期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

桌面虚拟化安全访问控制架构的设计与实现 被引量:5

Design and implementation of secure access control architecture of desktop virtualization
下载PDF
导出
摘要 为解决桌面虚拟化环境中虚拟桌面共享数据中心服务器并将用户数据集中存储带来的安全隐患,对原有虚拟桌面结构进行改进,并结合虚拟安全域、hypervisor安全增强技术和安全标签技术,实现了全新的桌面虚拟化安全访问控制架构。将用户虚拟桌面中不同安全等级的应用程序运行在不同的虚拟机中,将虚拟桌面中不同安全等级的虚拟机和用户数据划分到不同的虚拟安全域并下发相应的安全策略,实现了虚拟桌面的通信隔离和对存储资源的访问控制。 To mitigate the security threats of current virtual desktops, a new secure architecture of desktop virtualization is proposed. Applications of different users and classifications are run in different virtual machines, and resources are stored separately. Virtual secure domains, hypervisor security enhanced technology and security label are used in the architecture. Security policies are deployed to keep the security of virtual desktops. Finally, a prototype based on Xen is demonstrated.
作者 武越 刘向东 段翼真
机构地区 中国航天科工集团第二研究院
出处 《计算机工程与设计》 CSCD 北大核心 2014年第5期1572-1577,共6页 Computer Engineering and Design
基金 国防基础科研基金项目(A0420110006)
关键词 桌面虚拟化 虚拟安全域 安全标签 通信隔离 访问控制 desktop virtualization trusted virtual domain security label communication isolation access control
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献12

  • 1Joanna Rutkowska.Security challenges in virtualized envirnments[C]//San Francisco:RSA Confrence,2008:2-5.
  • 2Matt Piotrowski.A system for privilege separation of legacy desktop applications[R].UCB/EECS-2010-70.California:University of California at Berkeley,2010:3-6.
  • 3Carl Gebhardt,Allan Tomlinson.Secure virtual disk images for grid computing[C]//Third Asia-Pacific Trusted Infrastructure Technologies Conference,2008:19-22.
  • 4Luigi Catuogno,Alexandra Dmitrienko.Trusted virtual domains-design,implementation and lessons learned[G].LNCS 6163:Proceedings of the First International Conference on Trusted Systems,2010:156-159.
  • 5Jasti A,Shah P,Nagaraj R,et al.Security in multi-tenancy cloud[C]//San Jose:Proceedings of IEEE International Carnahan Conference on Security Technology,2010:35-41.
  • 6Yu Lei,Weng Chuliang,Li Minglu,et al.Security challenges on the clone,snapshot,migration and rollback of Xen based computing environments[C]//Guangzhou,China:Proceedings of the Fifth Annual CinaGrid Conference,2012:223-227.
  • 7Serdar Cabuk,Chris Ⅰ Dalton.Towards automated security policy enforcement in multi-tenant virtual data centers[J].Journal of Computer Security,2010,18 (1):89-121.
  • 8Udaya Tupakula,Vijay Varadharajan.TVDSEC:Trusted virtual domain security[C]//4th IEEE Intemational Conference on Utility and Cloud Computing,2011:57-64.
  • 9Michael Factor,Dalit Naor.Capability based secure access control to networked storage devices[C]//24th IEEE Conference on Mass Storage Systems and Technologies,2007:43-47.
  • 10Tim Mather,Subra Kumaraswamy,Shahed Latif.Cloud security and privacy[M].O'Reilly Media,2009:29-30.

同被引文献25

引证文献5

二级引证文献12

计算机工程与设计
2014年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部