Netinfo Security ›› 2016, Vol. 16 ›› Issue (9): 84-89.doi: 10.3969/j.issn.1671-1122.2016.09.017

• Orginal Article • Previous Articles     Next Articles

A Security Isolation Model of Virtual Environment Based on SR-IOV Technology

Mingda LIU, Longyu MA()   

  1. Jiangnan Institute of Computing Technology, Wuxi Jiangsu 214083, China
  • Received:2016-07-25 Online:2016-09-20 Published:2020-05-13

Abstract:

The development of virtualization technology brings about the change of computing model, but it also brings many security problems. This paper researches virtual environment safety problems, currently the mainstream security protection mode, and I/O hardware virtualization technology (SR-IOV). And then it proposes a virtual environment safety isolation model based on SR-IOV technology for the problems of the virtual computing environment safety isolation. The model devise virtual domain into different safety level according to user needs. High level domain owns dedicated physical network card and encryption card, and lower still uses traditional software simulation method implementing I/O device. SR-IOV uses the direct device technology to realize the communication of virtual domains and the physical equipment. The equipment of direct connected technology has good isolation effect, so it can achieve network data isolation and data encryption isolation according to the level of security. The experimental analysis shows that the model can improve the security isolation characteristics of virtual computing environment, and enhance the security of virtual environment. Not only it has the feasibility, but also has a good performance and efficiency.

Key words: virtual environment, SR-IOV, security isolation

CLC Number: