CN102289622A - Trusted startup method based on authentication policy file and hardware information collection - Google Patents
Trusted startup method based on authentication policy file and hardware information collection Download PDFInfo
- Publication number
- CN102289622A CN102289622A CN2011102575724A CN201110257572A CN102289622A CN 102289622 A CN102289622 A CN 102289622A CN 2011102575724 A CN2011102575724 A CN 2011102575724A CN 201110257572 A CN201110257572 A CN 201110257572A CN 102289622 A CN102289622 A CN 102289622A
- Authority
- CN
- China
- Prior art keywords
- policy file
- certification policy
- information
- verification
- hardware device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a trusted startup method based on an authentication policy file and hardware information collection. When a computer terminal device is electrified and started, the terminal is authenticated according to the preset authentication policy file; at first the authentication policy file is read and then information of hardware devices is collected; and each hardware device item is verified according to the authentication policy file and after the verification is successful, the computer terminal device is started credibly. If the verification fails, the authentication policy file which is not applied is searched; if the authentication policy file which is not applied exists, a new authentication policy file is used for new verification; and the procedure is the same until no authentication policy file exist. The method of the invention does not have to interact with an authentication server and other devices and the terminal device is authenticated locally so that the terminal device is ensured to run in a trusted physical environment and the safety of an information system is ensured. The authentication policy file can be flexibly configured according to the diversity of authentication requirements, thus the safety requirement of the information system can be met in a changeable situation.
Description
Technical field
The invention belongs to the computer terminal authentication techniques, relate in particular to terminal device local authentication technology, specifically is a kind of credible starting up's method based on certification policy file and hardware information collection.Be used to guarantee that the terminal infosystem starts under believable environment.
Background technology
Set about from application mostly for the safeguard protection of computer information system at present; as technology such as authentication, access control, data encryption, security audit, network firewall, antivirus softwares; these technology all need to be based upon on the software and hardware bottom facilities; if bottom facilities is all destroyed, invasion, above-mentioned technology all can lose should effect.Therefore, only take measures, more effectively the safety of guarantee information system at the software and hardware bottom of infosystem.Therefore need authenticate terminal device, guarantee that it moves under believable physical environment.
The optional equipment of a similar certificate server of the common needs of prior art is finished the authentication to terminal device, lack local authentication ability, can not guarantee under the situation about losing efficacy that terminal moves being connected under believable physical environment with certificate server to terminal device; The identifying procedure relative fixed of prior art can not be made corresponding change flexible and efficiently when the terminal device authentication demand changes simultaneously, is difficult to satisfy flexible and changeable authentication demand.
Summary of the invention
At the problems referred to above, the invention provides a kind of credible starting up's method based on certification policy file and hardware information collection, to improve the local authentication ability, satisfy flexible and changeable authentication demand.
Implementation of the present invention is to be terminal equipment configuration certification policy file under trusted context, be stored in the terminal security zone, this strategy file indicate each hardware device item that terminal need authenticate, every verification type and between logical relation, and comprise the proof test value of each hardware device item, once credible starting up's process as shown in Figure 1, concrete steps are as follows:
(1) terminal device powers up startup;
(2) collect hardware device information, according to the certification policy file that has disposed terminal device is authenticated, authenticating step includes:
2.1) read the certification policy file, if there is not the certification policy file carry out step 2.7), if there is the certification policy file carry out step 2.2);
2.2) collection hardware device information;
2.3) according to the certification policy file each hardware device item is carried out verification, verification succeeds carry out step 2.6), otherwise record verification failure relevant information carry out step 2.4);
2.4) if not application authorization strategy file is arranged, then use new certification policy file repeating step 2.2), otherwise carry out step 2.5);
2.5) if do not reach set repeat to authenticate number of times, show that authentication failure message prompting user carries out corresponding operating, waits for certain hour repeating step 2.2), stand-by period length is specifically set with experience as required, otherwise carry out step 2.8);
2.6) the terminal device authentication success, by authentication, the credible startup of infosystem;
2.7) there is not the certification policy file, do not carry out terminal device authentication, infosystem starts, and this situation belongs to common startup, can not guarantee that terminal device moves under trusted context, can not the credible startup of guarantee information system;
2.8) the terminal device authentication failure, default treatment, for example: shut down, report an error to the keeper;
(3) if terminal device is by authenticating, the guarantee information system starts under trusted context; If authentification failure carries out respective handling.
