中文摘要：

关键信息系统的安全防护问题一直以来都是研究热点。围绕数据安全和恶意代码攻击等关键安全问题．以虚拟机监视器作为安全防护立足点，充分利用虚拟机监视器的拦截、隔离、I／O数据加解密等机制．构建了一种新的信息系统安全防护构架，详细阐述了安全防护框架的工作原理以及典型安全服务的构建方法。

英文摘要：

Security protection of critical information systems has been a hot research topic for several years. This paper analyzes the key security problems like data security and malicious code attack, and proposes a new information system security protection framework based on virtual machine monitors. The mechanism of interception, isolation and I/O encryption and decryption of virtual machine monitors is exploited. The working principles of this framework and the methods for the construction of classical security services are illustrated in detail.