Nothing Special   »   [go: up one dir, main page]

CN106919854B - Detection method for clearing residual information of virtual machine - Google Patents

Detection method for clearing residual information of virtual machine Download PDF

Info

Publication number
CN106919854B
CN106919854B CN201710136378.8A CN201710136378A CN106919854B CN 106919854 B CN106919854 B CN 106919854B CN 201710136378 A CN201710136378 A CN 201710136378A CN 106919854 B CN106919854 B CN 106919854B
Authority
CN
China
Prior art keywords
virtual machine
residual information
cloud computing
computing platform
hard disk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710136378.8A
Other languages
Chinese (zh)
Other versions
CN106919854A (en
Inventor
宋好好
陈妍
陆臻
顾健
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Third Research Institute of the Ministry of Public Security
Original Assignee
Third Research Institute of the Ministry of Public Security
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Third Research Institute of the Ministry of Public Security filed Critical Third Research Institute of the Ministry of Public Security
Priority to CN201710136378.8A priority Critical patent/CN106919854B/en
Publication of CN106919854A publication Critical patent/CN106919854A/en
Application granted granted Critical
Publication of CN106919854B publication Critical patent/CN106919854B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0623Securing storage systems in relation to content
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0638Organizing or formatting or addressing of data
    • G06F3/0643Management of files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0646Horizontal data movement in storage systems, i.e. moving data in between storage devices or systems
    • G06F3/0652Erasing, e.g. deleting, data cleaning, moving of data to a wastebasket
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/067Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Medical Informatics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a detection method for removing residual information of a virtual machine, which comprises the steps of newly building a first virtual machine and a second virtual machine on a host machine, distributing corresponding spaces, proposing a corresponding text file in the virtual machine, recycling the first virtual machine and proposing a corresponding third virtual machine, and finally judging whether a cloud computing platform removes the residual information of the virtual machine or not based on the third virtual machine. According to the scheme, whether the memory and the storage space are cleared or not is automatically detected by adopting the computer, so that the residual information protection capability of the cloud computing platform can be comprehensively evaluated more quickly, and the safety of the cloud computing platform is ensured.

Description

Detection method for clearing residual information of virtual machine
Technical Field
The invention relates to a network data security technology, in particular to a data security technology of a virtual machine.
Background
The cloud computing platform has the characteristics of resource pooling, ubiquitous access, on-demand service, multi-tenant and the like, and computing resources (including networks, servers, storage, application software and services) are available at any time, any place and any need. The IT resource efficiency is greatly optimized. But at the same time brings new security threats due to the uncertainty of cloud tenants.
Because cloud tenants share storage and memory in the cloud computing platform, the storage and memory space allocated to a certain cloud tenant today may be allocated to another cloud tenant tomorrow, and therefore, protection measures for residual information need to be made. For safety, the cloud computing platform is required to perform complete data cleaning before storage and memory resources are reallocated to new cloud tenants, so that illegal malicious recovery is prevented.
However, at present, no effective method can effectively detect whether the residual information (including storage information and memory information) of the virtual machine is completely cleared, and the security of the cloud computing platform cannot be judged.
Disclosure of Invention
For the problems of the data clearing technology in the existing cloud computing platform, a technology capable of effectively detecting whether the residual information of the virtual machine is completely cleared is needed.
Therefore, the technical problem to be solved by the invention is to provide a method for detecting the removal of the residual information of the virtual machine, so as to realize effective and accurate detection on whether the residual information of the virtual machine of the cloud computing platform is completely removed.
In order to solve the technical problem, the detection method for clearing the residual information of the virtual machine provided by the invention comprises the steps of newly building a first virtual machine and a second virtual machine on a host machine, allocating a minimum storage space to the first virtual machine, and allocating other allocable storage spaces of the host machine to the second virtual machine; newly creating N text files on the first virtual machine and the second virtual machine at the same time, and writing the same random character strings; the first virtual machine is recovered through the cloud computing platform, a third virtual machine is newly built, and a storage space used by the original first virtual machine is allocated to the third virtual machine; searching a random character string in a text file of a second virtual machine in a hard disk of a third virtual machine, and judging whether the cloud computing platform clears the residual information of the storage space of the virtual machine;
or/and
the method comprises the steps that a first virtual machine and a second virtual machine are newly built on a host machine, the minimum memory space is distributed to the first virtual machine, and other distributable memory spaces of the host machine are distributed to the second virtual machine; newly building N text files on the first virtual machine and the second virtual machine at the same time, writing the same random character strings, and opening the N text files on the first virtual machine at the same time; the first virtual machine is recovered through the cloud computing platform, a third virtual machine is newly built, and the memory space used by the original first virtual machine is allocated to the third virtual machine; and searching a random character string in the text file of the second virtual machine in the memory of the third virtual machine, and judging whether the cloud computing platform clears the residual information in the memory space of the virtual machine.
In the present detection scheme, the random string is a 10240-bit random string.
In the present detection scheme, a minimum storage or memory space is allocated to the first virtual machine, so that the operating system on the first virtual machine can run.
In the detection scheme, other allocable memory space of the host is allocated to the second virtual machine, so that after the first virtual machine is released, all the occupied storage or memory space can be allocated to the new virtual machine.
In the detection scheme, N text files are newly built on a first virtual machine and a second virtual machine at the same time, the same random character strings are written, the N text files are kept in an open state, and after the first virtual machine releases the storage or memory space and is allocated to a third virtual machine, the random character strings written in the storage or memory space of the first virtual machine for verifying the residual information protection function of the cloud computing platform are automatically read.
In the detection scheme, N text files are newly created, so that misjudgment of the residual information clearing function of the virtual machine caused by storage of an operating system of a third virtual machine or coverage of a memory space is avoided.
In the detection scheme, when judging whether the cloud computing platform performs virtual machine storage or memory space residual information removal, if the content of the corresponding random character string can be restored by traversing the storage or memory space in the third virtual machine, the cloud computing platform is determined not to perform the residual information removal on the virtual machine storage or memory space, and only the operation of similarly releasing the file header pointer is performed; and if the content of the corresponding random character string cannot be restored by traversing the storage or memory space in the third virtual machine, determining that the cloud computing platform clears the residual information of the storage or memory space of the virtual machine.
The detection method provided based on the scheme can automatically detect the removal of the residual information of the virtual machine, can verify the residual information protection function of the cloud computing platform from two aspects of storage and memory, and ensures the safety of the cloud computing platform.
Detailed Description
In order to make the technical means, the creation characteristics, the achievement purposes and the effects of the invention easy to understand, the invention is further described with the specific examples.
It is known that when a file in an operating system is deleted, only the head pointer of this file is released, and the contents of all the memory spaces pointed to by the pointer are not cleared. When the tool is used for traversing the storage space and the deleted file is tried to be restored, the deleted file can be successfully restored.
The same is true of virtual machines on a cloud computing platform. Before the virtual machine is released and redistributed to other cloud tenants, if the cloud computing platform does not perform storage space clearing operation on the virtual machine, the storage space is distributed to other cloud tenants, and then the other cloud tenants can successfully recover files in the original virtual machine through a tool, so that personal privacy data of other people and business secrets of other companies can be maliciously acquired. Therefore, the residual information protection capability of the cloud computing platform is the basis for guaranteeing the data security of cloud tenants.
Therefore, the scheme provides a method for detecting whether the storage space and the memory space of the virtual machine are completely cleared. The detection method for clearing the residual information of the virtual machine mainly comprises the following steps:
step 1: newly building a first virtual machine 1 and a second virtual machine 2 on a host machine A, allocating a minimum storage space to the first virtual machine 1, and allocating other allocable storage spaces of the host machine A to the second virtual machine 2; newly creating n text files on the first virtual machine 1 and the second virtual machine 2 at the same time, and writing the same 10240-bit random character string; the first virtual machine 1 is recovered through the cloud computing platform, a third virtual machine 3 is newly built, and a storage space used by the original first virtual machine 1 is allocated to the third virtual machine 3; searching 10240 bit random character strings in the text file of the second virtual machine 2 in the hard disk of the third virtual machine 3, and thus judging whether the cloud computing platform clears the residual information of the storage space of the virtual machine;
step 2: newly building a first virtual machine 1 and a second virtual machine 2 on a host machine A, allocating a minimum memory space to the first virtual machine 1, and allocating other allocable memory spaces of the host machine A to the second virtual machine 2; newly creating n text files on the first virtual machine 1 and the second virtual machine 2 at the same time, writing the same 10240-bit random character string, and opening the n text files on the first virtual machine 1 at the same time; the first virtual machine 1 is recovered through the cloud computing platform, a third virtual machine 3 is newly built, and the memory space used by the original first virtual machine 1 is allocated to the third virtual machine 3; and searching 10240 bit random character strings in the text file of the second virtual machine 2 in the memory of the third virtual machine 3, so as to judge whether the cloud computing platform clears the residual information in the memory space of the virtual machine.
In the scheme, through the scheme in the step 1, whether the cloud computing platform has the residual information protection function of the storage space can be automatically and effectively judged.
In the scheme of step 1, 1) a first virtual machine 1 and a second virtual machine 2 are newly created on a host a, and a minimum storage space is allocated to the first virtual machine 1, so that an operating system on the first virtual machine 1 can run, and other allocable storage spaces of the host a are allocated to the second virtual machine 2.
Allocating a minimum storage space to the first virtual machine 1, so that all the storage spaces can be traversed at the fastest speed during the memory space traversal; meanwhile, due to the characteristic that the cloud computing platform dynamically allocates the storage space, other allocable storage spaces of the host machine A are allocated to the second virtual machine 2, so that after the first virtual machine 1 is released, all the storage spaces occupied by the first virtual machine can be allocated to the new virtual machine, and therefore the premise of checking the same storage space is provided for accurately judging whether the virtual machine storage space is cleared before being released and reallocated.
2) Newly creating n text files on the first virtual machine 1 and the second virtual machine 2 at the same time, and writing the same 10240-bit random character string; the first virtual machine 1 is recovered through the cloud computing platform, a third virtual machine 3 is newly built, and the storage space used by the original first virtual machine 1 is allocated to the third virtual machine 3.
N text files are newly created on the first virtual machine 1 and the second virtual machine 2 at the same time, and the same 10240-bit random character string is written, so that the 10240-bit random character string written in the storage space of the first virtual machine 1 for verifying the cloud computing platform residual information protection function can be automatically read after the first virtual machine 1 releases the storage space and is then allocated to the third virtual machine 3.
Furthermore, by newly creating n text files, misjudgment of the residual information clearing function of the storage space due to coverage of the storage space of the operating system of the third virtual machine 3 can be effectively avoided.
3) And searching 10240 bit random character strings in the text file of the second virtual machine 2 in the hard disk of the third virtual machine 3, so as to judge whether the cloud computing platform clears the residual information of the storage space of the virtual machine.
If the cloud computing platform does not clear the residual information of the storage space of the virtual machine, but only performs operations like releasing a file header pointer, in the third virtual machine 3, the contents of the 10240-bit random character string can be restored by traversing the storage space; on the contrary, if the cloud computing platform performs the remaining information removal on the storage space of the virtual machine, for example, the operations of filling the storage space with 0, filling the random number, and the like, in the third virtual machine 3, the content of the random character string with 10240 bits cannot be restored. Namely:
if the content of the 10240-bit random character string can be restored by traversing the storage space in the third virtual machine 3, the cloud computing platform is determined not to clear the residual information of the storage space of the virtual machine, and only the operation similar to the release of the file header pointer is performed; if the content of the 10240-bit random character string cannot be restored by traversing the storage space in the third virtual machine 3, the cloud computing platform is determined to perform residual information removal on the storage space of the virtual machine, for example, operations such as filling the storage space with 0, filling a random number, and the like are performed; therefore, the storage space residual information protection function of the cloud computing platform can be effectively detected.
By way of example, this can be achieved by the following specific algorithm:
Figure GDA0001286700090000051
it should be noted here that the determination process is not limited to the above algorithm.
In the scheme, whether the cloud computing platform has the residual information protection function of the memory space can be automatically and effectively judged through the scheme of the step 2.
In the scheme of step 2, 1) a first virtual machine 1 and a second virtual machine 2 are newly built on a host a, a minimum memory space is allocated to the first virtual machine 1, and other allocable memory spaces of the host a are allocated to the second virtual machine 2.
By allocating the minimum memory space to the first virtual machine 1, all the memory spaces can be traversed at the fastest speed during memory space traversal.
Furthermore, based on the characteristic that the cloud computing platform dynamically allocates the memory space, other allocable memory spaces of the host computer a are allocated to the second virtual machine 2, so that after the first virtual machine 1 is released, all the memory spaces occupied by the first virtual machine can be allocated to the new virtual machine, and therefore the premise of checking the same memory space is provided for accurately judging whether the memory spaces of the virtual machines are cleared or not before being released and reallocated.
2) N text files are simultaneously newly created on the first virtual machine 1 and the second virtual machine 2, the same 10240-bit random character string is written, and the n text files are simultaneously opened on the first virtual machine 1.
The text file is opened on the first virtual machine 1, so that the content in the text file is read into the memory.
Furthermore, text files are newly created on the first virtual machine 1 and the second virtual machine 2 at the same time, and the same 10240-bit random character string is written in, so that after the memory space of the first virtual machine 1 is released and then allocated to the third virtual machine 3, the 10240-bit random character string read in the memory space of the first virtual machine 1 for verifying the cloud computing platform residual information protection function is automatically read.
Furthermore, n text files are newly created, so that misjudgment of the memory space residual information clearing function caused by coverage of the memory space of the operating system of the third virtual machine 3 is avoided.
3) The first virtual machine 1 is recovered through the cloud computing platform, a third virtual machine 3 is newly built, and the memory space used by the original first virtual machine 1 is allocated to the third virtual machine 3; and searching 10240 bit random character strings in the text file of the second virtual machine 2 in the memory of the third virtual machine 3, so as to judge whether the cloud computing platform clears the residual information in the memory space of the virtual machine.
If the cloud computing platform does not clear the residual information of the memory space of the virtual machine, but performs operations like releasing a memory head pointer, in the third virtual machine 3, the contents of the 10240-bit random character string can be restored by traversing the memory space; on the contrary, if the cloud computing platform performs the remaining information removal on the memory space of the virtual machine, for example, the operations of filling the memory space with 0, filling the random number, and the like, the content of the 10240-bit random character string cannot be restored in the memory space of the third virtual machine 3. Namely:
if the content of the 10240-bit random character string can be restored by traversing the memory space in the third virtual machine 3, the cloud computing platform is determined not to clear the residual information of the memory space of the virtual machine, and only the operation similar to the release of the memory head pointer is performed; if the content of the 10240-bit random character string cannot be restored in the memory space of the third virtual machine 3, determining that the cloud computing platform has performed residual information removal on the memory space of the virtual machine, for example, performing operations such as filling the memory space with 0, filling a random number, and the like; therefore, the memory space residual information protection function of the cloud computing platform can be effectively detected.
By way of example, this can be achieved by the following specific algorithm:
Figure GDA0001286700090000061
it should be noted here that the determination process is not limited to the above algorithm.
Therefore, the scheme can automatically and effectively detect whether the storage space and the memory space of the virtual machine are completely cleared. Compared with the traditional detection method for clearing the residual information of the virtual machine, the method has the following advantages:
1. the traditional detection of clearing the residual information of the virtual machine only concerns whether the storage space is cleared or not, the clearing detection of the storage space is not involved, and the residual information protection capability of the cloud computing platform cannot be comprehensively and really detected.
2. Because the computer is adopted to automatically detect whether the memory and the storage space are cleared or not, the residual information protection capability of the cloud computing platform can be more quickly and comprehensively evaluated, and the safety of the cloud computing platform is ensured.
The foregoing shows and describes the general principles, essential features, and advantages of the invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (3)

