TW201814516A - Method for connecting to virtual machine by handheld electronic device allowing a handheld electronic device to be automatically connected and authenticated - Google Patents

Method for connecting to virtual machine by handheld electronic device allowing a handheld electronic device to be automatically connected and authenticated Download PDF

Info

Publication number
TW201814516A
TW201814516A TW105132387A TW105132387A TW201814516A TW 201814516 A TW201814516 A TW 201814516A TW 105132387 A TW105132387 A TW 105132387A TW 105132387 A TW105132387 A TW 105132387A TW 201814516 A TW201814516 A TW 201814516A
Authority
TW
Taiwan
Prior art keywords
electronic device
handheld electronic
virtual machine
physical host
handheld
Prior art date
Application number
TW105132387A
Other languages
Chinese (zh)
Other versions
TWI601073B (en
Inventor
蔡德明
陳淵琮
蔡哲民
Original Assignee
崑山科技大學
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 崑山科技大學 filed Critical 崑山科技大學
Priority to TW105132387A priority Critical patent/TWI601073B/en
Application granted granted Critical
Publication of TWI601073B publication Critical patent/TWI601073B/en
Publication of TW201814516A publication Critical patent/TW201814516A/en

Links

Landscapes

  • Storage Device Security (AREA)
  • Telephone Function (AREA)

Abstract

A method for connecting to a virtual machine by a handheld electronic device allows a handheld electronic device to be automatically connected and authenticated, thereby assisting in logging in a virtual machine dedicated to a physical host. The method comprises: installing an authentication program in the handheld electronic device, the authentication program storing a handheld-end verification code; storing at least one host-end verification code in the physical host, each host-end verification code corresponding to a virtual machine; making the handheld electronic device approach to the physical host to be in a communication range, in order to allow the handheld electronic device or the physical host to start a wireless transmission protocol for connecting with each other; transmitting the handheld-end verification code by the handheld electronic device to the physical host; automatically turning on the virtual machine by the physical host when the handheld-end verification code meets any of the host-end verification code stored in the physical host.

Description

以手持電子裝置連線虛擬機之方法Method for connecting virtual machine with handheld electronic device

本發明係關於一種以手持電子裝置連線虛擬機之方法,尤指手持電子裝置可自動登入實體主機中專屬的虛擬機的方法。The present invention relates to a method for connecting a virtual machine with a handheld electronic device, and more particularly to a method for a handheld electronic device to automatically log in to a dedicated virtual machine in a physical host.

隨著半導體產業的發展,近年來電腦硬體的效能持續提昇,單一伺服器的執行效能及執行速度愈來愈快。With the development of the semiconductor industry, the performance of computer hardware has continued to increase in recent years, and the performance and speed of execution of a single server have become faster and faster.

有鑑於伺服器效能的提昇,目前市場上的伺服器皆紛紛朝向虛擬化的方向發展,所謂的伺服器虛擬化,主要係於單一實體伺服器上,規劃並執行多個虛擬機器(Virtual Machine,VM),並且藉由多個虛擬機器同時執行多項服務程序。對於管理者而言,只需要維護一台實體的伺服器,但卻能夠使用多台虛擬機器來提供不同的服務程序給使用者,藉以節省人力、空間及電力等成本。且該些虛擬機器上可分別搭載不同的作業系統(Operating System,OS),如此還可提高伺服器的相容性,以符合不同使用者的需求。In view of the improvement of server performance, the servers on the market are currently moving towards virtualization. The so-called server virtualization is mainly based on a single physical server, and multiple virtual machines (Virtual Machine, VM), and multiple service processes are executed simultaneously by multiple virtual machines. For managers, only one physical server needs to be maintained, but multiple virtual machines can be used to provide different service programs to users, thereby saving costs such as manpower, space and power. And these virtual machines can be respectively equipped with different operating systems (OS), which can also improve the compatibility of the server to meet the needs of different users.

中華民國發明專利第I534623號「在單機中實現多人操作的控制系統與方法」,係包含一橋接裝置與一主控電腦。該主控電腦包括一儲存單元、一實體控制介面、一第一網路接口與一第一處理單元。該橋接裝置具有一第二網路接口與一異質介面接口,該異質介面接口連接一第二周邊裝置。該儲存單元存儲一主作業系統與一虛擬機程序,實體控制介面電性連接於第一周邊裝置,第一網路接口連接橋接裝置的第二網路接口,第一處理單元接收第一操作命令並驅動第一周邊裝置;主控電腦生成虛擬機器並運行虛擬作業系統,虛擬作業系統的中介程序對所接收的第二操作命令轉換為網路封包並驅動第二周邊裝置。The Republic of China Invention Patent No. I534623 "Control System and Method for Multi-person Operation in a Single Machine" includes a bridge device and a main control computer. The main control computer includes a storage unit, a physical control interface, a first network interface and a first processing unit. The bridge device has a second network interface and a heterogeneous interface interface, and the heterogeneous interface interface is connected to a second peripheral device. The storage unit stores a main operating system and a virtual machine program. The physical control interface is electrically connected to the first peripheral device. The first network interface is connected to the second network interface of the bridge device. The first processing unit receives the first operation command. And driving the first peripheral device; the main control computer generates a virtual machine and runs a virtual operating system, and the intermediary program of the virtual operating system converts the received second operation command into a network packet and drives the second peripheral device.

該案具有以下缺點:The case has the following disadvantages:

1.該案需要使用者輸入個人的帳號及密碼來登入虛擬機,實屬不便。1. The case requires the user to enter a personal account and password to log in to the virtual machine, which is inconvenient.

