Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A virtual machine migration security policy dynamic configuration system and method

A virtual machine migration and security policy technology, applied in the field of virtual machine migration security policy dynamic configuration system, can solve problems such as the inability to guarantee the overall security of the system, and achieve the effect of simplifying security assessment methods and saving update efficiency

Active Publication Date: 2016-11-02
CEC CYBERSPACE GREAT WALL
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Aiming at the problem that the overall security of the system cannot be guaranteed when the virtual machine is migrated in the prior art, the present invention proposes a method that can automatically discover the address of the source host node and the address of the target host node for migration, and compare the addresses of the virtual machine before and after migration. The security policy corresponding to the security status of the operating environment is comparatively analyzed, unified coordinated and correspondingly modified to ensure that the security of the whole system remains consistent before and after the migration of the virtual machine; a virtual machine migration security policy dynamic configuration system; and a method for realizing the system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A virtual machine migration security policy dynamic configuration system and method
  • A virtual machine migration security policy dynamic configuration system and method
  • A virtual machine migration security policy dynamic configuration system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The present invention will be described below in conjunction with the accompanying drawings.

[0036] In the following description, some specific details are provided to provide those skilled in the computer arts with a general understanding of the present invention. In the embodiments, elements for realizing specific functions are shown in the form of schematic diagrams or block diagrams, so as to highlight technical points without obscuring the present invention in unnecessary details. For example, since those of ordinary skill in the art can understand the details disclosed in this field about network communication, electromagnetic signal command technology, user interface or input / output technology, etc., the maximum degree of The above technical details are omitted above, and these details are not considered to be the necessary features to obtain the complete technical solution of the present invention.

[0037] Such as figure 1 As shown, the virtual machine migr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention relates to a virtual machine migration security policy dynamic configuration system and method, in which a policy agent module is set on both the source host node and the target host node, the security management center is respectively connected to the security policy library and the policy coordination module, and the policy coordination module is also connected to all The policy agent module is connected; the security management center queries the security policy database to determine whether the intermediate value of the local security policy violates the global security policy, and if it violates, adjusts the intermediate value of the local security policy to the final value of the security policy; otherwise, sets the intermediate value of the local security policy is the final value of the security policy. Since the global security policy is introduced in the process of generating the final value of the security policy, the final value of the security policy cannot violate the global security policy anyway, and the adjustment of the local security policy on the target host node after the virtual machine migration is included in the global security policy planning In order to effectively prevent the reduction of the overall security before and after the migration of the virtual machine.

Description

technical field [0001] The invention relates to an information security system and method, in particular to a virtual machine migration security policy dynamic configuration system and method. Background technique [0002] Cloud computing is an Internet-oriented distributed computing service. As a delivery model for IT resources and services, it can obtain the required resources from a shared pool of configurable computing resources anytime, anywhere, conveniently, and on demand. (such as networks, servers, storage, applications, services, etc.), these resources can be quickly provisioned and released, while minimizing management costs or service provider intervention. In the cloud computing environment, the implementation of security policies faces many difficulties due to the virtualization of the network. Virtualization makes the boundaries of traditional networks blurred. Different networks divided according to virtual machines are no longer restricted by physical networ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 陈幼雷张雅哲
Owner CEC CYBERSPACE GREAT WALL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products