[go: up one dir, main page]

CN103258160A - Method for monitoring cloud security under virtualization environment - Google Patents

Method for monitoring cloud security under virtualization environment Download PDF

Info

Publication number
CN103258160A
CN103258160A CN2013102089956A CN201310208995A CN103258160A CN 103258160 A CN103258160 A CN 103258160A CN 2013102089956 A CN2013102089956 A CN 2013102089956A CN 201310208995 A CN201310208995 A CN 201310208995A CN 103258160 A CN103258160 A CN 103258160A
Authority
CN
China
Prior art keywords
virtual machine
cloud
security
virtual machines
virtualization environment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2013102089956A
Other languages
Chinese (zh)
Inventor
宋桂香
高丽琴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Group Co Ltd
Original Assignee
Inspur Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Group Co Ltd filed Critical Inspur Group Co Ltd
Priority to CN2013102089956A priority Critical patent/CN103258160A/en
Publication of CN103258160A publication Critical patent/CN103258160A/en
Pending legal-status Critical Current

Links

Landscapes

  • Debugging And Monitoring (AREA)

Abstract

The invention discloses a method for monitoring cloud security under a virtualization environment, and belongs to the technical field of computer information security. Virtual machine security software is directly deployed inside a cloud server end, and through the utilization of opened API interfaces of virtual machines, traffic exchange among all the virtual machines is firstly led into the virtual machine security software to be checked before entering the virtual machines. Compared with the prior art, the method for monitoring the cloud security under the virtualization environment further prevents network threats which develop rapidly and are dynamic, and improves integral safety performance of cloud computing under the virtualization environment.