2.若使用者的帳號及密碼被竊取者取得時,竊取者只需要輸入帳號及密碼,就能登入該使用者的虛擬機,藉以取得該使用者的檔案。2. If the user's account and password are obtained by the stealer, the stealer only needs to enter the account and password to log in to the user's virtual machine to obtain the user's file.

因該案係有以上之缺點,故中華民國發明專利第I544363號「防止虛擬機器洩漏機密之機密防護系統及機密防護方法」,防止虛擬機器洩漏機密之機密防護系統係包含安裝於本機作業系統中之一機密防護驅動程式及一機密防護常駐程式。機密防護驅動程式係用以偵測及辨識本機所啟動之應用程序是否為虛擬機器相關程序、偵測應用程序是否有檔案存取的行為及偵測虛擬機器相關程序是否欲讀取應用程序之工作目錄以外之檔案,若是,則記錄應用程序之識別序號及工作目錄並進行識別序號比對,且透過預定的通訊管道通知機密防護常駐程式進行欲讀取檔案相關之內容之分析作業並產生政策碼,若檔案分析結果屬機密文件,則機密防護驅動程式係依據機密防護常駐程式回傳的政策碼進行相關的防護措施。Because the case has the above-mentioned shortcomings, the Republic of China Invention Patent No. I544363 "Confidential Protection System and Confidential Protection Method for Preventing Virtual Machines from Leaving Confidentiality". One of the confidential protection drivers and a confidential protection resident program. The confidential protection driver is used to detect and identify whether the application launched by the machine is a virtual machine-related program, detect whether the application has file access behavior, and detect whether the virtual machine-related program wants to read the application. Files other than the working directory, if so, record the identification number of the application and the working directory and compare the identification numbers, and notify the confidential protection resident program to analyze the content related to the file and generate a policy through a predetermined communication channel Code, if the file analysis result is a confidential document, the confidential protection driver performs related protective measures according to the policy code returned by the confidential protection resident program.

該案僅能解決前案缺點中之第2點的部分特徵(取得該使用者的檔案),但仍無法解決以下之缺點:The case can only solve some of the characteristics of the second point of the previous case (obtaining the user's file), but it still cannot solve the following shortcomings:

1.需要使用者輸入帳號與密碼,藉以登入虛擬機。1. The user is required to enter an account and password to log in to the virtual machine.

2.他人取得使用者專屬的帳號及密碼後,登入虛擬機,依然可以透過具有拍照功能的手持電子裝置(如:手機)將欲盜竊的檔案拍照儲存,仍具有資料洩漏之風險。2. After another user obtains the user-specific account and password, log in to the virtual machine, and still use the handheld electronic device with a camera function (such as a mobile phone) to take pictures of the stolen files for storage. There is still a risk of data leakage.

爰此,本發明人提出一種以手持電子裝置連線虛擬機之方法,用以使一手持電子裝置自動連線並認證,藉此輔助登入一實體主機中專屬的一虛擬機,該方法係包含:使該手持電子裝置安裝一認證程式,該認證程式儲存一手持端驗證碼;在該實體主機儲存至少一主機端驗證碼,每一主機端驗證碼分別對應所屬的一虛擬機;該手持電子裝置執行該認證程式,在該手持電子裝置接近該實體主機至一通訊範圍內,使該手持電子裝置或該實體主機啟動一無線傳輸協定而彼此連線;該手持電子裝置透過該認證程式,發送該手持端驗證碼至該實體主機;當該手持端驗證碼符合實體主機所儲存的任一該主機端驗證碼時,該實體主機自動開啟該主機端驗證碼所對應的一虛擬機。Therefore, the present inventor proposes a method for connecting a virtual machine with a handheld electronic device to automatically connect and authenticate a handheld electronic device, thereby assisting in logging in to a virtual machine exclusively in a physical host. The method includes : Causing the handheld electronic device to install an authentication program, the authentication program storing a hand-held verification code; storing at least one host-side verification code in the physical host, each of the host-side verification codes corresponding to a virtual machine to which the hand-held electronic device belongs; The device executes the authentication program, and when the handheld electronic device approaches the physical host to a communication range, the handheld electronic device or the physical host initiates a wireless transmission protocol to connect with each other; the handheld electronic device sends through the authentication program The handheld verification code is to the physical host; when the handheld verification code matches any of the host-side verification codes stored in the physical host, the physical host automatically starts a virtual machine corresponding to the host-side verification code.

其中,該手持端驗證碼係為下列之一或其組合:自由輸入的一設定碼、該手持電子裝置的一實體位址(MAC)。The handheld verification code is one or a combination of the following: a setup code that is freely input, and a physical address (MAC) of the handheld electronic device.

進一步,在該手持電子裝置在該通訊範圍時,係配合執行一身分驗證程序,用以驗證登入者之身份,當驗證結果正確時,該實體主機接受該手持端驗證碼。Further, when the handheld electronic device is in the communication range, it cooperates with an identity verification procedure to verify the identity of the login user. When the verification result is correct, the physical host accepts the handheld verification code.

其中,該身分驗證程序係包含指紋辨識程序、密碼辨識程序、聲紋辨識程序、人臉辨識程序或虹膜辨識程序之一或其組合。The identity verification program includes one or a combination of a fingerprint recognition program, a password recognition program, a voiceprint recognition program, a face recognition program, or an iris recognition program.

其中,當該手持電子裝置離開該通訊範圍達一預設時間值,該實體主機自動登出該虛擬機。Wherein, when the handheld electronic device leaves the communication range for a preset time value, the physical host automatically logs out of the virtual machine.

進一步,該實體主機設置有一允許連線時間,在該允許連線時間內,該實體主機可以接收該手持端驗證碼;在該允許連線時間以外,則該實體主機不接收該手持端驗證碼。Further, the physical host is provided with an allowable connection time, and within the allowable connection time, the physical host can receive the handheld verification code; outside the allowable connection time, the physical host does not receive the handheld verification code .

進一步,該手持電子裝置安裝有一查詢程式,使該手持電子裝置透過無線傳輸協定而與複數個實體主機間彼此通訊,並由該複數個實體主機獲得當時的虛擬機登入狀況,進而在該手持電子裝置顯示尚存可供登入的虛擬機訊息。Further, the handheld electronic device is installed with an inquiry program, so that the handheld electronic device communicates with a plurality of physical hosts through a wireless transmission protocol, and the plurality of physical hosts obtain the current login status of the virtual machine, and then the handheld electronic device The device displays a message that the virtual machine is still available for login.

其中,該實體主機於登出該虛擬機時,係紀錄該虛擬機當時的資訊。Among them, when the physical host logs out of the virtual machine, it records the information of the virtual machine at that time.

其中,該無線傳輸協定係包含:藍芽通訊(Bluetooth)、紅外線通訊、近場通訊(NFC)、無線千兆聯盟(WiGig)、紫蜂(ZigBee)、燈光上網技術(Li-Fi)、無線通用序列匯流排(Wireless USB)、超寬頻(UWB)或無線網路通訊工業標準(Wi-Fi)。The wireless transmission protocol includes: Bluetooth, infrared communication, near field communication (NFC), wireless Gigabit alliance (WiGig), ZigBee, lighting Internet technology (Li-Fi), wireless Universal Serial Bus (Wireless USB), Ultra Wideband (UWB) or Wireless Industry Standard (Wi-Fi).

其中,該手持電子裝置係為智慧型手機、平板電腦、智慧型手錶或智慧手環。The handheld electronic device is a smart phone, a tablet computer, a smart watch or a smart bracelet.

根據上述技術特徵可達成以下功效:According to the above technical features, the following effects can be achieved:

1.本發明在登入操作上,使用者僅需將所使用的手持電子裝置接近該實體主機至一通訊範圍時,該實體主機係自動登入該手持電子裝置對應的虛擬機,對於使用者而言,不再需要輸入帳號及密碼,在登入操作上實屬便利。1. In the login operation of the present invention, when the user only needs to bring the handheld electronic device used close to the physical host to a communication range, the physical host automatically logs in to the virtual machine corresponding to the handheld electronic device. , No longer need to enter the account number and password, it is really convenient to log in.

2.本發明在手持電子裝置上,可進行身分驗證程序,用以驗證登入者之身份,避免他人操作非使用者本人的虛擬機,以洩漏使用者個人的資料或檔案。2. The present invention can perform an identity verification procedure on a handheld electronic device to verify the identity of the logged-in user, to prevent others from operating a non-user's own virtual machine, and to leak the user's personal data or files.

3.本發明在該手持電子裝置離開該實體主機一預設時間值後,該實體主機係會自動登出該虛擬機,避免他人操作使用者之虛擬機,且當該實體主機登出該虛擬機時,紀錄該虛擬機當時的資訊。3. In the present invention, after the handheld electronic device leaves the physical host for a preset time value, the physical host will automatically log out of the virtual machine to prevent others from operating the user's virtual machine, and when the physical host logs out of the virtual machine At the time of recording, record the information of the virtual machine at that time.

4.本發明可設定在一允許連線時間內,該實體主機可以接收該手持端驗證碼;在該允許連線時間以外,則該實體主機不接收該手持端驗證碼,具有避免他人在非該允許連線時間內,登入該虛擬機並操作該虛擬機之檔案或程式之功效。4. The present invention can be set within a permitted connection time, the physical host can receive the handheld verification code; outside the permitted connection time, the physical host does not receive the handheld verification code, which prevents others from Within the allowed connection time, log in to the virtual machine and operate the file or program function of the virtual machine.

5.該手持電子裝置的該查詢程式,使該手持電子裝置透過無線傳輸協定而與複數個實體主機間彼此通訊,並由該複數個實體主機獲得當時的虛擬機登入狀況,進而在該手持電子裝置顯示尚存可供登入的虛擬機訊息,藉以減少使用者查詢沒有被其它手持電子裝置登入使用的實體主機所花費的時間。5. The query program of the handheld electronic device enables the handheld electronic device to communicate with each other through a wireless transmission protocol with a plurality of physical hosts, and the plurality of physical hosts obtain the current login status of the virtual machine, and then the handheld electronic device The device displays a message of a virtual machine that is still available for login, thereby reducing the time taken by a user to query a physical host that is not used by another handheld electronic device for login.

綜合上述技術特徵,本發明以手持電子裝置連線虛擬機之方法的主要功效將可於下述實施例清楚呈現。Based on the above technical features, the main effects of the method for connecting a virtual machine with a handheld electronic device of the present invention will be clearly presented in the following embodiments.

請先參閱第一圖所示,係揭示使一手持電子裝置(如:智慧型手機、平板電腦、智慧型手錶或智慧手環)自動連線並認證,藉此輔助登入一實體主機中專屬的一虛擬機,首先在該手持電子裝置安裝一認證程式,例如一App,該認證程式儲存一手持端驗證碼,該手持端驗證碼可以是自行輸入的帳號密碼,或是該手持電子裝置內建連線晶片的實體位址(MAC)等,一個或多個手持電子裝置的手持端驗證碼,會被預先儲存於該實體主機、遠端或雲端,讓實體主機可以存取,並定義其為一主機端驗證碼。亦即,在該實體主機儲存至少一主機端驗證碼,且每一主機端驗證碼分別對應所屬的一虛擬機。Please refer to the first figure, which reveals that a handheld electronic device (such as a smart phone, tablet, smart watch or smart bracelet) automatically connects and authenticates, thereby assisting in logging in to a dedicated host in a physical host. For a virtual machine, first install an authentication program, such as an App, on the handheld electronic device. The authentication program stores a handheld verification code. The verification code can be an account password or a built-in handheld electronic device. The physical address (MAC) of the connected chip, etc., the handheld verification code of one or more handheld electronic devices will be stored in advance on the physical host, remote or cloud, so that the physical host can access and define it as A host-side verification code. That is, at least one host-side verification code is stored in the physical host, and each host-side verification code corresponds to a virtual machine to which it belongs.

該手持電子裝置執行該認證程式,當該手持電子裝置接近該實體主機至一通訊範圍內(可設定該通訊範圍,如:50公分之內)時,此時透過該手持電子裝置或該實體主機啟動一無線傳輸協定而彼此連線,該手持電子裝置透過上述認證程式向實體主機傳送該該手持端驗證碼,當該手持端驗證碼符合實體主機所儲存的任一該主機端驗證碼時,該實體主機自動開啟該主機端驗證碼所對應的一虛擬機。反之,若該手持電子裝置的手持端驗證碼無法對應其中一虛擬機的手持端驗證碼時,該實體主機則不登入任一虛擬機。The handheld electronic device executes the authentication program. When the handheld electronic device approaches the physical host to a communication range (the communication range can be set, such as within 50 cm), at this time through the handheld electronic device or the physical host A wireless transmission protocol is activated to connect with each other. The handheld electronic device transmits the handheld verification code to the physical host through the authentication program. When the handheld verification code matches any of the host-side verification codes stored by the physical host, The physical host automatically starts a virtual machine corresponding to the host-side verification code. Conversely, if the handheld verification code of the handheld electronic device cannot correspond to the handheld verification code of one of the virtual machines, the physical host does not log into any virtual machine.

本發明對於使用者而言,欲開啟虛擬機,不再需要輸入帳號及密碼,只需將使用者所使用的該手持電子裝置接近該實體主機,即能開啟個人專屬的該虛擬機,在登入操作上更為快捷便利。For the user, to open a virtual machine, the user no longer needs to enter an account number and password, and only needs to hold the handheld electronic device used by the user close to the physical host, and the personal machine can be opened and logged in. Operation is faster and more convenient.

上述該每一手持電子裝置的手持端驗證碼可以是自由輸入的一設定碼,例如帳號密碼,或是該手持電子裝置的一實體位址(MAC),進而產生該手持電子裝置專屬的手持端驗證碼。The above-mentioned verification code of each handheld electronic device may be a setting code that is freely input, such as an account password or a physical address (MAC) of the handheld electronic device, thereby generating a unique handheld terminal of the handheld electronic device. Verification code.

進一步說明,上述無線傳輸協定係包含:藍芽通訊(Bluetooth)、紅外線通訊、近場通訊(NFC)、無線千兆聯盟(WiGig)、紫蜂(ZigBee)、燈光上網技術(Li-Fi)、無線通用序列匯流排(Wireless USB)、超寬頻(UWB)或無線網路通訊工業標準(Wi-Fi)。To further explain, the above wireless transmission protocols include: Bluetooth, infrared communication, near field communication (NFC), wireless Gigabit Alliance (WiGig), ZigBee, lighting Internet technology (Li-Fi), Wireless universal serial bus (Wireless USB), ultra-wideband (UWB) or wireless network communication industry standard (Wi-Fi).

請參閱第二圖所示,在該手持電子裝置接近該實體主機至該通訊範圍時,該手持電子裝置可以選擇性地配合執行一身分驗證程序,用以驗證持用該手持電子裝置的使用者之身份,增加連線驗證的安全性。亦即,必須要有正確的身份,配合正確的手持端驗證碼,才能使用虛擬機。如果使用者身份不符,則即使當時的手持端驗證碼正確,也無法開啟虛擬機。此可有效防止有心人不當使用他人的手持電子裝置非法使用虛擬機。亦即,當使用者之身份正確時,該實體主機才會接受該手持端驗證碼,並開啟該手持電子裝置所屬的該虛擬機,藉以供該使用者使用所屬的虛擬機。其中,該身分驗證程序可以是:指紋辨識程序、密碼辨識程序、聲紋辨識程序、人臉辨識程序或虹膜辨識程序之一或其組合。當然,這些有關使用者的身份辨識資訊,必須先預存於實體主機之中,或存在遠端或雲端,使實體主機可以存取,供執行辨識比對之用。故本發明具有避免他人操作非使用者本人的虛擬機,洩漏使用者個人專屬的資料或檔案之功效。Please refer to the second figure. When the handheld electronic device approaches the physical host to the communication range, the handheld electronic device can optionally cooperate with an identity verification procedure to authenticate a user holding the handheld electronic device. Identity to increase the security of connection verification. That is, you must have the correct identity and the correct handheld verification code to use the virtual machine. If the user's identity does not match, the virtual machine cannot be powered on even if the handheld verification code is correct at that time. This can effectively prevent a person intent from using a virtual machine illegally by using a handheld electronic device of another person. That is, when the user's identity is correct, the physical host will accept the handheld verification code and turn on the virtual machine to which the handheld electronic device belongs, so that the user can use the virtual machine to which it belongs. The identity verification program may be one of a fingerprint recognition program, a password recognition program, a voiceprint recognition program, a face recognition program, or an iris recognition program, or a combination thereof. Of course, these user identification information must be pre-stored in the physical host, or stored remotely or in the cloud, so that the physical host can access it for identification comparison purposes. Therefore, the present invention has the effect of preventing others from operating a virtual machine other than the user and leaking personal data or files of the user.