1. A detection method for clearing residual information of a virtual machine is characterized in that,
newly building a first virtual machine and a second virtual machine on a host machine, and allocating a minimum hard disk space to the first virtual machine, so that an operating system on the first virtual machine can run, and allocating other allocable hard disk spaces of the host machine to the second virtual machine, so that after the first virtual machine is released, all the hard disk spaces occupied by the first virtual machine can be allocated to the new virtual machine, and the premise of accurately judging whether to clear and check the same hard disk space before the hard disk spaces of the virtual machines are released and reallocated is provided; newly building N text files on the first virtual machine and the second virtual machine at the same time, and writing the same random character strings to avoid misjudgment of the residual information clearing function of the virtual machines due to the coverage of the hard disk space of the operating system of the third virtual machine; the first virtual machine is recovered through the cloud computing platform, a third virtual machine is newly built, and the hard disk space used by the original first virtual machine is allocated to the third virtual machine; searching a random character string in a text file of a second virtual machine in a hard disk of a third virtual machine, and judging whether the cloud computing platform carries out virtual machine hard disk space residual information removal or not;
or/and
newly building a first virtual machine and a second virtual machine on a host machine, and allocating a minimum memory space to the first virtual machine, so that an operating system on the first virtual machine can run, and allocating other allocable memory spaces of the host machine to the second virtual machine, so that after the first virtual machine is released, all the memory spaces occupied by the first virtual machine can be allocated to the new virtual machine, and the premise of accurately judging whether the memory spaces of the virtual machines are cleared before being released and reallocated is provided for checking the same memory space; newly building N text files on the first virtual machine and the second virtual machine at the same time, writing the same random character strings, and opening the N text files on the first virtual machine at the same time so as to avoid misjudgment of the residual information clearing function of the virtual machine due to the coverage of the memory space of the operating system of the third virtual machine; the first virtual machine is recovered through the cloud computing platform, a third virtual machine is newly built, and the memory space used by the original first virtual machine is allocated to the third virtual machine; and searching a random character string in the text file of the second virtual machine in the memory of the third virtual machine, and judging whether the cloud computing platform clears the residual information in the memory space of the virtual machine.
2. The method according to claim 1, wherein the random string is a 10240 bit random string.
3. The method for detecting the removal of the residual information of the virtual machine according to claim 1, wherein when it is determined whether the cloud computing platform performs the removal of the residual information of the hard disk or the memory space of the virtual machine, if the content of the corresponding random character string can be restored by traversing the hard disk or the memory space in the third virtual machine, it is determined that the cloud computing platform does not perform the removal of the residual information of the hard disk or the memory space of the virtual machine, and only performs the operation of releasing the pointer of the file header; and if the contents of the corresponding random character strings cannot be restored by traversing the hard disk or the memory space in the third virtual machine, determining that the cloud computing platform clears the residual information of the hard disk or the memory space of the virtual machine.
CN201710136378.8A 2017-03-08 2017-03-08 Detection method for clearing residual information of virtual machine Active CN106919854B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710136378.8A CN106919854B (en) 2017-03-08 2017-03-08 Detection method for clearing residual information of virtual machine

