| With the development of computer technology,the traditional computing environment is migrating to the cloud computing environment in large-scale,cloud computing technology has been developed and applied unprecedentedly.Desktop virtualization technology is the most direct and simple way to use the cloud computing environment.At present,many enterprises and industries have applied desktop virtualization to their infrastructure,which improved office efficiency while saving a lot of cost and make full use of desktop virtualization's Flexible,and easy to manage.However,as a cloud computing services,desktop virtualization faces data privacy protection aspects of security issues.Compared with traditional computer systems,desktop Virtualization lacks the physical isolation,different virtual desktop shares the storage and computing resources of data centers,and there is not a safe and efficient virtual desktop privacy protection method.Security has become a key factor restricting the popularity of virtual desktops and cloud computing.Aiming at the privacy protection problem in desktop virtualization,this paper proposes a privacy protection method based on encryption device virtualization technology.Firstly,Based on the characteristics of virtual encryption device and virtual desktop,this paper analyzes the security problem when virtual encryption device applied to virtual desktop privacy protection,and establishes the virtual encryption device model based on Dolev-Yao model.Then,based on the BLP model,this paper proposes a virtual privacy preserving model,which supports dynamic multi-security level,named vED-PPM(virtual Encryption Device-Privacy Preserving Model).The model uses the virtual security level to replace traditional static security level.Combined with the state-related security level dynamic strategy,the model can meet the flexible security access control needs in virtual desktop.By defining the security lemma,state transition rules,system state mapping,designing authentication protocols and so on,the model controls the flow of information and protects privacy.Finally,based on BLP theory and BAN logic formalization,we proved the validity and security of vED-PPM model,and realize the encryption device virtualization and vED-PPM model based on KVM and VirtIO technology,and test the model function and system performance by experiment.Through theoretical proof and experimention,vED-PPM model can prevent illegalvirtual machine to steal user data,limit the access of key resources,protect the privacy data in virtual desktop environment;System loss of about 1.16% encryption performance when compared to no security model,but its whole performance is still higher than 96%.The proposed virtual encryption device privacy protection scheme and vED-PPM security model is completely safe and effective and feasible. |
PDF Full Text Request