online
Translate optimization, monitor of virtual machine is recompiled by code building function, analyses in depth its logic invariance controlling stream, at this
On the basis of tolerance control stream integrity;
Completeness of platform remote validation module based on TPM and IPMI, the autonomous characteristic that IPMI is good, it is not rely on service
The processor of device, BIOS or operating system are operated, and therefore, the trust computing Service Design one provided in conjunction with TPM uses
The minimum credible base TCB of the method construct of hardware, then acts on behalf of mutual with IPMI and TPM respectively by tolerance, and final utilization is hidden
The isolation model hidden achieves the tolerance to monitor of virtual machine;
Management domain virtual machine integrity measurement module, this module is positioned at inside monitor of virtual machine, and major function is to management domain
Key data structure split, the establishment of Main Analysis territory, equipment on-line function diagnostic equipment IDD, emulator model three
Code segment, subsystem call table and interrupt-descriptor table IDT of individual Partial key data structure, design philosophy is that capture systems is adjusted
With, interrupt, anomalous event, when these events occur, to the last state of system enforcement dynamic measurement;
User virtual machine integrity measurement module, this module realizes two functions: one is transparent to operating system of user Guest
The type of OS carries out real time monitoring function;Two is the depositor to operating system of user Guest OS, heap, stack, current process
Page base address, the variable parameter of event event, the instruction pointer running process and stack pointer are monitored, for first merit
Can, by with IDT associated hardware status information, including depositor IDTR register, segment address register command M SR-
Sysenter-cs, instruction pointer register command M SR-sysenter-eip and software data structure information include that system is called
Table, process chained list use iterative algorithm to combine white list and realize, and second functional realiey mode is to arrange an illegal address, leads
Cause shielding failure and be absorbed in monitor of virtual machine, then measured again by monitor of virtual machine, it should be noted that tune should be used
Examination depositor preserves this illegal address, in order to can arrange correctly returning of facility environment Context after monitor of virtual machine inspection
Go back to address;
Data stream consistency analysis module based on software action, this module is by analysis agent, administration agent, monitoring agent three
Part composition, monitor of virtual machine, management domain, the software action track in client territory are evaluated and tested, are extracted pre-by analysis agent
Phase behavior characteristics, forms expected behavior feature database;Monitoring agent is to monitor of virtual machine, management domain, the software action in client territory
Running example monitors in real time, then extracts agenda feature;The expection row that administration agent provides according to analysis agent
The agenda feature provided with monitoring agent is provided, uses software action to analyze automat and carry out a dynamic credible evaluation and test
Analyze, finally obtain the credible evaluation result of the software in monitor of virtual machine, management domain, client territory;
Guest virtual machine Network Isolation module, the Network Isolation to guest virtual machine is the host at this guest virtual machine place
Upper realization, owing to being to detect basis in real time at guest virtual machine completeness of platform to the Network Isolation of insincere guest virtual machine
On complete, so the effect that realizes of the Network Isolation of insincere guest virtual machine is showed themselves in that when guest virtual machine be detected
Completeness of platform destroyed after, isolate this virtual machine immediately rather than as the Network Isolation to host, host
The completeness of platform of machine is verified after being in trusted status and just allows host access network;
The guest virtual machine that locating platform integrity is destroyed can not depend on IP address and the MAC Address of guest virtual machine
