CAJ | 학술논문

虚拟网络安全是云计算安全的重要组成。为了保障虚拟网络流量的可控性和安全性,文中提出了一种基于Ethsec加密压缩技术的安全虚拟网络解决方案。该方案设计了虚拟化安全层、虚拟化安全交换机、安全虚拟网络管理平台和安全虚拟网络密钥分发系统等组件,通过文中提出的Ethsec技术,采用国产商用密码算法SM2和SM4算法,对虚拟机的以太网MAC帧进行压缩和解密,实现虚拟化安全交换机对所有虚拟网络流量的监控和分析。
허의망락안전시운계산안전적중요조성。위료보장허의망락류량적가공성화안전성,문중제출료일충기우Ethsec가밀압축기술적안전허의망락해결방안。해방안설계료허의화안전층、허의화안전교환궤、안전허의망락관리평태화안전허의망락밀약분발계통등조건,통과문중제출적Ethsec기술,채용국산상용밀마산법SM2화SM4산법,대허의궤적이태망MAC정진행압축화해밀,실현허의화안전교환궤대소유허의망락류량적감공화분석。
The virtual network security is an important component of cloud computing security. In order to control and protect the virtual network traffic,a virtual network security solution based on Ethsec encrypted compression technology is proposed,and in this solution,virtual security layer,virtual security switch,security virtual network management platform and security virtual network key distribution center are designed. By the Ethsec technology,SM2 and SM4 algorithm,the Ethernet MAC frame transferred among between the virtual machines is compressed and encrypted,thus to realize the monitoring and analysis of all the virtual network traffic by virtual security switch.