摘要 |
A system and method for providing a cipher operation service in a virtualization environment. In the system, a configuration sub-system provides an interface for an administrator and an ordinary user to input related information about a virtual cipher device; a key file storage sub-system stores a key file and uses a protection password to protect the key file; and a virtual machine operation sub-system acquires, according to the input of the configuration sub-system, a corresponding key file from the storage sub-system and creates a virtual cipher device for a client virtual machine, finally operates the client virtual machine and provides a cipher operation service for the client virtual machine. Thus, an administrator/ordinary user can assign a key file and input a protection password for a client virtual machine via a corresponding interface so as to facilitate the creation of a virtual cipher device, and can manage the virtual cipher device in a friendly and centralized manner; and the client virtual machine in a virtualization management platform can request for a secure cipher operation service, thereby alleviating the key security problem in a virtualization environment. |
申请人 |
INSTITUTE OF INFORMATION ENGINEERING, CHINESE ACADEMY OF SCIENCES;DATA ASSURANCE&COMMUNICATION SECURITY CENTER, CHINESE ACADEMY OF SCIENCES |
发明人 |
LIN, Jingqiang;ZHU, Kaijie;ZHANG, Lingchen;LUO, Bo;CAI, Quanwei;LI, Congwu;JING, Jiwu;PAN, Wuqiong |