參閱第三圖所示,本實施例係說明該實體主機(2)內已設定好多組主機端驗證碼,本實施例為五組主機端驗證碼。如圖所示,五組主機端驗證碼分別為:1C0025、100325、1B2255、123345及102011,且每組主機端驗證碼均對應一個專屬的虛擬機,虛擬機以VM1、VM2.......表示,例如VM1對應1C0025、VM2對應100325、VM3對應1B2255、VM4對應123345及VM5對應1002011,當具有1C0025手持端驗證碼的該手持電子裝置(A1),本實施例為手機,接近該實體主機(2)時,該實體主機(2)係會驗證該手持電子裝置(A1)的該手持端驗證碼(1C0025)是否有符合該主機端驗證碼其中之一,同時該手持電子裝置(A1)係選擇性地執行該身分驗證程序,本實施例係以指紋辨識程序為例,其中,該身分驗證程序與前述手持端驗證碼的驗證程序,在步驟上可以不分先後。若上述兩者驗證均為正確時,該實體主機(2)係會自動開啟該手持端驗證碼(1C0025)所屬的虛擬機VM1,供該手持電子裝置(A1)的使用者使用。Referring to the third figure, this embodiment illustrates that multiple sets of host-side verification codes have been set in the physical host (2), and this embodiment is five sets of host-side verification codes. As shown in the figure, the five sets of host-side verification codes are: 1C0025, 100325, 1B2255, 123345, and 102011, and each set of host-side verification codes corresponds to a dedicated virtual machine. The virtual machines are VM1, VM2, ... .. means, for example, VM1 corresponds to 1C0025, VM2 corresponds to 100325, VM3 corresponds to 1B2255, VM4 corresponds to 123345, and VM5 corresponds to 1002011. When the handheld electronic device (A1) has a 1C0025 handheld verification code, this embodiment is a mobile phone, which is close to the entity When the host (2), the physical host (2) verifies whether the handheld verification code (1C0025) of the handheld electronic device (A1) matches one of the host verification codes, and the handheld electronic device (A1) ) Is to selectively execute the identity verification program. This embodiment takes the fingerprint identification program as an example. The identity verification program and the aforementioned verification procedure of the hand-held verification code may be performed in no particular order. If the above two verifications are correct, the physical host (2) will automatically open the virtual machine VM1 to which the handheld verification code (1C0025) belongs, for the user of the handheld electronic device (A1) to use.

在第三圖的實施例中,該實體主機(2)只安裝有二個顯示卡,受硬體規格限制,實體主機(2)最多同時執行兩個虛擬機。如圖所示,該實體主機(2)已被兩個不同的手持電子裝置(A1)(A2)登入時,此時若有第三個手持電子裝置接近該實體主機(2),且該手持端驗證碼也符合該主機端驗證碼時,該實體主機(2)將無法再接受登入,不會再開啟其它虛擬機VM2、VM3或VM4。In the embodiment of the third figure, the physical host (2) has only two graphics cards installed. Due to the limitation of hardware specifications, the physical host (2) can execute a maximum of two virtual machines at the same time. As shown in the figure, when the physical host (2) has been logged in by two different handheld electronic devices (A1) (A2), if a third handheld electronic device approaches the physical host (2), and the handheld When the end verification code also matches the host end verification code, the physical host (2) will no longer be able to accept logins and will not start other virtual machines VM2, VM3 or VM4.

請參閱第四圖所示,本流程係說明,該實體主機進一步偵測該手持電子裝置與該實體主機彼此連線的時間是否落在系統設定的一允許連線時間內。在該手持電子裝置的身分驗證程序為正確後,且該手持電子裝置接近該實體主機至該通訊範圍,若該手持電子裝置接近該實體主機的時間落於該允許連線時間內。則在該允許連線時間內,該實體主機可以接收該手持端驗證碼;在該允許連線時間以外,則該實體主機不接收該手持端驗證碼,藉以拒絕使用者在不適當的時間登入該虛擬機。例如:設定教室的允許連線時間為早上8:00至下午17:00,若使用者(學生或老師等人)在上述允許連線時間內(早上8:00至下午17:00)將該手持電子裝置接近該實體主機,則可開啟個人專屬的虛擬機;反之,若在該允許連線時間以外,則無法開啟該虛擬機。故本發明具有防止在非該允許連線時間內,使用者或他人登入該虛擬機,並操作該虛擬機之檔案或程式之功效。Please refer to the fourth figure. This process is an explanation. The physical host further detects whether the connection time between the handheld electronic device and the physical host falls within an allowable connection time set by the system. After the identity verification procedure of the handheld electronic device is correct, and the handheld electronic device approaches the physical host to the communication range, if the time that the handheld electronic device approaches the physical host falls within the allowed connection time. During the allowed connection time, the physical host can receive the handheld verification code; outside of the allowed connection time, the physical host does not receive the handheld verification code, thereby rejecting the user to log in at an inappropriate time The virtual machine. For example: Set the allowed connection time of the classroom from 8:00 am to 17:00 pm. If the user (student or teacher, etc.) within the allowed connection time (8:00 am to 17:00 pm), If the handheld electronic device is close to the physical host, the personal virtual machine can be turned on; otherwise, if it is outside the allowed connection time, the virtual machine cannot be turned on. Therefore, the present invention has the effect of preventing users or others from logging in to the virtual machine and operating files or programs of the virtual machine during the non-allowed connection time.