The present invention is after terminal device powers up startup, before infosystem starts, collect hardware device information, according to the certification policy file that has disposed it is carried out verification, promptly carry out the local authentication of terminal device, the assurance terminal is moved under believable physical environment, guarantee that infosystem starts under believable environment, effectively the safety of guarantee information system.
By configuration certification policy file, can realize the terminal device local authentication, need not to connect network and server interaction, higher degree ground guarantees that terminal device moves the guarantee information security of system under trusted context; By disposing the certification policy file neatly, under the situation that does not need the higher-security energy, do not dispose the certification policy file, infosystem starts in normal way, needing under the situation of high safety performance, according to real needs configuration certification policy file, the credible startup of guarantee information system.
Realization of the present invention also is: the certification policy file is according to request for utilization configuration flexibly, and its number is indefinite, as long as satisfy a certification policy file, just can guarantee that terminal starts operation under believable physical environment, with the credible startup of guarantee information system.
For a terminal, have a plurality of certification policy files simultaneously, represent the demand of various authentications, as long as satisfy one of them certification policy file, terminal device is with regard to authentication success.
The present invention is according to different running environment or different demand for security, and authentication details is different, and fixing identifying procedure obviously can not satisfy various authentication demand, and disposing a plurality of certification policy files neatly can well address this problem.Usually terminal is according to fixing certification policy file commonly used of demand configuration, and can revise the certification policy file flexibly along with running environment or demand for security change, when special requirement is arranged, can dispose a plurality of new certification policy files to satisfy special authentication demand.
Realization of the present invention also is: the verification of record failure relevant information is divided into two kinds step 2.3): a kind of for equating the verification failure information, the hardware device of insertion is undesirable, please change a correct hardware device; A kind ofly this hardware device should be do not inserted, this hardware device please be changed for not waiting verification failure information.The present invention is divided into two kinds with the verification relevant information of failing, and two kinds of verification types in the corresponding certification policy file respectively are to satisfy processing requirements.
Realization of the present invention also is: step 2.3), the process that once authenticates comprises:
2.3.1) at a certain hardware device, judge whether the needs verification according to the certification policy file, carry out step 2.3.2 as the needs verification), otherwise carry out step 2.3.3);
2.3.2) extract the hardware device information collect, compare according to the verification type of corresponding hardware information item in the certification policy file and the corresponding proof test value in the certification policy file, if meet the certification policy documentation requirements, this hardware check success, carry out step 2.3.3), otherwise carry out step 2.3.5);
2.3.3) do not handle as also having hardware device, then at the next one hardware device repeating step 2.3.1 that is untreated), otherwise carry out step 2.3.4);
2.3.4) verification succeeds;
2.3.5) the verification failure, record verification failure relevant information.
Corresponding certification policy file once authenticates.
Realization of the present invention also is: the certification policy documentation requirements above-mentioned steps 2.3.2) is: if the certification policy documentation requirements equates verification to this hardware device, the cryptographic hash of the hardware device information of then collecting is identical with the proof test value of corresponding hardware device item in the certification policy file; If the certification policy documentation requirements carries out not waiting verification to this hardware device, the cryptographic hash of the hardware device information of then collecting is different with the proof test value of corresponding hardware device item in the certification policy file.
The present invention can satisfy various authentication demand.Equal verification is equivalent to password authentication, need insert specific movable storage device during such as the credible startup of a certain terminal, and for example flash disk can be opened Yishanmen as a key and guarantee the terminal device clean boot; Do not wait verification can finish wider authentication needs, do not allow to insert any movable storage device during such as the credible startup of a certain terminal.
The present invention has the following advantages compared with prior art:
1. the present invention is stored in the terminal device owing to the certification policy file, do not need with equipment such as certificate servers mutual, can finish authentication in this locality, guarantee that terminal device moves under believable physical environment, guarantee the security of computer information system terminal device.
2. the present invention adopts the authentication mode based on the certification policy file, is not limited to certain fixing identifying procedure, at the variation of authentication demand or the situation that the terminal device authentication demand has change, can dispose the certification policy file flexibly to satisfy the authentication demand.
Description of drawings
Fig. 1 is the credible starting up's process flow diagram that the present invention is based on certification policy file and hardware information collection;
Fig. 2 is the general flow chart of terminal device authentication of the present invention;
Fig. 3 carries out the process flow diagram of hardware device information checking according to some certification policy files for the present invention.
Embodiment
Embodiment 1
The present invention is a kind of credible starting up's method based on certification policy file and hardware information collection.It under trusted context terminal equipment configuration certification policy file, be stored in the terminal security zone, this strategy file indicate each hardware device item that terminal need authenticate, every verification type and between logical relation, and comprise the proof test value of each hardware device item, once credible starting up's detailed process is as follows:
(1) terminal device powers up startup, and terminal device is often referred to computing machine.
(2) collect hardware device information, according to the certification policy file that has disposed terminal device is authenticated, authenticating step includes:
2.1) read the certification policy file, if there is not the certification policy file carry out step 2.7), if there is the certification policy file carry out step 2.2).
The certification policy file is pre-configured, and this strategy file indicates the hardware device item that terminal need authenticate, every verification type and every between logical relation, and preserve the proof test value of each hardware device item.
But certification policy file flexible configuration as required.The certification policy file disposes a plurality of according to flexible request for utilization, generally, only need certification policy file of configuration such as special-purpose or fixing the use, a plurality of certification policy files of possible configuration use to satisfy flexibly under the situation that specific demand or environmental change are arranged.When a plurality of certification policy file of configuration, the present invention is as long as satisfy a certification policy file, and terminal just can authentication success, and the guarantee information system is with regard to credible startup.
The certification policy file has one in this example, it is hard disk, internal memory and the movable storage device that inserts by USB interface that strategy file indicates each hardware device item that terminal need authenticate, strategy file also indicates every verification that all equates, every between logical relation be logical and.Each hardware device item proof test value is the check information of hard disk, internal memory and the USB interface movable storage device of appointment.
2.2) collection hardware device information.
2.3) according to the certification policy file each hardware device item is carried out verification, verification succeeds carry out step 2.6), otherwise record verification failure relevant information carry out step 2.4).Verification failure relevant information is divided into two kinds: a kind of for equating the verification failure information, the hardware device of insertion is undesirable, please change a correct hardware device; A kind ofly this hardware device should be do not inserted, this hardware device please be changed for not waiting verification failure information.
The process that once authenticates comprises:
2.3.1) at a certain hardware device, judge whether the needs verification according to the certification policy file, carry out step 2.3.2 as the needs verification, otherwise carry out step 2.3.3).
2.3.2) extract the hardware device information collect, compare according to the verification type of corresponding hardware information item in the certification policy file and the corresponding proof test value in the certification policy file, if meet the certification policy documentation requirements, this hardware check success, carry out step 2.3.3), otherwise carry out step 2.3.5).Certification policy documentation requirements wherein is: if the certification policy documentation requirements equates verification to this hardware device, the cryptographic hash of the hardware device information of then collecting is identical with the proof test value of corresponding hardware device item in the certification policy file; If the certification policy documentation requirements carries out not waiting verification to this hardware device, the cryptographic hash of the hardware device information of then collecting is different with the proof test value of corresponding hardware device item in the certification policy file.
2.3.3) do not handle as also having hardware device, then at the next one hardware device repeating step 2.3.1 that is untreated), otherwise carry out step 2.3.4).
2.3.4) verification succeeds.
2.3.5) the verification failure, record verification failure relevant information.
2.4) if not application authorization strategy file is arranged, then use new certification policy file repeating step 2.2), otherwise carry out step 2.5).
2.5) if do not reach set repeat to authenticate number of times, show that authentication failure message prompting user carries out corresponding operating, waits for certain hour repeating step 2.2), stand-by period length is specifically set with experience as required, otherwise carry out step 2.8).
2.6) the terminal device authentication success, by authentication, the credible startup of infosystem.
2.7) there is not the certification policy file, do not carry out terminal device authentication, infosystem starts.This situation belongs to common startup, can not guarantee that terminal device moves under trusted context, can not the credible startup of guarantee information system.
2.8) the terminal device authentication failure, default treatment.Default treatment can be provided with according to demand, as shutting down, reporting an error to the keeper.
(3) if terminal device is by authenticating, the guarantee information system starts under trusted context; If authentification failure carries out respective handling.
The present invention has utilized the authentication mode of certification policy file, but certification policy file flexible configuration, a plurality of configurations are disposed corresponding certification policy file according to concrete use needs, realize the safety guarantee of infosystem under the changeable demand for security by the computer terminal local authentication.
