Advanced SearchSearch Tips
Design and Implementation of a Physical Network Separation System using Virtual Desktop Service based on I/O Virtualization
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Design and Implementation of a Physical Network Separation System using Virtual Desktop Service based on I/O Virtualization
Kim, Sunwook; Kim, Seongwoon; Kim, Hakyoung; Chung, Seongkwon; Lee, Sookyoung;
IOV is a technology that supports one or more virtual desktops, and can share a single physical device. In general, the virtual desktop uses the virtual IO devices which are provided by virtualization SW, using SW emulation technology. Virtual desktops that use the IO devices based on SW emulation have a problem in which service quality and performance are declining. Also, they cannot support the high-end application operations such as 3D-based CAD and game applications. In this paper, we propose a physical network separation system using Virtual Desktop Service based on HW direct assignments to overcome these problems. The proposed system provides independent desktops that are used to access the intranet or internet using server virtualization technology in a physical desktop computer for the user. In addition, this system can also support a network separation without network performance degradation caused by inspection of the network packet for logical network separations and additional installations of the desktop for physical network separations.
server virtualization;IO virtualization;PCI passthrough;network separation system;virtual desktop;VDI;hypervisor;physical network separation;
 Cited by
J. Kwon, "Guide of Network Separation Soluton," Security World, pp. 50-55, Oct. 2011. (in Korean)

P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield, "Xen and the art of virtualization," Proc. of the 9th SOSP, pp. 164-177, Oct. 2003.

B. Liu, L. Lishen, and X. Qin, "Research on Hardware I/O Passthrough in Computer Virtualization," Proc. of ISCSCT 2010, pp. 353-356. Aug. 2010.

R. Pavlicek. (2014, Oct. 8). VTd How To [Online]. Available:

J. LIU, W. Huang, B. Abali, and D. K. Panda, "High Performance VMM-bypass I/O in virtual machines," Proc. of USENIX Annual Technical Conference, May. 2006.

B. H. Ng, B. Lau, and A. Prakash. (2009, July. 20). Direct Access to GraphicsCard Leveraging VT-d Technical Report [Online]. Available: 4b14d0232e2v/vgapt_techreport

Y. Schaeffer.(2009, Feb.01). Xen VGA passthrough [Online]. Available:

Comtree.(2014, May. 15). What is network separation PC from Comtree? [Online]. Available: