IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 10262130 B1

PDFFull Text
Date of Patent:
Apr. 16, 2019

Filed:

Oct. 22, 2015

System and method for providing cryptographic operation service in virtualization environment

Applicants:

Institute of Information Engineering, Chinese Academy of Sciences, Beijing, CN;

Data Assurance & Communication Security Center, Chinese Academy of Sciences, Beijing, CN;

Inventors:

Jingqiang Lin, Beijing, CN;

Kaijie Zhu, Beijing, CN;

Lingchen Zhang, Beijing, CN;

Bo Luo, Beijing, CN;

Quanwei Cai, Beijing, CN;

Congwu Li, Beijing, CN;

Jiwu Jing, Beijing, CN;

Wuqiong Pan, Beijing, CN;

Assignee:

DATA ASSURANCE & COMMUNICATION SECURITY CENTER, CHINESE ACADEMY OF SCIENCES, Beijing, CN;

Attorney:

SV Patent Service

Primary Examiner:

Piotr Poltorak

Int. Cl.
CPC ...
G06F 21/53 (2013.01); G06F 9/455 (2018.01); H04L 9/08 (2006.01); H04L 9/32 (2006.01); G06F 21/60 (2013.01);
U.S. Cl.
CPC ...
G06F 21/53 (2013.01); G06F 9/45558 (2013.01); G06F 21/602 (2013.01); H04L 9/088 (2013.01); H04L 9/0816 (2013.01); H04L 9/0822 (2013.01); H04L 9/0863 (2013.01); H04L 9/0894 (2013.01); H04L 9/3242 (2013.01); G06F 2009/45587 (2013.01); G06F 2009/45591 (2013.01);
Abstract

A system and method for providing cryptographic operation service in a virtualization environment. In the system, a configuration subsystem provides an interface for an administrator and a common user to input information about a virtual cryptographic device. A key file storage subsystem stores a key file and protects it with the protection password. A virtual machine operating subsystem obtains a corresponding key file from the storage subsystem according to the input of the configuration subsystem, creates a virtual device for a guest virtual machine, and finally operates the guest virtual machine to provide cryptographic computing service for the guest virtual machine. Thus the administrator/the common user can specify a key file and input a protection password for a guest virtual machine via the corresponding interface to facilitate the creation of a virtual cryptographic device, and can manage the virtual cryptographic device in a user-friendly and centralized manner. The guest virtual machine on a virtualization management platform can request for a secure cryptographic operation service, thereby alleviating the key security problem in virtualization environment.

Find Patent Forward Citations

Loading…