| With the development of computer technology and the popularization of Internet, PC platform has gradually become a basic component of network computing. The popularity of the Internet provides PC users a great convenience in daily work, study, entertainment, but it has also brought some security issues. On the one hand, users become more and more dependent on to download software from the Internet. It may contain malicious code and threat the security of system. On the other hand, because the existing operating system has security flaws in security, hacker can easily bypass the operating system's security mechanisms and invade users'PC platform through network.Traditional operating system does not provide users a good isolation mechanism. Users'important programs and data running in the operating system are under the threat of malicious code in system and network attack. In order to protect the security of users'important programs and data, reasonable security architecture need to be designed. On the one hand, it can isolate users'important programs and data from malicious code and network attack. On the other hand, it can meet the users'need in availability, flexibility, efficiency and so on.Because the traditional operating system has security flaws in security, this paper proposal the architecture of Multi Domain Security Virtual Personnel Computer, which is based on virtualization technology.First, this paper analyzes and compares the existing isolation mechanism's advantage and disadvantage in security and availability. Concluding that the isolation mechanism witch is based on virtualization can meet users'need mostly. Second, this paper analyzes the existing security architecture's features which are based on virtualization. These security architectures can not meet the needs of users in security. Based on the need in security, availability, flexibility, this paper proposal some constraint MDSV-PC should satisfy, and proposal the security model of MDSV-PC. Third, this paper proves that the security of all domain and MDSV-PC itself have been improved in the MDSV-PC security model. Finally, based on this model, this paper proposal the architecture of MDSV-PC which is independent of the operating system and have great portability.Because the isolation mechanism can't defense attacks inside domain, this paper design a behavior monitoring module based on MDSV-PC which has two functions, hidden process detection and process access memory monitor.This paper first analyzes the reasons why existing hidden process detection technology can't detect hidden process accurately. Based on these reasons, this paper designed a hidden process detection module and improved its accuracy. At the same time, this paper achieved the process access memory monitor. Record the behavior of the memory access.To sum up, this paper researches how to improve the system security but not reduce system availability and efficiency. It has some certain theoretical and application value in improving the security of PC platform. |
PDF Full Text Request