請參閱第五圖所示,經過選擇性地執行身分驗證程序,該手持電子裝置透過該認證程式,發送該手持端驗證碼至該實體主機,該手持端驗證碼符合實體主機所儲存的任一該主機端驗證碼,該實體主機自動開啟該主機端驗證碼所對應的一虛擬機供使用。當該手持電子裝置中斷與該實體主機之連線超過一預設時間值時,該實體主機將自動登出該虛擬機,避免他人操作該使用者之虛擬機。且在該實體主機登出該虛擬機時,係紀錄該虛擬機當時的資訊,例如使用者已在專屬的該虛擬機安裝多個程式,在該名使用者登出專屬的該虛擬機後,該名使用者再次登入專屬的該虛擬機時,該虛擬機係會顯示前次登出時的畫面及套用相關資訊供使用。Please refer to the fifth figure. After selectively performing the identity verification procedure, the handheld electronic device sends the handheld verification code to the physical host through the authentication program, and the handheld verification code matches any of the physical host's stored For the host-side verification code, the physical host automatically starts a virtual machine corresponding to the host-side verification code for use. When the handheld electronic device interrupts the connection with the physical host for more than a preset time value, the physical host will automatically log out of the virtual machine to prevent others from operating the user's virtual machine. And when the physical host logs out of the virtual machine, the current information of the virtual machine is recorded, for example, a user has installed multiple programs in the dedicated virtual machine, and after the user logs out of the dedicated virtual machine, When the user logs in to the dedicated virtual machine again, the virtual machine will display the screen from the previous logout and apply related information for use.

請參閱第六圖所示,本實施例係說明該手持電子裝置(1)安裝有一查詢程式,該查詢查詢程式可以是獨立的App,也可以是內建於前述認證程式Appd當中的一個介面。使該手持電子裝置(1)透過無線傳輸協定而與教室中或工作環境中的複數個實體主機間彼此通訊,並由該複數個實體主機獲得當時的虛擬機登入狀況,進而在該手持電子裝置(1)顯示尚存可供登入的虛擬機訊息,藉以讓使用者快速找到可用的實體主機,以供登入虛擬機。Please refer to the sixth figure. This embodiment illustrates that the handheld electronic device (1) is installed with an inquiry program. The inquiry inquiry program may be an independent App or an interface built in the aforementioned authentication program Appd. The handheld electronic device (1) communicates with a plurality of physical hosts in a classroom or a working environment through a wireless transmission protocol, and the plurality of physical hosts obtain the current virtual machine login status at the time, and then the handheld electronic device (1) Display the information of the virtual machine that is still available for login, so that the user can quickly find an available physical host for logging in to the virtual machine.

綜合上述實施例之說明,當可充分瞭解本發明之操作、使用及本發明產生之功效,惟以上所述實施例僅係為本發明之較佳實施例,當不能以此限定本發明實施之範圍,即依本發明申請專利範圍及發明說明內容所作簡單的等效變化與修飾,皆屬本發明涵蓋之範圍內。Based on the description of the above embodiments, the operation, use and effects of the present invention can be fully understood, but the above-mentioned embodiments are only preferred embodiments of the present invention, and the implementation of the present invention cannot be limited in this way. The scope, that is, the simple equivalent changes and modifications made according to the scope of the patent application and the description of the invention, are all within the scope of the present invention.

(A1)‧‧‧手持電子裝置(A1) ‧‧‧Handheld electronic device

(A2)‧‧‧手持電子裝置(A2) ‧‧‧Handheld electronic device

(1)‧‧‧手持電子裝置(1) ‧‧‧Handheld electronic device

(2)‧‧‧實體主機(2) ‧‧‧ physical host

[第一圖]係本發明之流程示意圖一,說明手持電子裝置接近實體主機一通訊範圍內,該實體主機係自動登入該手持電子裝置專屬的虛擬機之流程。[The first figure] is the first flow chart of the present invention, which illustrates the flow of a handheld electronic device within a communication range of a physical host that automatically logs in to a virtual machine dedicated to the handheld electronic device.

[第二圖]係本發明之流程示意圖二,說明手持電子裝置可驗證使用者身分之流程。[Second figure] is the second schematic diagram of the process of the present invention, illustrating the process by which the handheld electronic device can verify the identity of the user.

[第三圖]係本發明之實施示意圖,說明兩個手持電子裝置接近該實體主機,該實體主機如何驗證該手持電子裝置上的手持端驗證碼是否與主機端驗證碼相符,已登入所屬的虛擬機。[Third figure] is a schematic diagram of the implementation of the present invention, explaining how two handheld electronic devices approach the physical host, how the physical host verifies whether the handheld verification code on the handheld electronic device matches the host verification code, and has logged in virtual machine.

[第四圖]係本發明之流程示意圖三,說明手持電子裝置是否在一允許連線時間內接近實體主機之流程。[Fourth Figure] is the third flow chart of the present invention, illustrating the flow of whether the handheld electronic device approaches the physical host within a permitted connection time.

[第五圖]係本發明之流程示意圖四,說明手持電子裝置是否離開實體主機一預設時間值,藉以保持登入或自動登出虛擬機之流程。[Fifth figure] is the fourth flowchart of the present invention, illustrating whether the handheld electronic device leaves the physical host for a preset time value, so as to maintain the login or automatically log out of the virtual machine.

[第六圖]係本發明之實施示意圖,說明使用者可透過手持電子裝置的查詢程式查詢尚存可供登入的虛擬機訊息。[Sixth figure] is a schematic diagram of the present invention, illustrating that the user can query the virtual machine information that is still available for login through the query program of the handheld electronic device.

Claims (10)

一種以手持電子裝置連線虛擬機之方法,用以使一手持電子裝置自動連線並認證,藉此輔助登入一實體主機中專屬的一虛擬機,該方法係包含: 使該手持電子裝置安裝一認證程式,該認證程式儲存一手持端驗證碼; 在該實體主機儲存至少一主機端驗證碼,每一主機端驗證碼分別對應所屬的一虛擬機; 該手持電子裝置執行該認證程式,在該手持電子裝置接近該實體主機至一通訊範圍內,使該手持電子裝置或該實體主機啟動一無線傳輸協定而彼此連線; 該手持電子裝置透過該認證程式,發送該手持端驗證碼至該實體主機; 當該手持端驗證碼符合實體主機所儲存的任一該主機端驗證碼時,該實體主機自動開啟該主機端驗證碼所對應的一虛擬機。A method for connecting a virtual machine with a handheld electronic device to automatically connect and authenticate a handheld electronic device to assist in logging in to a virtual machine exclusively in a physical host. The method includes: installing the handheld electronic device An authentication program that stores a hand-held verification code; at least one host-side verification code is stored in the physical host, and each host-side verification code corresponds to a virtual machine to which it belongs; the handheld electronic device executes the authentication program, The handheld electronic device approaches the physical host to a communication range, so that the handheld electronic device or the physical host initiates a wireless transmission protocol to connect with each other; the handheld electronic device sends the handheld end verification code to the mobile terminal through the authentication program. A physical host; when the handheld verification code matches any of the host-side verification codes stored in the physical host, the physical host automatically starts a virtual machine corresponding to the host-side verification code. 如申請專利範圍第1項所述之以手持電子裝置連線虛擬機之方法,其中,該手持端驗證碼係為下列之一或其組合:自由輸入的一設定碼、該手持電子裝置的一實體位址(MAC)。The method for connecting a virtual machine with a handheld electronic device as described in item 1 of the scope of the patent application, wherein the handheld verification code is one or a combination of the following: a setting code for free input, a Physical address (MAC). 如申請專利範圍第1項所述之以手持電子裝置連線虛擬機之方法,進一步,在該手持電子裝置在該通訊範圍時,係配合執行一身分驗證程序,用以驗證登入者之身份,當驗證結果正確時,該實體主機接受該手持端驗證碼。According to the method for connecting a virtual machine with a handheld electronic device as described in item 1 of the scope of the patent application, further, when the handheld electronic device is in the communication range, it cooperates with an identity verification procedure to verify the identity of the login user. When the verification result is correct, the entity host accepts the handheld verification code. 如申請專利範圍第3項所述之以手持電子裝置連線虛擬機之方法,其中,該身分驗證程序係包含指紋辨識程序、密碼辨識程序、聲紋辨識程序、人臉辨識程序或虹膜辨識程序之一或其組合。The method for connecting a virtual machine with a handheld electronic device as described in item 3 of the scope of patent application, wherein the identity verification program includes a fingerprint recognition program, a password recognition program, a voiceprint recognition program, a face recognition program, or an iris recognition program One or a combination. 如申請專利範圍第1項所述之手持電子裝置連線虛擬機之方法,其中,當該手持電子裝置離開該通訊範圍達一預設時間值,該實體主機自動登出該虛擬機。The method for connecting a handheld electronic device to a virtual machine as described in item 1 of the scope of patent application, wherein when the handheld electronic device leaves the communication range for a preset time value, the physical host automatically logs out of the virtual machine. 如申請專利範圍第1項所述之以手持電子裝置連線虛擬機之方法,進一步,該實體主機設置有一允許連線時間,在該允許連線時間內,該實體主機可以接收該手持端驗證碼;在該允許連線時間以外,則該實體主機不接收該手持端驗證碼。According to the method for connecting a virtual machine with a handheld electronic device described in item 1 of the scope of the patent application, further, the physical host is provided with an allowable connection time, and within the allowable connection time, the physical host can receive the handheld end verification Code; outside the allowed connection time, the physical host does not receive the handheld end verification code. 如申請專利範圍第1項所述之以手持電子裝置連線虛擬機之方法,進一步,該手持電子裝置安裝有一查詢程式,使該手持電子裝置透過無線傳輸協定而與複數個實體主機間彼此通訊,並由該複數個實體主機獲得當時的虛擬機登入狀況,進而在該手持電子裝置顯示尚存可供登入的虛擬機訊息。According to the method for connecting a virtual machine with a handheld electronic device as described in item 1 of the scope of patent application, further, the handheld electronic device is installed with a query program to enable the handheld electronic device to communicate with a plurality of physical hosts through a wireless transmission protocol. , And the virtual host login status is obtained by the plurality of physical hosts, and then the handheld electronic device displays a message that the virtual machine is still available for login. 如申請專利範圍第1項所述之以手持電子裝置連線虛擬機之方法,其中,該實體主機於登出該虛擬機時,係紀錄該虛擬機當時的資訊。The method for connecting a virtual machine with a handheld electronic device as described in item 1 of the scope of the patent application, wherein when the physical host logs out of the virtual machine, the current information of the virtual machine is recorded. 如申請專利範圍第1項所述之以手持電子裝置連線虛擬機之方法,其中,該無線傳輸協定係包含:藍芽通訊(Bluetooth)、紅外線通訊、近場通訊(NFC)、無線千兆聯盟(WiGig)、紫蜂(ZigBee)、燈光上網技術(Li-Fi)、無線通用序列匯流排(Wireless USB)、超寬頻(UWB)或無線網路通訊工業標準(Wi-Fi)。The method for connecting a virtual machine with a handheld electronic device as described in item 1 of the scope of the patent application, wherein the wireless transmission protocol includes: Bluetooth communication, infrared communication, near field communication (NFC), and wireless gigabit Alliance (WiGig), ZigBee, lighting Internet technology (Li-Fi), wireless universal serial bus (Wireless USB), ultra-wideband (UWB) or wireless network communication industry standard (Wi-Fi). 如申請專利範圍第1項所述之以手持電子裝置連線虛擬機之方法,該手持電子裝置係為智慧型手機、平板電腦、智慧型手錶或智慧手環。According to the method for connecting a virtual machine with a handheld electronic device as described in item 1 of the scope of patent application, the handheld electronic device is a smart phone, a tablet computer, a smart watch, or a smart bracelet.
TW105132387A 2016-10-06 2016-10-06 Ways to connect virtual machines with handheld electronic devices TWI601073B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW105132387A TWI601073B (en) 2016-10-06 2016-10-06 Ways to connect virtual machines with handheld electronic devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW105132387A TWI601073B (en) 2016-10-06 2016-10-06 Ways to connect virtual machines with handheld electronic devices

Publications (2)

Publication Number Publication Date
TWI601073B TWI601073B (en) 2017-10-01
TW201814516A true TW201814516A (en) 2018-04-16

Family

ID=61010875

Family Applications (1)

Application Number Title Priority Date Filing Date
TW105132387A TWI601073B (en) 2016-10-06 2016-10-06 Ways to connect virtual machines with handheld electronic devices

Country Status (1)

Country Link
TW (1) TWI601073B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI673980B (en) * 2018-03-08 2019-10-01 捷而思股份有限公司 Device connection management system and management method thereof

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6539479B1 (en) * 1997-07-15 2003-03-25 The Board Of Trustees Of The Leland Stanford Junior University System and method for securely logging onto a remotely located computer
US6947404B1 (en) * 2000-11-06 2005-09-20 Nokia Corporation Automatic WAP login
US7599915B2 (en) * 2005-01-24 2009-10-06 At&T Intellectual Property I, L.P. Portal linking tool
TWI309526B (en) * 2005-06-06 2009-05-01 Kinpo Elect Inc Method to login remote server
TW200810816A (en) * 2006-08-16 2008-03-01 Ching-Fang Wang Identification device for starting on-line game
TWI366376B (en) * 2008-06-11 2012-06-11 Chunghwa Telecom Co Ltd System and method identity verification applicable to exclusive simulation network
TW201335787A (en) * 2012-02-23 2013-09-01 Hon Hai Prec Ind Co Ltd System and method for operating virtual machines safely

Also Published As

Publication number Publication date
TWI601073B (en) 2017-10-01

Similar Documents

Publication Publication Date Title
US9015848B2 (en) Method for virtualizing a personal working environment and device for the same
US10361857B2 (en) Electronic stamp system for security intensification, control method thereof, and non-transitory computer readable storage medium having computer program recorded thereon
TWI671641B (en) Data storage system with removable device and method of operation thereof
US20060068760A1 (en) System and method for pairing dual mode wired/wireless devices
TWI686723B (en) Smart Security Storage
KR101736397B1 (en) User authorization and presence detection in isolation from interference from and control by host central processing unit and operating system
EP3155547B1 (en) Systems and methods for providing authentication using a managed input/output port
KR101654778B1 (en) Hardware-enforced access protection
US9813904B2 (en) System and method of secure logon for shared devices
US20170076081A1 (en) Method and apparatus for securing user operation of and access to a computer system
TW201411366A (en) Wireless pairing and communication between devices using biometric data
TW202020706A (en) Multi-functional authentication apparatus and operating method for the same
US20180114007A1 (en) Secure element (se), a method of operating the se, and an electronic device including the se
CA2940633A1 (en) Universal authenticator across web and mobile
TW201717093A (en) Network access method and apparatus
TW201802635A (en) Wearable device, unlocking control system and method
CN111158857B (en) Data encryption method, device, equipment and storage medium
CN108369617B (en) Authenticating a user via data stored on a stylus device
KR100991191B1 (en) Computer security module and computer apparatus using the same
KR102348078B1 (en) User terminal device, electronic device, system comprising the same and control method thereof
TWI601073B (en) Ways to connect virtual machines with handheld electronic devices
WO2020073916A1 (en) Encryption method and apparatus for storage device, and storage medium
CN115442083B (en) Device access method, data exchange method, device and storage medium
KR101075792B1 (en) Usb hardware security module, system for security certifincluding usb hardware security module and method thereof
TW202203056A (en) Method for authentication data transmission and system thereof