Key management client server method and system and medium based on kmip protocol

A key management and client-side technology, applied in the data security field of data centers, can solve the problems of not meeting confidentiality requirements, low key security, and low key strength.

Active Publication Date: 2020-12-22
EAST CHINA INST OF COMPUTING TECH
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This mechanism results in low key strength and low key security, which does not meet the country's confidentiality requirements.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Key management client server method and system and medium based on kmip protocol
  • Key management client server method and system and medium based on kmip protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The present invention will be described in detail below in conjunction with specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that those skilled in the art can make several changes and improvements without departing from the concept of the present invention. These all belong to the protection scope of the present invention.

[0040] Aiming at the key management part of the current open source Libvirt that cannot meet the national secrecy requirements, the functions of the key management module are redeveloped and realized based on the KMIP protocol. The present invention uses a hardware encryption algorithm with national secrecy qualification to generate a high-strength key; uses a protection key to protect and store the generated key; isolates the key from the protected object and stores it separately to avoid both being sim...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a KMIP protocol-based key management client server method and system and medium, which comprises a Libvirt key distribution module, a client, a server and a KMIP protocol communication module. the Libvirt key distribution module drives the client to connect to the server, and the client accesses the server to obtain the key, the server management key, the distribution key; and the KMIP protocol communication module realizes the communication information exchange between the client and the server based on the KMIP protocol. Separate storage between the key and the protected object to ensure that the key and the object are not stolen at the same time; A high strength key generation algorithm is used to avoid the native Libvirt using a simple password as the key. Usingthe KMIP protocol as the communication protocol, the unified operation of the key life cycle is realized, which effectively solves the key management problem that the open source Libvirt can not meetthe national confidentiality requirements.

Description

technical field [0001] The present invention relates to the data security field of a data center, in particular to a KMIP protocol-based key management client, server method, system and media. Background technique [0002] Libvirt is an open source API, daemon, and management tool for managing virtualization platforms. It can be used to manage KVM, Xen, VMware ESX, QEMU and other virtualization technologies. These APIs are widely used in cloud computing solutions. The open source Libvirt implementation provides a simple virtual machine key management mechanism. This mechanism uses the open source encryption and decryption algorithm provided by the host system to calculate the password entered by the user, and then generates a key; and saves it locally in text. This mechanism results in low key strength and low key security, which does not meet the country's confidentiality requirements. [0003] KMIP (Key Management Interoperability Protocol) is a communication protocol ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L9/08
CPCH04L9/0822H04L9/0838H04L9/0863H04L63/06H04L63/083
Inventor 刘光前余秦勇
Owner EAST CHINA INST OF COMPUTING TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap