期刊名称:International Journal of Grid and Distributed Computing
印刷版ISSN:2005-4262
出版年度:2016
卷号:9
期号:6
页码:127-136
DOI:10.14257/ijgdc.2016.9.6.13
出版社:SERSC
摘要:For the problem that the process running is not security in the virtual environment, a multi-level process isolation management scheme is proposed. In this scheme, the processes and the basic runtime environment is defined as the process space. It takes a level hierarchical division strategy to classify the processes from the process space into two levels. One of which is the level of credible processes and another is the level data confidential processes. Under the strategy, the processes operate with different permission to ensure the security of sensitive information, prevent data leaking, operate legally and operate under authority. Finally simulation experiment results show that the method has a good protection to the process running in a virtual environment and it can meet the needs of data confidentiality. At the same time, the overhead of running processes is not obvious.
关键词:virtual environment; multi-level; process isolation; credible level
