| CPC H04L 63/0236 (2013.01) [H04L 61/35 (2013.01); H04L 63/126 (2013.01)] | 9 Claims |
|
1. A security method for securing network communication between containers by a terminal, the security method comprising:
a step of installing, in a first secure container in a host system, a Hyperion Secure Interface (HSI) for communication with a secure bridge included in a Network Interface Chip (NIC) through a manager module;
a step of changing a source address of a transmission packet to a specific token based on a map of the HSI through the manager module;
a step of delivering the transmission packet to the secure bridge included in the NIC through the HSI;
a step of determining whether the specific token of the transmission packet is valid; and
a step of changing the specific token to the source address and delivering the transmission packet to a target container when the specific token is valid,
wherein the target container is a second secure container included in the host system,
wherein the host system includes a host network container that directly uses a host network namespace of the host system, and
wherein the secure bridge is configured to provide physically isolated communication channels to the first secure container and the second secure container to prevent communication between the secure bridge and each of the first secure container and the second secure container from being exposed to the host network namespace.
|