Go, if assailant obtains the root authority of this guest virtual machine or this guest virtual machine is the client of a malice
Virtual machine, then IP address and the observing and controlling MAC Address of this guest virtual machine are likely to be modified, if still utilizing Ethernet
Bridge fire wall removes the guest virtual machine that isolation platform integrity is destroyed, then this isolation model is to be very easily by-passed,
So, other effective informations can only be selected to carry out location client virtual machine, and this information must be the owner of guest virtual machine
Can not revise.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410371685.0A CN104134038B (en) | 2014-07-31 | 2014-07-31 | A kind of secure and trusted running protection method based on virtual platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410371685.0A CN104134038B (en) | 2014-07-31 | 2014-07-31 | A kind of secure and trusted running protection method based on virtual platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104134038A CN104134038A (en) | 2014-11-05 |
| CN104134038B true CN104134038B (en) | 2016-11-23 |
Family
ID=51806713
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410371685.0A Active CN104134038B (en) | 2014-07-31 | 2014-07-31 | A kind of secure and trusted running protection method based on virtual platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104134038B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106970823A (en) * | 2017-02-24 | 2017-07-21 | 上海交通大学 | Efficient secure virtual machine guard method and system based on nested virtualization |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105095768B (en) * | 2015-08-20 | 2018-03-02 | 浪潮电子信息产业股份有限公司 | Virtualization-based trusted server trust chain construction method |
| CN105376237A (en) * | 2015-11-24 | 2016-03-02 | 华为技术有限公司 | Information control method, device and system |
| EP3179690A1 (en) * | 2015-12-11 | 2017-06-14 | Gemalto Sa | Mobile device having trusted execution environment |
| CN106789076B (en) * | 2016-12-28 | 2020-01-14 | Tcl集团股份有限公司 | Interaction method and device for server and intelligent equipment |
| US10896253B2 (en) * | 2017-02-06 | 2021-01-19 | Huawei Technologies Co., Ltd. | Processor trace-based enforcement of control flow integrity of a computer system |
| CN106909509B (en) * | 2017-03-01 | 2019-06-25 | 四川大学 | A kind of virtual machine process code without acting on behalf of paging type gauging system and method |
| CN107147649A (en) * | 2017-05-11 | 2017-09-08 | 成都四象联创科技有限公司 | Data-optimized dispatching method based on cloud storage |
| CN107493271A (en) * | 2017-07-28 | 2017-12-19 | 大唐高鸿信安(浙江)信息科技有限公司 | Credible and secure network system |
| CN107633089A (en) * | 2017-09-29 | 2018-01-26 | 郑州云海信息技术有限公司 | A kind of newest credible dynamic acquisition methods based on credible management platform |
| CN109670312A (en) * | 2017-10-13 | 2019-04-23 | 华为技术有限公司 | Method of controlling security and computer system |
| CN108132828B (en) * | 2017-12-25 | 2021-06-29 | 浪潮(北京)电子信息产业有限公司 | Libvirt-based virtual mechanism building method, device and equipment |
| CN113824683A (en) * | 2021-08-13 | 2021-12-21 | 中国光大银行股份有限公司 | Trusted domain establishing method and device and data system |
| CN115964117A (en) * | 2021-10-12 | 2023-04-14 | 中兴通讯股份有限公司 | Credibility measuring method and device, computer equipment and readable medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101246537A (en) * | 2008-03-28 | 2008-08-20 | 兰雨晴 | Method for implementing reliable computation based on reliable multi-task operating system |
| CN101866408A (en) * | 2010-06-30 | 2010-10-20 | 华中科技大学 | Transparent trust chain constructing system based on virtual machine architecture |
| CN103368973A (en) * | 2013-07-25 | 2013-10-23 | 浪潮(北京)电子信息产业有限公司 | Safety system for cloud operating system |
-
2014
- 2014-07-31 CN CN201410371685.0A patent/CN104134038B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101246537A (en) * | 2008-03-28 | 2008-08-20 | 兰雨晴 | Method for implementing reliable computation based on reliable multi-task operating system |
| CN101866408A (en) * | 2010-06-30 | 2010-10-20 | 华中科技大学 | Transparent trust chain constructing system based on virtual machine architecture |
| CN103368973A (en) * | 2013-07-25 | 2013-10-23 | 浪潮(北京)电子信息产业有限公司 | Safety system for cloud operating system |
Non-Patent Citations (2)
| Title |
|---|
| Requirements for an integrity-protected hypervisor on the x86 hardware virtualized architecture[C]//International Conference on Trust and Trustworthy Computing;Vasudevan A等;《Springer Berlin Heidelberg》;20101231;全文 * |
| 虚拟机***安全综述;秦中元等;《计算机应用研究》;20120531;全文 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106970823A (en) * | 2017-02-24 | 2017-07-21 | 上海交通大学 | Efficient secure virtual machine guard method and system based on nested virtualization |
| CN106970823B (en) * | 2017-02-24 | 2021-02-12 | 上海交通大学 | Efficient nested virtualization-based virtual machine security protection method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104134038A (en) | 2014-11-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104134038B (en) | A kind of secure and trusted running protection method based on virtual platform | |
| Wolf et al. | Safety and security in cyber-physical systems and internet-of-things systems | |
| CN103577748B (en) | Dynamic measuring method based on dependable computing and management system | |
| Wang et al. | Numchecker: Detecting kernel control-flow modifying rootkits by using hardware performance counters | |
| Collberg et al. | Distributed application tamper detection via continuous software updates | |
| Wang et al. | Malicious firmware detection with hardware performance counters | |
| Ho et al. | PREC: practical root exploit containment for android devices | |
| JP2008547070A (en) | Method and system for repairing applications | |
| Cheng et al. | Checking is believing: Event-aware program anomaly detection in cyber-physical systems | |
| Kannavara et al. | Challenges and opportunities with concolic testing | |
| CN109074448A (en) | The detection of the deviation of the safe condition and load rated safety state of computing device | |
| CN105205391B (en) | A kind of clean room method for real-time monitoring based on integrity verification | |
| Tan et al. | Detecting kernel refcount bugs with {Two-Dimensional} consistency checking | |
| Konstantinou et al. | Hpc-based malware detectors actually work: Transition to practice after a decade of research | |
| Song | Analysis of risks for virtualization technology | |
| Ismail et al. | Design and implementation of an efficient framework for behaviour attestation using n-call slides | |
| Estrada et al. | Dynamic vm dependability monitoring using hypervisor probes | |
| Papazis et al. | Detecting indicators of deception in emulated monitoring systems | |
| Yu et al. | Using hardware performance counters to detect control hijacking attacks | |
| Nath et al. | ArtiFact: Architecture and CAD flow for efficient formal verification of SoC security policies | |
| Reeves et al. | Lightweight intrusion detection for resource-constrained embedded control systems | |
| Zhu et al. | Jintide: Utilizing low-cost reconfigurable external monitors to substantially enhance hardware security of large-scale CPU clusters | |
| Thevenon et al. | iMRC: Integrated Monitoring & Recovery Component, a Solution to Guarantee the Security of Embedded Systems. | |
| Shropshire | Securing cloud infrastructure: unobtrusive techniques for detecting hypervisor compromise | |
| KR102183649B1 (en) | Apparatus for verifying kernel integrity and method therefor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180816 Address after: 250101 S06 tower, 1036, Chao Lu Road, hi tech Zone, Ji'nan, Shandong. Patentee after: SHANDONG LANGCHAO YUNTOU INFORMATION TECHNOLOGY Co.,Ltd. Address before: No. 1036, Shun Ya Road, Ji'nan high tech Zone, Shandong Province Patentee before: INSPUR ELECTRONIC INFORMATION INDUSTRY Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| CP03 | Change of name, title or address |
Address after: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park Patentee after: Inspur cloud Information Technology Co.,Ltd. Address before: 250101 S06 tower, 1036, Chao Lu Road, hi tech Zone, Ji'nan, Shandong. Patentee before: SHANDONG LANGCHAO YUNTOU INFORMATION TECHNOLOGY Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20221013 Address after: No. 5-398, Yunhan Avenue, Shuitu Hi tech Industrial Park, Beibei District, Chongqing 400722 Patentee after: Chongqing Inspur Government Cloud Management and Operation Co.,Ltd. Address before: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park Patentee before: Inspur cloud Information Technology Co.,Ltd. |
|
| TR01 | Transfer of patent right |