会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 4. 发明申请
    • Method and Apparatus for Implementing Virtual Machine Introspection
    • 实现虚拟机内省的方法和装置
    • US20160314297A1
    • 2016-10-27
    • US15199200
    • 2016-06-30
    • Huawei Technologies Co., Ltd.
    • Bin TuHaibo ChenYubin Xia
    • G06F21/56G06F21/53G06F9/455
    • G06F21/565G06F9/45558G06F21/53G06F2009/45587G06F2009/45591G06F2221/034
    • The present disclosure relates to the field of information technologies and discloses a method and an apparatus for implementing virtual machine introspection. The method provided in the present disclosure may further include: determining to-be-checked data in a virtual machine; starting to read the to-be-checked data, saving a copy of the read to-be-checked data, and storing a storage address of the read to-be-checked data in a hardware transactional memory, so that the hardware transactional memory is capable of monitoring the read to-be-checked data according to the storage address; when the read to-be-checked data is modified, stop reading the to-be-checked data, and delete the copy; and when reading the to-be-checked data is completed and it is not detected that the read to-be-checked data is modified, performing security check on the copy. The method can be applied to virtual machine introspection.
    • 本公开涉及信息技术领域,并且公开了一种用于实现虚拟机内省的方法和装置。 本公开中提供的方法还可以包括:确定虚拟机中的待检查数据; 开始读取待检查的数据,保存读取的被检查数据的副本,以及将读取的被检查数据的存储地址存储在硬件事务存储器中,使得硬件事务存储器 能够根据存储地址监视读取的被检查数据; 当读取的被检查数据被修改时,停止读取待检查的数据,并删除副本; 并且当读取待检查数据完成并且未检测到读取的被检查数据被修改时,对拷贝执行安全性检查。 该方法可以应用于虚拟机内省。
    • 8. 发明申请
    • Data Processing Method and Apparatus
    • 数据处理方法与装置
    • US20160028701A1
    • 2016-01-28
    • US14808332
    • 2015-07-24
    • Huawei Technologies Co., Ltd.
    • Zhichao HuaYubin XiaHaibo Chen
    • H04L29/06
    • H04L63/0435G06F21/335G06F21/42G06F2221/2113H04L9/0844H04L9/3265H04L63/0471H04L63/0485H04L63/0823H04L63/0884H04L63/168H04L2463/062
    • A data processing method and apparatus, where the method includes acquiring a first network data packet that is sent by a target application that runs in an untrusted execution domain, where the first network data packet includes a first identifier; acquiring, in a trusted execution domain, first data corresponding to the first identifier; generating, in the trusted execution domain, a second network data packet according to the first data and the first network data packet; performing, in the trusted execution domain, encryption on the second network data packet by using a first session key to acquire an encrypted second network data packet; and sending the encrypted second network data packet to the target server. The data processing method and apparatus in the embodiments of the present invention can effectively prevent an attacker from stealing data.
    • 一种数据处理方法和装置,其中所述方法包括获取在不可信执行域中运行的目标应用发送的第一网络数据分组,其中所述第一网络数据分组包括第一标识符; 在可信执行域中获取对应于所述第一标识符的第一数据; 在可信执行域中根据第一数据和第一网络数据分组生成第二网络数据分组; 通过使用第一会话密钥来获取加密的第二网络数据分组,在所述可信执行域中对所述第二网络数据分组进行加密; 并将加密的第二网络数据分组发送到目标服务器。 本发明实施例中的数据处理方法和装置可以有效地防止攻击者窃取数据。