Design And Implementation Of Multi-Domain Mobile Terminal Security Scheme Based On Microkernel And Hypervisor

In recent years,information technology has developed vigorously.The role of mobile terminals in daily work and life has become increasingly important.Information data is frequently transmitted and stored in mobile terminals.How to ensure data security in the context of mobile informatization is a subject worthy of in-depth research.However,in the current mobile terminal security product market,under the premise of ensuring data security,it often results in an increase in hardware manufacturing costs or a decrease in user experience,and it is difficult to meet the user requirements for high security scenarios.Based on the micro-kernel virtualization multi-domain technology,this paper implements transparent encryption and decryption for users on mobile terminals,which not only improves security but also does not reduce user experience.This article first analyzes the research background of the subject and establishes the research direction of mobile terminal data security.Through investigation of the industry's PC and mobile data encryption products and Xen virtualization technology,it proposes the transparency of mobile terminal data security.Encryption and decryption requirements,design and implementation of a transparent encryption and decryption solution for secure storage of data on the mobile end:Use Xen virtual machine software to establish a multi-domain architecture,and embed a transparent encryption and decryption module in this architecture to encrypt and decrypt files for read and write requests.The data is converted into cipher text and stored in a hardware storage device.When data is read by hardware interception or read out of the original encryption environment,it can only be presented in the form of cipher text.The encryption and decryption process is invisible to the user,achieving the effect of transparent encryption and decryption.Finally,this paper tests the function and performance of the transparent encryption and decryption scheme.After experiments,the security scheme designed in this article completes data encryption and decryption on the premise of being transparent to users,and achieves data security without sacrificing user experience.In terms of performance,compared with the absence of an encryption/decryption module,the time consumed by read and write operations has increased by about 30%.Taking a write operation of a 64M file as an example,the consumption time has increased by about 0.02 seconds,which is in an acceptable range.This solution has been patented and has been applied in many projects.