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710136378.8A CN106919854B (en) 2017-03-08 2017-03-08 Detection method for clearing residual information of virtual machine

Publications (2)

Publication Number Publication Date
CN106919854A CN106919854A (en) 2017-07-04
CN106919854B true CN106919854B (en) 2021-04-30

Family

ID=59461169

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710136378.8A Active CN106919854B (en) 2017-03-08 2017-03-08 Detection method for clearing residual information of virtual machine

Country Status (1)

Country Link
CN (1) CN106919854B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111399988B (en) * 2020-04-08 2024-02-09 公安部第三研究所 Memory security detection system and method for cloud platform
CN112148228A (en) * 2020-09-29 2020-12-29 上海摩勤智能技术有限公司 Storage space release method, terminal and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104484606A (en) * 2014-12-05 2015-04-01 国云科技股份有限公司 Verification method for memory information confidentiality of virtualization platform

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104484606A (en) * 2014-12-05 2015-04-01 国云科技股份有限公司 Verification method for memory information confidentiality of virtualization platform

Also Published As

Publication number Publication date
CN106919854A (en) 2017-07-04

Similar Documents

Publication Publication Date Title
US10079835B1 (en) Systems and methods for data loss prevention of unidentifiable and unsupported object types
US10742665B2 (en) Systems and methods for modifying file backups in response to detecting potential ransomware
US9811674B2 (en) Data leakage prevention system, method, and computer program product for preventing a predefined type of operation on predetermined data
CN104239518B (en) Data de-duplication method and device
US8336100B1 (en) Systems and methods for using reputation data to detect packed malware
EP2988468A1 (en) Apparatus, method, and program
JP2013516679A (en) System and method for removing non-referenced data segments from a deduplicated data system
US9973525B1 (en) Systems and methods for determining the risk of information leaks from cloud-based services
CN106778275A (en) Based on safety protecting method and system and physical host under virtualized environment
US11032319B1 (en) Systems and methods for preparing honeypot computer files
CN106919854B (en) Detection method for clearing residual information of virtual machine
CN110070360B (en) Transaction request processing method, device, equipment and storage medium
Karresand et al. Using ntfs cluster allocation behavior to find the location of user data
KR20160099160A (en) Method of modelling behavior pattern of instruction set in n-gram manner, computing device operating with the method, and program stored in storage medium configured to execute the method in computing device
US9122869B1 (en) Systems and methods for detecting client types
US10735457B2 (en) Intrusion investigation
US10095706B2 (en) Data access system and data access method
US9519780B1 (en) Systems and methods for identifying malware
CN109214204A (en) Data processing method and storage equipment
US20180074733A1 (en) Performing preprocessing operations in anticipation of log file writes
WO2023026114A1 (en) Encryption monitor register and system
CN107391028B (en) Virtual volume authority control method and device
CN111563256A (en) Safe big data collection and storage method
CN105162765B (en) A kind of cloud data security implementation method sought survival based on docking
CN111125793B (en) Trusted verification method and system for object memory in access control

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant