PXE trusted starting method for pre-starting execution environment of Shenwei server

A technology of execution environment and server, applied in the direction of program loading/starting, instruments, security communication devices, etc., can solve the problems of server damage, no PXE boot file security inspection, etc., to achieve the effect of improving security

Inactive Publication Date: 2019-11-15
BEIJING UNIV OF TECH
View PDF6 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, the server does not perform security inspection on the PXE boot file downloaded from the PXE server during the PXE boot process, and directly sta

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • PXE trusted starting method for pre-starting execution environment of Shenwei server
  • PXE trusted starting method for pre-starting execution environment of Shenwei server
  • PXE trusted starting method for pre-starting execution environment of Shenwei server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The present invention calculates the hash value for the PXE boot file when the PXE boot file is released and the server PXE starts, and compares them as the reference value and the measurement value respectively, and judges whether the PXE boot file has been tampered with, so as to prevent PXE at the PXE server end. The boot file is maliciously tampered with, ensuring the security of the server PXE boot and not being damaged by malware.

[0055] see figure 1 and Figure 6 , the specific implementation steps of the present invention include:

[0056] Step (1), install DHCP software on the PXE server, and set the local static IP address of the PXE server,

[0057] Step (2), install TFTP software on the PXE server, provide PXE boot file download service,

[0058] Step (3), compile PXE startup file bootloader, vlinux, boot.img and store to the root directory of TFTP software, calculate the hash value of PXE startup file as benchmark value and store in benchmark value sto...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a PXE trusted boot method for a pre-boot execution environment of a Shenwei server, and belongs to the field of safe and trusted boot of a server access network. The method ischaracterized in that in a system composed of a PXE server and a PXE client (Shenwei server), hash value of a PXE startup file is calculated as a reference value during publishing of a reference valuestorage module of a client. Then, the value is stored in the reference value storage module of the client. When the PXE client carries out PXE starting, the PXE client carries out PXE starting. The PXE startup file is downloaded from the PXE server. A trusted measurement module calculates a hash value of the PXE startup file by using a same hash algorithm. The hash value is used as a measurementvalue and is compared with a reference value. If the hash value is the same as the reference value, the PXE startup file is trusted, and if the hash value is not the same as the reference value, the PXE startup file is not trusted, and sends a warning signal. The PXE starting file is subjected to credible measurement, whether the PXE starting file is credible or not is judged, and the PXE startingsafety of the Shenwei server is improved.

Description

technical field [0001] The invention belongs to the field of server network security and trusted startup, and in particular relates to calculating the hash value of the PXE startup file as a reference value while publishing the PXE startup file, and storing the hash value in the reference value storage module to perform PXE trusted startup on the PXE client , first download the PXE boot file from the PXE server, and the trusted measurement module uses the same hash algorithm to calculate the hash value of the PXE boot file, as the measurement value, and compares it with the reference value, and judges whether the PXE boot file is based on the comparison result. believable. Background technique [0002] PXE (Preboot Execute Environment, pre-boot execution environment) is the latest technology developed by Intel Corporation. It works in the Client / Server network mode, supports workstations to download images from remote servers through the network, and thus supports booting th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F9/4401G06F9/445G06F21/56H04L9/08H04L9/32H04L29/08
CPCG06F9/4416G06F9/4451G06F21/56H04L67/02H04L67/06H04L67/1095H04L67/34H04L9/083H04L9/3236
Inventor 张建标刘国杰王凯郭雪松唐治中张硕
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products