Trusted starting method and device, electronic equipment and readable storage medium

A startup device and reliable technology, applied in the direction of safety communication device, program control device, computer security device, etc., can solve the problem of not satisfying the reliability of equipment safety and so on

Active Publication Date: 2020-06-30
SUZHOU LANGCHAO INTELLIGENT TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] At present, there is no implementation scheme that me

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trusted starting method and device, electronic equipment and readable storage medium
  • Trusted starting method and device, electronic equipment and readable storage medium
  • Trusted starting method and device, electronic equipment and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0084] See figure 1 , figure 1 A flow chart of a trusted startup method provided in an embodiment of this application includes the following steps:

[0085] S101: Extract the first key from IE FUSE;

[0086] Among them, IE FUSE supports only one data write. The first key is generated based on the IE startup parameters stored in the original IE FW. IE FW supports multiple data writes. IE FUSE and IE FW are different on the same Flash. Data storage block.

[0087] Since IE FUSE supports only one data write, the first key cannot be changed after it is written into IE FUSE. This application uses this specific second key in IE FW that stores IE startup parameters. Perform consistency comparison to determine whether the data stored in the IE FW has been tampered with.

[0088] S102: Extract the first signature from the IE FW, and generate a second key according to the first signature;

[0089] Wherein, the second key is generated based on the IE startup parameters stored in the current IE F...

Embodiment 2

[0101] The foregoing embodiment provides a solution for verifying whether the current IE startup parameters are trustworthy. According to the description of the application of IE in the background technology of this application, it can be seen that IE is a simplified BMC, which is integrated with BIOS in a Flash, based on the characteristics of IE, In the complete startup process of the device, IE will start before the BIOS, that is, after the IE startup is completed, the control will be transferred to the BIOS, and the BIOS will control the startup of the operating system. Therefore, although the BIOS startup parameters are unlikely to be tampered with when the IE startup parameters are trusted, in order to consider the possibility and precedent, this embodiment also adds the BIOS startup parameters to the first embodiment. Reliable verification of startup parameters to ensure as much as possible that this startup is safe and reliable.

[0102] See image 3 , image 3 The flowch...

Embodiment 3

[0112] This embodiment respectively passes as Figure 4 Show the flowchart and as Figure 5 The flow chart shown provides two different ways to verify whether the current BIOS startup parameters are trustworthy. They are distinguished by how the BIOS startup parameters are stored in the Flash, which will be introduced separately as follows:

[0113] See Figure 4 , Figure 4 The flowchart of a method for verifying whether the current BIOS startup parameters are credible among the trusted startup methods provided in the embodiments of this application includes the following steps:

[0114] S301: Extract the third key from IE FUSE;

[0115] Among them, the third key is generated based on the BIOS startup parameters stored in the initial BIOS startup parameter storage block, and the BIOS startup parameter storage block supports multiple data writes.

[0116] S302: Extract the second signature from the BIOS startup parameter storage block, and generate a fourth key according to the second ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a trusted starting method. The IE FUSE only supporting one-time data writing and the IE FW supporting multiple times of data writing are designed; therefore, the first key written into the IE FUSE cannot be tampered; and if the second secret key generated by the first signature extracted from the current IE FW is different from the first secret key, it is indicated that theIE starting parameter stored in the current IE FW is different from the IE starting parameter initially stored in the IE FW, namely, the IE starting parameter is tampered. In most cases, the IE starting parameters stored in the IE FW should not be tampered, so that once tampering is found, the potential safety hazard of malicious attack is considered to exist. The invention further discloses a trusted startup device, electronic equipment and a readable storage medium, which have the above beneficial effects.

Description

Technical field [0001] This application relates to the technical field of secure startup of portable network equipment, and in particular to a trusted startup method, device, electronic equipment, and readable storage medium. Background technique [0002] IE (Innovation Engine) is a PCH (Platform Controller Hub, Intel’s integrated south bridge) or SOC (System On Chip, chip-level system) embedded core system, based on a very small 32-bit kernel library , It is very similar to Intel's management system, but has its own privileges and input and output interface differences. IE is a streamlined BMC (Baseboard Management Controller, baseboard management controller) monitoring and management system with only part of IPMI (Intelligent Platform Management Interface), Redfish (a management standard for HTTPs services), LAN (network port) And other functions. [0003] With the advent of the 5G era, IoT communications are leading the world, and various small and medium-sized devices such as...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/51G06F9/4401H04L9/08H04L9/32
CPCG06F21/51G06F9/4416H04L9/0894H04L9/3226
Inventor 张兆义
Owner SUZHOU LANGCHAO INTELLIGENT TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap