Container real-time migration method based on trusted computing

A technology of real-time migration and trusted computing, applied in the field of virtualization security, can solve problems such as short downtime, and achieve the effect of improving security, integrity and confidentiality assurance

Pending Publication Date: 2022-05-10
BEIJING UNIV OF TECH
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The difference is that in order to ensure the availability of virtual machine services during the migration process, there is only a very short downtime during the migration process

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Container real-time migration method based on trusted computing
  • Container real-time migration method based on trusted computing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] The purpose of the invention is to propose a method for real-time migration of containers based on trusted computing. The solution includes the following three stages: establishment of a migration environment, a stage of real-time migration, and a stage of end migration.

[0051] 1. Migration environment establishment

[0052] This step includes the stage of platform certification and resource preparation for both sides of the migration. The implementation steps are as follows:

[0053] Step 1: After the trusted chip F0 of the source platform P0 has passed the security measurement of the local environment, use the endorsement key to generate the corresponding identity authentication key AIK as the platform authentication key, record it as the hardware platform authentication key, and pass the hardware platform authentication key. A certification CA signs a certificate attesting to its authenticity. For each platform, a certificate is signed by the platform owner's cer...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a container real-time migration method based on trusted computing. Operating system virtualization and containers have become key technologies in cloud computing. The control of the data center and the cloud supplier to the computing resources enables the user data to face the risk of leakage, and reduces the actual control of the user to the data, which brings security threats to the container migration process. The invention introduces the concept of migration agent, and provides a method for migrating a container in a secure encrypted virtual machine by means of a trusted platform module. The authenticity and integrity of the destination platform are verified through remote authentication before data transmission, and the process in the container is kept unchanged in the migration process and does not need to be restarted. The data in the container is transmitted through the secure session between the migration agents, the integrity and confidentiality of the data are guaranteed in the migration process and on a destination platform, and the security of container migration is improved.

Description

technical field [0001] The invention belongs to the technical field of virtualization security, in particular to a trusted computing-based container real-time migration method. Background technique [0002] Containerization has become a popular method for deploying and running software in a scalable manner. Services or applications are isolated in containers as groups of processes, using operating system (OS) level virtualization. [0003] All the files needed to run the container are provided in a portable and independent image (Image). Likewise, shared resources in data centers and cloud computing are becoming more common. Migrating running containers to another system ensures continued execution and availability of services in the event of resource shortages or maintenance on one system. [0004] Containers are transferred from one system to another and continue to execute on the target system without interruption. During this process, appropriate measures need to be t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455
CPCG06F9/45558
Inventor 王冠殷刘智子
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap