Abstract: A secure interaction method includes receiving, by a processor, a secure processing request sent by an application program, where the application program operates in a normal mode, and the processor operates in the normal mode when receiving the secure processing request, switching, by the processor, from the normal mode to a secure mode according to the secure processing request, reading, by the processor operating in the secure mode, data information into a memory operating in the secure mode, where the data information is data that the processor operating in the secure mode generates after parsing the secure processing request, and controlling, by the processor operating in the secure mode, an accessed device to operate according to the data information stored in the memory operating in the secure mode.

Abstract: A monolithic catalyst used for a carbon dioxide hydrogenation reaction and a method for preparing the same. The catalyst comprises a carrier, a coating, and active components. The carrier is a honeycomb ceramic. The coating and the active components are separately applied to honeycomb ceramic hole walls from inside to outside. Moreover, each of the honeycomb ceramic holes is divided into an upper segment and a lower segment, and different active components are separately loaded on the two segments. The method for preparing the monolithic catalyst comprises first applying a coating to a honeycomb ceramic by means of impregnation to obtain a coating-containing carrier, and then applying active components to an upper segment and a lower segment of the coating-containing carrier successively by means of impregnation to obtain the monolithic catalyst.

Abstract: A data processing method and apparatus, where the method includes acquiring a first network data packet that is sent by a target application that runs in an untrusted execution domain, where the first network data packet includes a first identifier; acquiring, in a trusted execution domain, first data corresponding to the first identifier; generating, in the trusted execution domain, a second network data packet according to the first data and the first network data packet; performing, in the trusted execution domain, encryption on the second network data packet by using a first session key to acquire an encrypted second network data packet; and sending the encrypted second network data packet to the target server. The data processing method and apparatus in the embodiments of the present invention can effectively prevent an attacker from stealing data.

Abstract: The present disclosure provides an execution environment virtualization method. The method includes: creating an ordinary virtual machine and a trusted virtual machine for a user in the ordinary execution environment, where the ordinary virtual machine executes an ordinary application of the user, and the trusted virtual machine executes a security application of the user; allocating memories to the ordinary virtual machine and the trusted virtual machine; establishing a mapping relationship between an ordinary memory of the ordinary virtual machine and a physical memory, to obtain a first memory mapping table; and establishing a mapping relationship between a virtual physical memory of the trusted virtual machine and a physical memory, to obtain a second memory mapping table. Therefore, the ordinary application and the security application run in execution environments independent of each other, thereby ensuring data security of the user.

Abstract: A computer processing node is described that is configured to perform a control flow integrity (CFI) method on a protected process operating on the processing node. The CFI method includes intercepting a system call originating from execution of the protected process executing in the runtime environment. A fast path operating within a kernel of the computer system accesses, from a kernel memory, a processor trace packet corresponding to the system call. The fast path attempts to establish a match between the processor trace packet and a program control flow (edge) entry within a credit-labeled control flow graph (CFG) definition having an associated credit value. The credit value represents a degree to which the program control flow is credible.

Abstract: Disclosed is a method for preparing a copper-zinc-based catalyst used in synthesis of methanol through CO2 hydrogenation, and ultrasonic waves are used for control over crystalline phase's composition of a catalyst precursor. Further related to is a catalyst prepared by such a method. An amount of aurichalcite in an active catalyst precursor can be improved through the method, and the specific surface area of the metal copper in a reduced state catalyst is high. The catalyst presents high activity and hydrothermal stability, and promotes high space time yield of methanol in the synthesis of methanol through CO2 hydrogenation.

Abstract: The present disclosure relates to the field of information technologies and discloses a method and an apparatus for implementing virtual machine introspection. The method provided in the present disclosure may further include: determining to-be-checked data in a virtual machine; starting to read the to-be-checked data, saving a copy of the read to-be-checked data, and storing a storage address of the read to-be-checked data in a hardware transactional memory, so that the hardware transactional memory is capable of monitoring the read to-be-checked data according to the storage address; when the read to-be-checked data is modified, stop reading the to-be-checked data, and delete the copy; and when reading the to-be-checked data is completed and it is not detected that the read to-be-checked data is modified, performing security check on the copy. The method can be applied to virtual machine introspection.

Abstract: An isolation method for a management virtual machine and an apparatus, which resolves problems that performance of communication between service components is deteriorated, more resources are required for running a virtual machine, and security of the service components is relatively low. The method includes: acquiring a guest identifier; searching, according to the guest identifier, the management virtual machine for a kernel virtual machine; when the kernel virtual machine is not found in the management virtual machine, creating the kernel virtual machine in the management virtual machine; dividing a service provided for a guest virtual machine by the kernel virtual machine into multiple service components; and running the multiple service components in execution environments corresponding to permission of the service components, where the kernel virtual machine includes the multiple execution environments, and the multiple execution environment have different permission.

Abstract: A data protection method includes detecting whether critical code of an application has been called, with the critical code being used to access critical data; switching from a preconfigured first extended page table (EPT) to a preconfigured second EPT according to preset trampoline code corresponding to the critical code when an operating system calls the critical code using the first EPT, wherein memory mapping relationships of the critical data and the critical code are not configured in the first EPT, the memory mapping relationships of the critical data and the critical code are configured in the second EPT, and the critical data and the critical code are separately stored in independent memory areas; and switching from the second EPT back to the first EPT according to the trampoline code after calling and executing the critical code using the second EPT.

Abstract: Embodiments of the present disclosure disclose a secure communication method for a mobile terminal and a mobile terminal. The secure communication method may include: when a wireless communication connection is established between the mobile terminal and another mobile terminal, and the wireless communication connection meets a preset security processing trigger condition, prohibiting, by means of setting, a program in a common virtual kernel from accessing a shared memory between a secure virtual kernel and the common virtual kernel and accessing a peripheral that needs to be called for the wireless communication connection; performing, by using the secure virtual kernel, preset policy-based processing on communication content corresponding to the wireless communication connection; and outputting, by using the secure virtual kernel, communication content obtained by performing the preset policy-based processing.

Abstract: A data processing method and apparatus, where the method includes acquiring a first network data packet that is sent by a target application that runs in an untrusted execution domain, where the first network data packet includes a first identifier; acquiring, in a trusted execution domain, first data corresponding to the first identifier; generating, in the trusted execution domain, a second network data packet according to the first data and the first network data packet; performing, in the trusted execution domain, encryption on the second network data packet by using a first session key to acquire an encrypted second network data packet; and sending the encrypted second network data packet to the target server. The data processing method and apparatus in the embodiments of the present invention can effectively prevent an attacker from stealing data.

Abstract: Hydroxyethyl (methyl)acrylate is prepared by a process of a combination of a three-stage tubular reactor and a tower reactor, wherein, firstly, a catalyst, a polymerization inhibitor and (methyl) acrylic acid are mixed until the solids are dissolved, then mixed with a part of ethylene oxide and thereafter enter into a first tubular reactor for a reaction, a reaction liquid flowing out from the first tubular reactor is mixed with a certain amount of ethylene oxide and enters into a second tubular reactor for a reaction, a reaction liquid flowing out from the second tubular reactor is then mixed with a certain amount of ethylene oxide and thereafter enters into a third tubular reactor, and a reaction liquid flowing out from the third tubular reactor is then passed through a stage of an adiabatic tower reactor and aged such that a product liquid is obtained from extraction.

Abstract: A method, an apparatus, a terminal, and a server for synchronizing a terminal mirror are provided. The method includes: obtaining, by a terminal, multiple input events during running of application software; aggregating the multiple input events to obtain an aggregate event; and transmitting the aggregate event to the server, so that after parsing the aggregate event to obtain the multiple input events, the server processes the multiple input events by using a virtual machine that is of the terminal and set on the server, so as to obtain user data generated during the running of the application software. In the present invention, the terminal transmits the input events to the server in an event-driven manner, so that the server obtains the user data that is the same as that on the terminal that runs the application software, thereby ensuring that the server can back up complete user data.

Abstract: The present invention discloses a method, an apparatus, and a system for triggering virtual machine introspection, so as to provide a timely and effective security check triggering mechanism. In the present invention, data that needs to be protected is determined; the data that needs to be protected is monitored; and when it is determined that the data that needs to be protected is modified, virtual machine introspection is triggered. The present invention avoids a performance loss and a security problem that are brought about by regularly starting a virtual machine introspection system to perform a security check, and therefore, the present invention is more applicable.

Abstract: A data processing method and apparatus, where the method includes acquiring a first network data packet that is sent by a target application that runs in an untrusted execution domain, where the first network data packet includes a first identifier; acquiring, in a trusted execution domain, first data corresponding to the first identifier; generating, in the trusted execution domain, a second network data packet according to the first data and the first network data packet; performing, in the trusted execution domain, encryption on the second network data packet by using a first session key to acquire an encrypted second network data packet; and sending the encrypted second network data packet to the target server. The data processing method and apparatus in the embodiments of the present invention can effectively prevent an attacker from stealing data.

Abstract: Hydroxyethyl (methyl)acrylate is prepared by a process of a combination of a three-stage tubular reactor and a tower reactor, wherein, firstly, a catalyst, a polymerization inhibitor and (methyl) acrylic acid are mixed until the solids are dissolved, then mixed with a part of ethylene oxide and thereafter enter into a first tubular reactor for a reaction, a reaction liquid flowing out from the first tubular reactor is mixed with a certain amount of ethylene oxide and enters into a second tubular reactor for a reaction, a reaction liquid flowing out from the second tubular reactor is then mixed with a certain amount of ethylene oxide and thereafter enters into a third tubular reactor, and a reaction liquid flowing out from the third tubular reactor is then passed through a stage of an adiabatic tower reactor and aged such that a product liquid is obtained from extraction.

Abstract: A secure interaction method includes receiving, by a processor, a secure processing request sent by an application program, where the application program operates in a normal mode, and the processor operates in the normal mode when receiving the secure processing request, switching, by the processor, from the normal mode to a secure mode according to the secure processing request, reading, by the processor operating in the secure mode, data information into a memory operating in the secure mode, where the data information is data that the processor operating in the secure mode generates after parsing the secure processing request, and controlling, by the processor operating in the secure mode, an accessed device to operate according to the data information stored in the memory operating in the secure mode.

Abstract: The present disclosure relates to the field of information technologies and discloses a method and an apparatus for implementing virtual machine introspection. The method provided in the present disclosure may further include: determining to-be-checked data in a virtual machine; starting to read the to-be-checked data, saving a copy of the read to-be-checked data, and storing a storage address of the read to-be-checked data in a hardware transactional memory, so that the hardware transactional memory is capable of monitoring the read to-be-checked data according to the storage address; when the read to-be-checked data is modified, stop reading the to-be-checked data, and delete the copy; and when reading the to-be-checked data is completed and it is not detected that the read to-be-checked data is modified, performing security check on the copy. The method can be applied to virtual machine introspection.

Abstract: Disclosed is a method for preparing a copper-zinc-based catalyst used in synthesis of methanol through CO2 hydrogenation, and ultrasonic waves are used for control over crystalline phase's composition of a catalyst precursor. Further related to is a catalyst prepared by such a method. An amount of aurichalcite in an active catalyst precursor can be improved through the method, and the specific surface area of the metal copper in a reduced state catalyst is high. The catalyst presents high activity and hydrothermal stability, and promotes high space time yield of methanol in the synthesis of methanol through CO2 hydrogenation.

Abstract: A data processing method and apparatus, where the method includes acquiring a first network data packet that is sent by a target application that runs in an untrusted execution domain, where the first network data packet includes a first identifier; acquiring, in a trusted execution domain, first data corresponding to the first identifier; generating, in the trusted execution domain, a second network data packet according to the first data and the first network data packet; performing, in the trusted execution domain, encryption on the second network data packet by using a first session key to acquire an encrypted second network data packet; and sending the encrypted second network data packet to the target server. The data processing method and apparatus in the embodiments of the present invention can effectively prevent an attacker from stealing data.