Server-oriented safe firmware designing method

A technology of secure firmware and design method, applied in the server field

Active Publication Date: 2014-07-23
LANGCHAO ELECTRONIC INFORMATION IND CO LTD
View PDF0 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003]Because the BIOS is solidified on the system ROM chip, it basically completes the mission after the normal boot system starts, so the security of the system BIOS is relatively high, and because the BMC itself provides the standard IPMI protocol support, and various access methods such as WEB, SSH, RS232, TFTP, etc. These access methods leave many hidden dangers to malicious intruders. For example, intruders can directly obtain user login information by injecting malicious codes And system configuration information, you can also log in through SSH to obtain out-of-band management control of the server, so if these security risks are not repaired, it will inevitably bring great crises and risks to server access

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Server-oriented safe firmware designing method
  • Server-oriented safe firmware designing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0050] The other features and advantages of the present invention will be described below through an embodiment, and the purpose and advantages of the present invention can be clearly seen through the structures indicated in the accompanying drawings, and are easy to realize and obtain.

[0051] attached figure 1 For the implementation flow chart of the present invention based on WEB firmware security enhancement, as figure 1 As shown, it mainly includes WEBHTTPS security reinforcement, as well as eliminating the risk of malicious code injection on the WEB-side user interface based on HTTPS access, and managing functional modules by level and authority. The specific process is described as follows:

[0052] Step 1: WEBHTTPS security reinforcement, adding SSL / TLS on the basis of the original HTTP protocol, that is, adding a module for processing encrypted information. The information transmission of WEBClient and WEBServer will be encrypted by TLS before transmission. In thi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a server-oriented safe firmware designing method. The safety of firmware used for a server is guaranteed through various measures, and the remote WEB access safety of the server is mainly guaranteed through an Https-access mode. Access safety of users of different authority levels is controlled by managing the user authority of a function module, and malicious code injection points in an access interface are blocked. User names and passwords in firmware compiling and mirror image generating processes are subjected to an MD5 encryption algorithm, so that user information safety is improved. Safety protecting is carried out in the mode that authority is added to a module with a specific function and License is given to the module with the specific function. Third-party IPMI access safety is enhanced by shutting down the functions related to user authority adding, modifying and default in an IPMI protocol. External access safety of server firmware is enhanced by shutting down an access service program in a system.

Description

technical field [0001] The invention designs a server technology, specifically a server-oriented secure firmware design method. Background technique [0002] Servers play an important role in all aspects of today's society. Whether it is national defense, science and technology, education, finance and insurance, or banking, medical care, tobacco, and government enterprises, servers exist in almost all aspects that are closely related to our lives. There are many types of servers, from tower type to rack type, from blade type to RACK level, from single work to cluster cooperation, etc. Although their shapes and functions are different, they are all There is this very similar and very important component: the firmware system. The server firmware system usually refers to the system BIOS and the program solidified in the BMC with the baseboard management controller. System remote operation, system warning and system health monitoring, system fault diagnosis and repair, etc. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08G06F21/70
Inventor 陈刚
Owner LANGCHAO ELECTRONIC INFORMATION IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap