Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and device for controlling credible starting of a server

A technology for controlling a server and a target server, applied in the field of trusted startup of the control server, can solve the problems of increasing hardware overhead and cost, increasing development difficulty, etc.

Inactive Publication Date: 2019-05-21
北京西鼎众合技术有限公司
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The protection of BIOS based on trusted metrics is mainly divided into protection based on hardware such as TPM (Trusted Platform Module, Trusted Platform Module), TCM (Trusted Cryptography Module, Trusted Cryptographic Module) or other trusted firmware. Call the cryptographic algorithm inside the hardware to verify the code inside the BIOS. This type of method relies on additional hardware modules during use, and additional trusted hardware modules need to be added, which will increase hardware overhead and cost, and even need to be modified The underlying architecture of the server increases the difficulty of development

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for controlling credible starting of a server
  • A method and device for controlling credible starting of a server
  • A method and device for controlling credible starting of a server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0026] In one embodiment of the present invention, a method for controlling trusted startup of a server is provided, figure 1 It is a schematic diagram of the overall flow of the method for controlling the trusted startup of the server provided by the embodiment of the present invention, the method includes: S101, if the BIOS integrity reference v...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a method and device for controlling credible starting of a server. The method comprises the steps that if a BIOS integrity reference value of a target server exists in a BMC Flash of the target server, carrying out decryption operation on the reference value in the BMC Flash based on an SM4 symmetric cryptographic algorithm, and obtaining a decrypted reference value, Wherein the integrity reference value is obtained by measuring a complete code block of the BIOS in advance; Calculating a current execution code block of the BIOS in the target server based on an SM3 hash algorithm to obtain a metric value of the current execution code block; And if the metric value of the current execution code block is the same as the decrypted reference value, usingthe BMC in the target server to guide the BIOS to start. The method provided by the embodiment of the invention is simple, the credibility of the BIOS during starting can be effectively guaranteed, the original hardware structure of the BIOS can be kept unchanged without increasing any hardware cost, and the method has universal adaptability.

Description

technical field [0001] The embodiments of the present invention belong to the technical field of computer security, and more specifically, relate to a method and device for controlling trusted startup of a server. Background technique [0002] Today computer systems are widely used in people's daily life. The startup process of the computer is to run the BIOS (Basic Input Output System, Basic Input Output System) first, detect and configure the computer system, and then load the operating system and run the underlying firmware. The BIOS in a computer is usually stored in a non-volatile storage container such as flash memory, and the BIOS is often the target of viruses and hackers. At the same time, as a large computer, the server's BIOS is facing security issues. With the advent of big data and cloud computing, the security issues of BIOS are particularly prominent. [0003] BIOS security threats are divided into internal threats and external threats. Internal threats suc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06F21/60G06F9/4401
Inventor 王海洋
Owner 北京西鼎众合技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products