A method and system for controlling root of trust in bios

A trusted root and trusted technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve the problems of threatening computer platform data security, not verifying the identity of trusted root, etc., to protect security and ensure legality. Effect

Active Publication Date: 2021-07-27
INSPUR SUZHOU INTELLIGENT TECH CO LTD
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At this stage, the BIOS only completes the initialization operation of the root of trust, and does not verify the identity of the root of trust. Once the root of trust in the computer platform is replaced by an uncontrolled root of trust, the subsequent programs in the computer platform still access or Using this root of trust, the system cannot be known and controlled at the first time, which will threaten the data security on the computer platform

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for controlling root of trust in bios
  • A method and system for controlling root of trust in bios
  • A method and system for controlling root of trust in bios

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to clearly illustrate the technical features of the present solution, the present invention will be described in detail below through specific implementation methods and in conjunction with the accompanying drawings. The following disclosure provides many different embodiments or examples for implementing different structures of the present invention. To simplify the disclosure of the present invention, components and arrangements of specific examples are described below. Furthermore, the present invention may repeat reference numerals and / or letters in different instances. This repetition is for the purpose of simplicity and clarity and does not in itself indicate a relationship between the various embodiments and / or arrangements discussed. It should be noted that components illustrated in the figures are not necessarily drawn to scale. Descriptions of well-known components and processing techniques and processes are omitted herein to avoid unnecessarily lim...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the present invention discloses a method and system for controlling a trusted root in BIOS, including certificate initialization and certificate verification, certificate initialization includes generating a trusted root hardware platform certificate, importing the hardware platform certificate into the trusted root, and hardware platform The certificate includes the information subject and signature value; after the BIOS initializes the trusted root, it verifies that the information subject in the hardware platform certificate is valid, indicating that the hardware platform certificate matches the trusted root, ensures that the hardware platform certificate is valid, and verifies that the signature in the hardware platform certificate is valid , indicating that the hardware platform certificate matches the manufacturer's public key fixed in the BIOS, ensuring that the hardware platform certificate is legal. In the present invention, after the trusted root is initialized, the BIOS verifies the identity of the trusted root, and judges whether to provide the trusted root function for subsequent running programs according to the verification result, so as to protect the safety of computer upper layer application data.

Description

technical field [0001] The invention relates to the technical field of computer information security, in particular to a method and system for controlling trusted roots in BIOS. Background technique [0002] Cryptographic security modules involve national information security, so countries have different requirements and restrictions on cryptographic security modules, and even only specific cryptographic security modules are allowed to be used in some important areas. The root of trust is a security component in the computer field, which can provide cryptographic functions for the computer system and protect information such as data in the computer platform. [0003] BIOS is the first program executed after the computer is powered on. It is responsible for the initialization operations of various hardware (such as graphics cards, sound cards, etc.), such as device detection, memory mapping, and other operations. The root of trust has a unified specification to constrain eac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06F21/64G06F21/44H04L9/08H04L9/32
CPCG06F21/44G06F21/572G06F21/64H04L9/0816H04L9/3263
Inventor 许鑫
Owner INSPUR SUZHOU INTELLIGENT TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products