期刊文献+

一种基于SR-IOV技术的虚拟环境安全隔离模型 被引量:3

A Security Isolation Model of Virtual Environment Based on SR-IOV Technology
下载PDF
导出
摘要 虚拟化技术的发展,带来了计算模式的变革,同时也带来了诸多安全问题。文章研究了虚拟环境安全问题和目前主流的安全防护方式,同时研究了I/O硬件虚拟化技术——SR-IOV,并针对虚拟计算环境安全隔离的问题提出了一种基于SR-IOV技术的虚拟环境安全隔离模型。该模型根据用户需求将虚拟域进行安全分级,安全等级高的虚拟域能够分配专门的物理网卡和加密卡,安全等级较低的虚拟域仍采用传统的软件模拟方法实现I/O设备。在SRIOV的结构设计中,采用了设备直连技术实现虚拟域和物理设备的通信,设备直连技术本身具备良好的隔离效果,这样就能够根据其安全等级实现网络数据隔离和数据加密隔离。实验结果表明,该模型能够提高虚拟计算环境的安全隔离特性,增强虚拟环境的安全,不仅具有可行性,而且具有良好的性能效率。 The development of virtualization technology brings about the change of computing model, but it also brings many security problems. This paper researches virtual environment safety problems, currently the mainstream security protection mode, and I/O hardware virtualization technology (SR-IOV). And then it proposes a virtual environment safety isolation model based on SR-IOV technology for the problems o f the virtual computing environment safety isolation. The model devise virtual domain into different safety level according to user needs. High level domain owns dedicated physical network card and encryption card, and lower still uses traditional software simulation method implementing I/O device. SR-IOV uses the direct device technology to realize the communication of virtual domains and the physical equipment. The equipment of direct connected technology has good isolation effect, so it can achieve network data isolation and data encryption isolation according to the level of security. The experimental analysis shows that the model can improve the security isolation characteristics o f virtual computing environment, and enhance the security of virtual environment. Not only it has the feasibility, but also has a good performance and efficiency.
出处 《信息网络安全》 2016年第9期84-89,共6页 Netinfo Security
基金 国家自然科学基金[91430214]
关键词 虚拟环境 SR-IOV 安全隔离 virtual environment SR-IOV security isolation
  • 相关文献

参考文献7

二级参考文献168

共引文献1429

同被引文献16

引证文献3

二级引证文献6

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部