Credible starting up's method of collecting based on certification policy file and hardware information is with embodiment 1.
(the kernel version: the concrete developing example 2.6.18) is described specific implementation of the present invention to be combined in linux operating system CentOS 5.3.
A concrete terminal device authentication process is implemented as follows as shown in Figure 2:
2.1) the certification policy file is kept at/root/hw in, read this file with the access authentication strategy file, its directory address is deposited among the strategy file tabulation policy_dir_list, if there is not the certification policy file carry out step 2.7), if there is the certification policy file carry out step 2.2).
2.2) collection hardware device information, the hardware device information of difference collecting and treating apparatus (CPU), PC, BIOS, mainboard (Motherboard), internal memory (MEM), USB, hard disk (HDD), network interface card (NIC), be kept in the relevant hardware facility information object, and deposit the pointer of point at objects in hardware device information list HWLIST_[10] _ continuous item in, specifically each hardware device information gathering mode is as follows:
Obtain CPU information: cpu information is obtained by carrying out this instruction of cpuid.The cpuid instruction is the assembly instruction that obtains CPU information under the intel IA32 framework, can obtain cpu type, model, manufacturer's information, trademark information, sequence number, the thing that a series of CPU such as buffer memory are relevant.Cpuid uses eax as input parameter, eax, and ebx, ecx, edx is as output parameter.Such as, can obtain eax=0 as input parameter manufacturer's information of CPU.Obtain these information being coupled together carry out Hash then, and these information are deposited in the CPU_INFO object after each information of cpu by carrying out cpuid.
Obtain PC, BIOS, Mother board, MEM information: DMI is the abbreviation of English word Desktop Management interface, Desktop Management Interface just, it contains the configuration information relevant for system hardware, the each startup of computing machine all carries out verification to the DMI data, if these data are made mistakes or hardware changes to some extent, if computing machine thinks normally to start one that just must satisfy in following two conditions in this case, first condition is that the hardware that computing machine is more corrected one's mistakes is replaced with original hardware again, and to be the user that has super authority on this TV station computing machine to configuration information change allowing that the hardware that inserts is changed for second condition.The chief component of DMI is Management Information Format (MIF) database, this database has comprised all information about computer system and accessory, and by DMI, we can obtain sequence number, manufacturer computer, Serial Port Information and other system accessory information.In this patent, we use dump memory method, it can make user's dump internal storage data, we can obtain every information of PC, BIOS, Mother board and MEM like this, respectively every information of each hardware is coupled together and carry out Hash, and itself and the essential information of each hardware are deposited among corresponding separately hardware device information object PC_INFO, BIOS_INFO, MOTHER_BOARD_INFO, the MEM_DEVICE_INFO together.
Obtain USB information: USB information leaves in/proc/bus/usb/devices in, by reading the manufacturer information of this file with USB device, product information and sequence number read out, and these information are coupled together carry out Hash then, and these information are deposited in the USB_INFO object.
Obtain HDD information: HDD information generally is placed on/dev/had ,/dev/sda in, read model that these two files can obtain HDD with sequence number, these information are coupled together carry out Hash then, and these information are deposited in the HDD_INFO object.
Obtain NIC information: NIC information generally is placed on/sys/class/net in, read the various information that this file can obtain NIC, the information of obtaining is coupled together carry out Hash then, and these information are deposited in the NIC_INFO object.
2.3) obtain the certification policy file according to the directory address of storing among the Policy List policy_dir_list, carry out the verification of hardware device item according to the certification policy file, verification succeeds carry out step 2.6), otherwise carry out step 2.4).
2.4) if also have the certification policy file of not using among the Policy List policy_dir_list, then use new certification policy file repeating step 2.2), otherwise carry out step 2.5).
2.5) if the terminal device authentication number of times that had carried out do not reach set repeat to authenticate number of times (OSSTART_CHK_RETRY_TIMES), show the failure information of this verification and point out the user to carry out corresponding operating, wait for certain hour repeating step 2.2), stand-by period length is specifically set with experience as required, this example is set at 30 seconds, otherwise carry out step 2.8).
2.6) the terminal device authentication success, by authentication, the credible startup of operating system.
2.7) there is not the certification policy file, do not carry out terminal device authentication, os starting.This situation belongs to common startup, can not guarantee that terminal device moves under trusted context, can not guarantee the credible startup of operating system.
2.8) the terminal device authentication failure, default treatment.Promptly shut down, report an error to the keeper.
Described step 2.1) in, each certification policy file saves as a file, require the hardware device item message file of verification in the conversation strategy, its filename comprises the hardware device sign, as cpuid/NOTcpuid, usbid/NOTusbid etc., hardware device item and the verification type thereof of representing required authentication are preserved the cryptographic hash that all information of corresponding hardware device couple together, i.e. its proof test value in each file.Tactful literature kit contains three hardware device item files in this example, and filename is respectively hddid, memid and usbid.
Described step 2.5) in, the verification failure information of demonstration divides two kinds:
Equate the verification failure information, Lack ofproper hardware identifier .Consider change a correct one.
Do not wait the verification failure information, Invalid hardware identifier .Consider change it.
Described step 2.3) in, the verification of hardware device item is carried out according to the order of CPU, PC, BIOS, Mother board, Memory, HDD, NIC, USB, and detailed process is implemented as follows as shown in Figure 3:
2.3.1) verification is from CPU, searches in applied certification policy file whether the hardware device item file that comprises cpuid in the filename is arranged, and as crossing the step of carrying out 2.3.2 arranged), otherwise show [CPU Check Not Set], carry out step 2.3.3).
2.3.2) continuous item _ HWLIST_[HWPRT_CPU by hardware information tabulation] obtain the cryptographic hash of CPU facility information, compare according to the verification type of corresponding hardware information item in the certification policy file and the corresponding proof test value in the certification policy file, if meet the strategy file requirement, the CPU verification succeeds, show [CPU Check OK], carry out step 2.3.3), otherwise show [CPU Check Failed], carry out step 2.3.5).
2.3.3) do not handle as also having hardware device, then at the next one hardware device repeating step 2.3.1 that is untreated), otherwise carry out step 2.3.4).
2.3.4) verification succeeds.
2.3.5) the verification failure, record verification failure relevant information.
Described step 2.3.2) in, the certification policy documentation requirements is: if comprise NOT (promptly not waiting verification) in the hardware device item filename, cryptographic hash in the file will with from _ HWLIST_[10] the cryptographic hash of the hardware device information obtained different, if do not comprise NOT (promptly equate to verification) in the hardware device item filename, the cryptographic hash in the file will with from _ HWLIST_[10] the cryptographic hash of the hardware device information obtained identical.
Credible starting up's method of collecting based on certification policy file and hardware information is with embodiment 1,2.
Computing machine uses correct hard disk, internal memory and USB interface movable storage device starting up, through step 2.1), 2.2), 2.3), 2.6) the computing machine authentication success, the credible startup of operating system.
Computing machine uses correct hard disk and internal memory and wrong USB interface movable storage device starting up, process step 2.1), 2.2), 2.3), 2.4), 2.5), the computing machine authentification failure shows the verification failure information: Lack of proper USB device.Consider change a correct one.
Operate according to the verification failure information: if change correct USB interface movable storage device, through step 2.1), 2.2), 2.3), 2.6) the computing machine authentication success, the credible startup of operating system; If do not change correct USB interface movable storage device, through step 2.1), 2.2), 2.3), 2.4), 2.5), authentification failure repeats verification process, reach repeat to authenticate number of times after, the computing machine authentification failure shuts down and notifies the keeper.
The present invention can carry out local authentication to terminal, do not needing to connect under the situation of certificate server, collect the assurance terminal by certification policy file and hardware information and under the physical environment of safety, move, guarantee to run on the credible startup of infosystem on the terminal.
Embodiment 4
Credible starting up's method of collecting based on certification policy file and hardware information is with embodiment 1,2,3.
Because work requirements needs a more jumbo USB interface movable storage device, disposes a new certification policy file.It is hard disk, internal memory and the movable storage device that inserts by USB interface that strategy file indicates each hardware device item that terminal need authenticate, and strategy file also indicates every verification that all equates, every between logical relation be logical and.Each hardware device item proof test value is the check information of hard disk, internal memory and a jumbo USB interface movable storage device of appointment.
This computer-chronograph has two certification policy files, satisfies one of them certification policy file when needing only start and just can guarantee the credible startup of operating system.
Computing machine uses the USB interface movable storage device starting up of correct hard disk, internal memory and low capacity, through step 2.1), 2.2), 2.3), 2.6) the computing machine authentication success, the credible startup of operating system.
