发明名称 |
APPARATUS AND METHOD FOR SECURE AND CONSISTENT RUNTIME BASED CONFIDENTIAL EXECUTION OF APPLICATION SERVICES |
摘要 |
<p>PURPOSE: A runtime providing apparatus and a method for application service sealing execution provide a security virtualization interface layer for application service data requiring security consumption, and thereby maximize security of application service execution or application service data consumption. CONSTITUTION: A security virtualization interface layer (310) has an application service received through a user space (300) use hardware resources (450) and kernel services (432) of the lower part of a kernel space (340). A container parser (410) separates a virtualization security code and an application service from a service container received from a service providing server (100). A security virtualization interface generator (412) uses the virtualization security code and service policy to produce security virtualization interface. A virtualization service injector (414) stacks the application service in a VM (Virtual Machine) (420) through the security virtualization interface layer according to a policy in the security virtualization interface. [Reference numerals] (AA) Start; (BB) End; (S500) Receive a service container; (S502) Classification by Information in the service container; (S504) Deliver a virtualization security code and relevant information to an SVIF generator; (S506) Deliver a service(service data) to a VS injector; (S508) Generate a virtual interface after requesting and receiving a service policy; (S510) Separate application for the service required?; (S512) Request and receive the application; (S514) Inject the application service(application) to a virtual machine using a security virtualization interface; (S516) Is the security virtualization interface using code verification abnormal?; (S518) Request the implement or consumption of the application service(application); (S520) Stop the application service(application)</p> |
申请公布号 |
KR20130093804(A) |
申请公布日期 |
2013.08.23 |
申请号 |
KR20120001957 |
申请日期 |
2012.01.06 |
申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
MOON, YONG HYUK;SEO, DONG IL;KWON, HYEOK CHAN;LEE, SEUNG MIN;LEE, SOK JOON |
分类号 |
G06F21/10;G06F9/44;G06F15/16 |
主分类号 |
G06F21/10 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|