Description

Cloud security monitoring method under a kind of virtualized environment
 
Technical field
The present invention relates to a kind of computer information safety technique field, specifically the cloud security monitoring method under a kind of virtualized environment.
Background technology
Traditional enterprise traffic model is relatively simple, various application standard flows and burst flow is regular follows, even to relatively large data center, still can protect targetedly according to the significance level of web application server, the processing power of safety equipment is not had too high requirement.
In traditional security threat detecting pattern, client secure software or hardware security gateway have served as the main body of threat detection, and all flows all will be finished whole threat detection in client or gateway.The advantage of this pattern is all to detect that to handle time-delay based on this locality less, but because client is separate, the isolation between the system has stoped sharing of threat detection result.This also means in the A of enterprise detected novel threat still may damage the whole security protection of formation in enterprise B.
Virtual is the of paramount importance technical support of present cloud computing, needs the support of the resources such as storage, calculating and network security in the whole virtualized environment.Aspect this, take an early lead based on the Intel Virtualization Technology of server, begun application deployment widely.Based on this virtualized environment, the security threat of system and requirement of shelter have also produced new variation.
The tradition risk remains unchanged, and protection object enlarges.On the one hand, some security risks are not evaded because of virtualized generation.Although the single physical server can be divided into a plurality of virtual machines, but at each virtual machine, it is basic identical with original separate unit server that its service bearer and service provide, therefore the problem that faces of the server under the conventional model, virtual machine can run into too, such as the leak of the access security of operation system, the operating system of safe isolation, server or virtual machine between the different business systems and application program is attacked, the antivirus protection of operation system etc.; On the other hand, the appearance of server virtualization, enlarged the object range that needs protection, just need to consider with Hypervisor and vCenter to be the special virtualization software of representative as the IPS intrusion prevention system, owing to itself residing specific position and the importance in total system, any security breaches are utilized, and all may cause configuration confusion or the service disconnection of whole servers of whole virtualized environment.
Monitoring resource under the cloud computing environment is the important component part of cloud computing platform resource management, for resource distribution, task scheduling and load balancing etc. provide foundation.Since transparent virtualization and the elastification of resource under the cloud computing environment, and need use resource to charge to the user, and therefore original monitoring resource method can not satisfy the requirement of cloud computing environment fully.
Summary of the invention
Technical assignment of the present invention provides a kind of Cyberthreat that further prevents from increasing fast and having dynamic, the cloud security monitoring method under a kind of virtualized environment of the general safety performance under the raising cloud computing virtualized environment.
Technical assignment of the present invention is realized in the following manner, directly dispose secure virtual machine software in the inside of the server end of cloud, by the utilization to the open api interface of virtual machine, the exchange of flow between all virtual machines before entering into virtual machine, is incorporated into secure virtual machine software earlier and checks.
Secure virtual machine software is the secure virtual machine software of VMware exploitation.
Described flow refers to the horizontal flow between the virtual machine.
Horizontal flow safety between the virtual machine: the flow between the different virtual machine of same server will directly exchange inner realization of server end, secure virtual machine software is disposed in the inside of server end, by the utilization to the open api interface of virtual machine, the exchange of flow between all virtual machines before entering into virtual machine, is incorporated into secure virtual machine software earlier and checks.
Can be divided into different security domains with different virtual machines according to demand this moment, and dispose the strategy of isolating and exchanging visits between various security domains.
Cloud security monitoring method under a kind of virtualized environment of the present invention is called C/C++ by virtual machine monitor and Java and is obtained state of resources information.
Vertical flow between the virtual machine comprises the normal discharge request of access from the client to the server end, and the flow of three layers of forwarding between the different virtual machine; Vertically the exchange of flow must check through the external hardware safety protection layer of cloud, the device type of the protection of hardware safety protection layer is based on products such as fire wall and intrusion prevention systems, require fire wall or intrusion prevention equipment to possess the ability of INLINE blocking-up security attack in the mode of disposing, the position of deployment can other hang over convergence-level or be serially connected in core layer and convergence-level between.
VMware is that global desktop is to the leading manufacturer of data center's virtualization solution.Be in world-leading status in virtual and cloud computing architecture field, provide through the solution of customer authentication can by reduce complicacy and more flexible, delivery service improves IT efficient promptly.The VMware virtual machine is the virtual platform of VMware company exploitation.
Cloud security monitoring method under a kind of virtualized environment of the present invention has the following advantages: further prevent from increasing fast and having the Cyberthreat of dynamic, improve the general safety performance under the cloud computing virtualized environment; Thereby, have good value for applications.
Description of drawings
The present invention is further described below in conjunction with accompanying drawing.
Accompanying drawing 1 is the structured flowchart of an example of the cloud security monitoring method under a kind of virtualized environment.
The VM flow is redirected to secure virtual machine among the figure, and the flow that is virtual machine is incorporated into the example that secure virtual machine software checks.
Embodiment
Explain below with reference to Figure of description and specific embodiment the cloud security monitoring method under a kind of virtualized environment of the present invention being done.
Embodiment:
Cloud security monitoring method under a kind of virtualized environment of the present invention, directly dispose secure virtual machine software in the inside of the server end of cloud, by the utilization to the open api interface of virtual machine, flow between all virtual machines exchange before, is incorporated into secure virtual machine software earlier and checks entering into virtual machine (being called for short VM).
Secure virtual machine software is the secure virtual machine software of VMware exploitation.
Described flow refers to the horizontal flow between the virtual machine.
Horizontal flow safety between the virtual machine: the flow between the different virtual machine of same server will directly exchange inner realization of server end, secure virtual machine software is disposed in the inside of server end, by the utilization to the open api interface of virtual machine, the exchange of flow between all virtual machines before entering into virtual machine, is incorporated into secure virtual machine software earlier and checks.
Can be divided into different security domains with different virtual machines according to demand this moment, and dispose the strategy of isolating and exchanging visits between various security domains.
Cloud security monitoring method under a kind of virtualized environment of the present invention is called C/C++ by virtual machine monitor and Java and is obtained state of resources information.
Vertical flow between the virtual machine comprises the normal discharge request of access from the client to the server end, and the flow of three layers of forwarding between the different virtual machine; Vertically the exchange of flow must check through the external hardware safety protection layer of cloud, the device type of the protection of hardware safety protection layer is based on products such as fire wall and intrusion prevention systems, require fire wall or intrusion prevention equipment to possess the ability of INLINE blocking-up security attack in the mode of disposing, the position of deployment can other hang over convergence-level or be serially connected in core layer and convergence-level between.
Cloud security monitoring method under a kind of virtualized environment of the present invention except the described technical characterictic of instructions, is the known technology of those skilled in the art.

Claims (4)

1.一种虚拟化环境下的云安全监测方法,其特征在于直接在云的服务器端的内部部署虚拟机安全软件,通过对虚拟机开放的API接口的利用,将所有虚拟机之间的流量交换在进入到虚拟机之前,先引入到虚拟机安全软件进行检查。 1. A cloud security monitoring method under a virtualized environment, characterized in that the virtual machine security software is deployed directly in the server side of the cloud, and by utilizing the API interface opened to the virtual machine, the flow exchange between all virtual machines Before entering the virtual machine, it is first introduced into the virtual machine security software for inspection. 2.根据权利要求1所述的一种虚拟化环境下的云安全监测方法,其特征在于虚拟机安全软件为VMware开发的虚拟机安全软件。 2. The cloud security monitoring method in a virtualized environment according to claim 1, wherein the virtual machine security software is a virtual machine security software developed by VMware. 3.根据权利要求1所述的一种虚拟化环境下的云安全监测方法,其特征在于所述的流量指虚拟机之间的横向流量。 3. The cloud security monitoring method in a virtualized environment according to claim 1, wherein said traffic refers to horizontal traffic between virtual machines. 4.根据权利要求1或3所述的一种虚拟化环境下的云安全监测方法,其特征在于虚拟机之间的横向流量安全:同一个服务器的不同虚拟机之间的流量将直接在服务器端内部实现交换,服务器端的内部部署虚拟机安全软件,通过对虚拟机开放的API接口的利用,将所有虚拟机之间的流量交换在进入到虚拟机之前,先引入到虚拟机安全软件进行检查。 4. The cloud security monitoring method in a virtualized environment according to claim 1 or 3, characterized in that the horizontal traffic between virtual machines is safe: the traffic between different virtual machines of the same server will be directly on the server The exchange is realized inside the server, and the virtual machine security software is deployed internally on the server side. Through the use of the API interface open to the virtual machine, the traffic exchange between all virtual machines is introduced into the virtual machine security software for inspection before entering the virtual machine. .
CN2013102089956A 2013-05-30 2013-05-30 Method for monitoring cloud security under virtualization environment Pending CN103258160A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2013102089956A CN103258160A (en) 2013-05-30 2013-05-30 Method for monitoring cloud security under virtualization environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2013102089956A CN103258160A (en) 2013-05-30 2013-05-30 Method for monitoring cloud security under virtualization environment

Publications (1)

Publication Number Publication Date
CN103258160A true CN103258160A (en) 2013-08-21

Family

ID=48962070

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2013102089956A Pending CN103258160A (en) 2013-05-30 2013-05-30 Method for monitoring cloud security under virtualization environment

Country Status (1)

Country Link
CN (1) CN103258160A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103500304A (en) * 2013-10-13 2014-01-08 西安电子科技大学 Virtual machine personalized security monitoring system and method based on Xen
CN104301321A (en) * 2014-10-22 2015-01-21 北京启明星辰信息技术股份有限公司 Method and system for achieving distributed network safety protection
CN104660554A (en) * 2013-11-19 2015-05-27 北京天地超云科技有限公司 Method for implementing communication data security of virtual machines
CN105224387A (en) * 2015-09-07 2016-01-06 浪潮集团有限公司 A kind of security deployment method of virtual machine under cloud computing
CN105592016A (en) * 2014-10-29 2016-05-18 国家电网公司 Virtual machine protection device of power information system in cloud environment
CN107430647A (en) * 2015-03-25 2017-12-01 国际商业机器公司 Security in software definition architecture
TWI732180B (en) * 2019-02-21 2021-07-01 中華電信股份有限公司 Malicious file isolation system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王哲 等: "《云计算安全方案与部署研究》", 《电信科学》 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103500304A (en) * 2013-10-13 2014-01-08 西安电子科技大学 Virtual machine personalized security monitoring system and method based on Xen
CN103500304B (en) * 2013-10-13 2016-06-29 西安电子科技大学 Virtual machine personalized secure based on Xen monitors system and monitoring method
CN104660554A (en) * 2013-11-19 2015-05-27 北京天地超云科技有限公司 Method for implementing communication data security of virtual machines
CN104301321A (en) * 2014-10-22 2015-01-21 北京启明星辰信息技术股份有限公司 Method and system for achieving distributed network safety protection
CN104301321B (en) * 2014-10-22 2018-04-27 北京启明星辰信息技术股份有限公司 A kind of method and system for realizing distributed network security protection
CN105592016A (en) * 2014-10-29 2016-05-18 国家电网公司 Virtual machine protection device of power information system in cloud environment
CN105592016B (en) * 2014-10-29 2019-04-30 国家电网公司 A protection device for virtual machine in cloud environment of power information system
CN107430647A (en) * 2015-03-25 2017-12-01 国际商业机器公司 Security in software definition architecture
CN107430647B (en) * 2015-03-25 2021-01-01 国际商业机器公司 Method and system for providing security within a software defined infrastructure
CN105224387A (en) * 2015-09-07 2016-01-06 浪潮集团有限公司 A kind of security deployment method of virtual machine under cloud computing
TWI732180B (en) * 2019-02-21 2021-07-01 中華電信股份有限公司 Malicious file isolation system

Similar Documents

Publication Publication Date Title
CN103258160A (en) Method for monitoring cloud security under virtualization environment
US9935971B2 (en) Mitigation of virtual machine security breaches
Liu Research on cloud computing security problem and strategy
WO2016082501A1 (en) Method, apparatus and system for processing cloud application attack behaviours in cloud computing system
TWI459296B (en) Method for increasing virtual machines
CN101866408B (en) Transparent trust chain constructing system based on virtual machine architecture
CN103685608B (en) A kind of method and device for automatically configuring secure virtual machine IP address
Zou et al. Design and implementation of a trusted monitoring framework for cloud platforms
US20180173549A1 (en) Virtual network function performance monitoring
US20190034627A1 (en) Secure memory implementation for secure execution of virtual machines
CN102930213A (en) Security monitoring system and security monitoring method based on virtual machine
US11669426B2 (en) Kernel-based power consumption and isolation and defense against emerging power attacks
US9317313B2 (en) Dynamically provisioning storage while identifying and discarding redundant storage alerts
Jithin et al. Virtual machine isolation: A survey on the security of virtual machines
CN104539716A (en) Cloud desktop management system desktop virtual machine dispatching control system and method
CN105704087B (en) Device and method for implementing network security management based on virtualization
CN105303102A (en) Secure access method for virtual machine and virtual machine system
Yao et al. Guaranteeing fault-tolerant requirement load balancing scheme based on VM migration
Xie et al. Detection of Service Level Agreement (SLA) Violations in Memory Management in Virtual Machines
Hwang et al. Design of a hypervisor-based rootkit detection method for virtualized systems in cloud computing environments
CN111262815A (en) Virtual host management system
Volokyta et al. Secure virtualization in cloud computing
Upadhyay et al. Secure live migration of VM's in Cloud Computing: A survey
JP5286135B2 (en) Computer function disaster response migration system and method, computer program for executing the method, and storage medium storing the computer program
US10768990B2 (en) Protecting an application by autonomously limiting processing to a determined hardware capacity

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20130821

WD01 Invention patent application deemed withdrawn after publication