摘要
网络存储数据越来越多,其安全性也受到越来越多的重视.基于主动免疫的可信计算思想,将虚拟化技术与可信计算技术结合,基于KVM构建虚拟可信平台,分别建立客户端和服务端网络存储数据泄漏防护模型,通过vTCM对网络存储数据进行加密,将密钥存放在不同虚拟域隔离保护,提高密钥安全,增强网络存储数据安全.
Data stored in the network is growing rapidly. And then, its security has received more and more attention. Based on the trusted computing of active immunity, it combines virtualization technology with trusted computing technology. A virtual trusted platform based on Kernel-based Virtual Machine(KVM )is built. The network storage data leakage protection models of client and server are established respectively. The network storage data are encrypted by vTCM, and the keys are stored in different virtual domains for isolation and protection, which improves the key security and enhances the network storage data security.
作者
余祥
熊秋犇
李强
YU Xiang;XIONG Qiu-Ben;LI Qiang(College of Computer , National University of Defense Technology, Changsha Hunan 410073, China;Unit 75833 of PLA, Guangzhou Guangdong 510515, China;College of Electronic Engineering, National University of Defense Technology, Hefei Anhui 230037, China)
出处
《指挥与控制学报》
2019年第3期215-220,共6页
Journal of Command and Control
基金
技术基础项目(7216051)
国防科技大学科研基金(KY171012)资助~~
关键词
数据泄漏防护
虚拟化
可信计算
可信密码模块
data leak protection
virtualization
trusted computing
trusted cryptographic module