Computing machine uses correct hard disk, internal memory and jumbo USB interface movable storage device starting up, through step 2.1), 2.2), 2.3), 2.4), 2.2), 2.3), 2.6) the computing machine authentication success, the credible startup of operating system.
Computing machine uses correct hard disk and internal memory and wrong USB interface movable storage device starting up, process step 2.1), 2.2), 2.3), 2.4), 2.5), the computing machine authentification failure shows the verification failure information: Lack of proper USB device.Consider change a correct one.
Operate according to the verification failure information: if change one of two correct USB interface movable storage devices, through step 2.1), 2.2), 2.3), 2.6) or 2.1), 2.2), 2.3), 2.4), 2.2), 2.3), 2.6) the computing machine authentication success, the credible startup of operating system; If do not change one of two correct USB interface movable storage devices, through step 2.1), 2.2), 2.3), 2.4), 2.5), authentification failure repeats verification process, reach repeat to authenticate number of times after, the computing machine authentification failure shuts down and notifies the keeper.
But the present invention has the advantage of flexible configuration certification policy file, at the authentic authentication method, as flexible configuration effectively, will have influence on the efficient of system, loses actual using value.Dispose one or more certification policy files neatly according to concrete operating position, the authentication demand that can satisfy various authentication demand and change flexibly, the efficient of assurance authentication, availability is strong.
Embodiment 5
Credible starting up's method of collecting based on certification policy file and hardware information is with embodiment 1-4.
The present invention guarantees the credible startup of the infosystem on the terminal device, and terminal device is often referred to computing machine, and infosystem is often referred to operating system.
Infosystem is subjected to a lot of security threats at present; for example various computer viruses are at user cipher and user data etc.; the safety of much protecting infosystem at the software approach of above-mentioned security threat is also arranged simultaneously; but the security threat from hardware device does not obtain good treatment; computing machine just has not been in unsafe state when also entering infosystem, even if there are sophisticated software safeguard procedures to be difficult to the safety of guarantee information system very much yet.
The saboteur can use special USB movable storage device, keyboard, mouse or hard disk to insert computing machine, obtains various confidential information in operating system, causes user's loss in various degree.The present invention is directed to the security threat that this dangerous hardware device causes, behind computer starting, before the os starting, with experience the hardware device of sensitivity is carried out local authentication according to demand, guarantee to start the operating system under the physical environment of safety, the hardware device of stopping various danger produces security threat to operating system.
Claims (5)
1. credible starting up's method of collecting based on certification policy file and hardware information, it is characterized in that: under trusted context, be terminal equipment configuration certification policy file, be stored in the terminal security zone, this strategy file indicate each hardware device item that terminal need authenticate, every verification type and between logical relation, and comprise the proof test value of each hardware device item, once credible starting up's detailed process is as follows:
(1) terminal device powers up startup;
(2) collect hardware device information, according to the certification policy file that has disposed terminal device is authenticated, authenticating step includes:
2.1) read the certification policy file, if there is not the certification policy file carry out step 2.7), if there is the certification policy file carry out step 2.2);
2.2) collection hardware device information;
2.3) according to the certification policy file each hardware device item is carried out verification, verification succeeds carry out step 2.6), otherwise record verification failure relevant information carry out step 2.4);
2.4) if not application authorization strategy file is arranged, then use new certification policy file repeating step 2.2), otherwise carry out step 2.5);
2.5) if do not reach set repeat to authenticate number of times, show that authentication failure message prompting user carries out corresponding operating, waits for certain hour repeating step 2.2), stand-by period length is specifically set with experience as required, otherwise carry out step 2.8);
2.6) the terminal device authentication success, by authentication, the credible startup of infosystem;
2.7) there is not the certification policy file, do not carry out terminal device authentication, infosystem starts, and this situation belongs to common startup, can not guarantee that terminal device moves under trusted context, can not the credible startup of guarantee information system;
2.8) the terminal device authentication failure, default treatment, for example: shut down, report an error to the keeper;
(3) if terminal device is by authenticating, the guarantee information system starts under trusted context; If authentification failure carries out respective handling.
2. credible starting up's method of collecting based on certification policy file and hardware information according to claim 1, it is characterized in that: the certification policy file is according to request for utilization configuration flexibly, its number is indefinite, as long as satisfy a certification policy file, just can guarantee that terminal starts operation under believable physical environment, with the credible startup of guarantee information system.
3. credible starting up's method of collecting based on certification policy file and hardware information according to claim 1, it is characterized in that: the verification of record failure relevant information is divided into two kinds described step 2.3): a kind of for equating the verification failure information, the hardware device that inserts is undesirable, please change a correct hardware device; A kind ofly this hardware device should be do not inserted, this hardware device please be changed for not waiting verification failure information.
4. according to claim 1 based on credible starting up's method of certification policy file and hardware information collection, it is characterized in that: described step 2.3), the process that once authenticates comprises:
2.3.1) at a certain hardware device, judge whether the needs verification according to the certification policy file, carry out step 2.3.2 as the needs verification), otherwise carry out step 2.3.3);
2.3.2) extract the hardware device information collect, compare according to the verification type of corresponding hardware information item in the certification policy file and the corresponding proof test value in the certification policy file, if meet the certification policy documentation requirements, this hardware check success, carry out step 2.3.3), otherwise carry out step 2.3.5);
2.3.3) do not handle as also having hardware device, then at the next one hardware device repeating step 2.3.1 that is untreated), otherwise carry out step 2.3.4);
2.3.4) verification succeeds;
2.3.5) the verification failure, record verification failure relevant information.
5. the credible starting up's method as collecting based on certification policy file and hardware information as described in the claim 4, it is characterized in that: the certification policy documentation requirements described step 2.3.2) is: if the certification policy documentation requirements equates verification to this hardware device, the cryptographic hash of the hardware device information of then collecting is identical with corresponding hardware device item proof test value in the certification policy file; If the certification policy documentation requirements carries out not waiting verification to this hardware device, the cryptographic hash of the hardware device information of then collecting is different with corresponding hardware device item proof test value in the certification policy file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110257572.4A CN102289622B (en) | 2011-09-01 | 2011-09-01 | Trusted startup method based on authentication policy file and hardware information collection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110257572.4A CN102289622B (en) | 2011-09-01 | 2011-09-01 | Trusted startup method based on authentication policy file and hardware information collection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102289622A true CN102289622A (en) | 2011-12-21 |
| CN102289622B CN102289622B (en) | 2015-01-28 |
Family
ID=45336038
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110257572.4A Expired - Fee Related CN102289622B (en) | 2011-09-01 | 2011-09-01 | Trusted startup method based on authentication policy file and hardware information collection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102289622B (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103425932A (en) * | 2013-08-09 | 2013-12-04 | 华为终端有限公司 | Signature calibration method and terminal device |
| CN104636655A (en) * | 2015-02-06 | 2015-05-20 | 电子科技大学 | Credibility verifying method of hot plug device |
| CN104782099A (en) * | 2012-11-21 | 2015-07-15 | 三菱电机株式会社 | Method and system for authenticating at least one terminal requesting access to at least one resource |
| CN105988831A (en) * | 2015-02-09 | 2016-10-05 | 联想(上海)信息技术有限公司 | System startup method and device and electronic equipment |
| CN108256330A (en) * | 2016-12-29 | 2018-07-06 | 联想(上海)信息技术有限公司 | Facility information safeguard method and device |
| CN103942478B (en) * | 2013-01-22 | 2019-04-05 | 浙江安科网络技术有限公司 | A kind of authentication and right management method and equipment |
| CN105528538B (en) * | 2014-09-28 | 2019-06-11 | 酷派软件技术(深圳)有限公司 | The starting method and starter of terminal system |
| CN110135130A (en) * | 2019-04-25 | 2019-08-16 | 武汉虹信通信技术有限责任公司 | A kind of embedded device software tamper-resistant method and system |
| CN110515914A (en) * | 2019-08-27 | 2019-11-29 | 广州市金其利信息科技有限公司 | A kind of Log security deriving method based on self-help terminal equipment |
| CN110781465A (en) * | 2019-10-18 | 2020-02-11 | 中电科技(北京)有限公司 | BMC remote identity verification method and system based on trusted computing |
| CN111767149A (en) * | 2020-06-29 | 2020-10-13 | 百度在线网络技术(北京)有限公司 | Scheduling method, device, equipment and storage equipment |
| CN112560120A (en) * | 2020-11-25 | 2021-03-26 | 深圳市金泰克半导体有限公司 | Secure memory bank and starting method thereof |
| CN117056879A (en) * | 2023-10-13 | 2023-11-14 | 西安热工研究院有限公司 | Distributed control system trusted policy start-stop authorization method and system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101315656A (en) * | 2007-05-28 | 2008-12-03 | 株式会社东芝 | Information processing apparatus |
| CN101373437A (en) * | 2007-04-10 | 2009-02-25 | 标准微系统公司 | Accessing safety memory by embedded controller to increase system safety |
-
2011
- 2011-09-01 CN CN201110257572.4A patent/CN102289622B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101373437A (en) * | 2007-04-10 | 2009-02-25 | 标准微系统公司 | Accessing safety memory by embedded controller to increase system safety |
| CN101315656A (en) * | 2007-05-28 | 2008-12-03 | 株式会社东芝 | Information processing apparatus |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104782099A (en) * | 2012-11-21 | 2015-07-15 | 三菱电机株式会社 | Method and system for authenticating at least one terminal requesting access to at least one resource |
| CN103942478B (en) * | 2013-01-22 | 2019-04-05 | 浙江安科网络技术有限公司 | A kind of authentication and right management method and equipment |
| CN103425932B (en) * | 2013-08-09 | 2017-02-01 | 华为终端有限公司 | Signature calibration method and terminal device |
| CN103425932A (en) * | 2013-08-09 | 2013-12-04 | 华为终端有限公司 | Signature calibration method and terminal device |
| CN105528538B (en) * | 2014-09-28 | 2019-06-11 | 酷派软件技术(深圳)有限公司 | The starting method and starter of terminal system |
| CN104636655A (en) * | 2015-02-06 | 2015-05-20 | 电子科技大学 | Credibility verifying method of hot plug device |
| CN105988831A (en) * | 2015-02-09 | 2016-10-05 | 联想(上海)信息技术有限公司 | System startup method and device and electronic equipment |
| CN108256330A (en) * | 2016-12-29 | 2018-07-06 | 联想(上海)信息技术有限公司 | Facility information safeguard method and device |
| CN110135130B (en) * | 2019-04-25 | 2021-03-12 | 武汉虹信科技发展有限责任公司 | Method and system for preventing embedded equipment software from being modified |
| CN110135130A (en) * | 2019-04-25 | 2019-08-16 | 武汉虹信通信技术有限责任公司 | A kind of embedded device software tamper-resistant method and system |
| CN110515914A (en) * | 2019-08-27 | 2019-11-29 | 广州市金其利信息科技有限公司 | A kind of Log security deriving method based on self-help terminal equipment |
| CN110515914B (en) * | 2019-08-27 | 2021-09-24 | 广州市金其利信息科技有限公司 | Log safety export method based on self-service terminal equipment |
| CN110781465A (en) * | 2019-10-18 | 2020-02-11 | 中电科技(北京)有限公司 | BMC remote identity verification method and system based on trusted computing |
| CN110781465B (en) * | 2019-10-18 | 2022-04-19 | 中电科技(北京)股份有限公司 | BMC remote identity verification method and system based on trusted computing |
| CN111767149A (en) * | 2020-06-29 | 2020-10-13 | 百度在线网络技术(北京)有限公司 | Scheduling method, device, equipment and storage equipment |
| CN111767149B (en) * | 2020-06-29 | 2024-03-05 | 百度在线网络技术(北京)有限公司 | Scheduling method, device, equipment and storage equipment |
| CN112560120A (en) * | 2020-11-25 | 2021-03-26 | 深圳市金泰克半导体有限公司 | Secure memory bank and starting method thereof |
| CN112560120B (en) * | 2020-11-25 | 2024-04-05 | 深圳市金泰克半导体有限公司 | Secure memory bank and method for starting secure memory bank |
| CN117056879A (en) * | 2023-10-13 | 2023-11-14 | 西安热工研究院有限公司 | Distributed control system trusted policy start-stop authorization method and system |
| CN117056879B (en) * | 2023-10-13 | 2024-01-30 | 西安热工研究院有限公司 | Distributed control system trusted policy start-stop authorization method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102289622B (en) | 2015-01-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102289622B (en) | Trusted startup method based on authentication policy file and hardware information collection | |
| US20210294516A1 (en) | Secure Application Acceleration System and Apparatus | |
| US10740468B2 (en) | Multiple roots of trust to verify integrity | |
| Costin et al. | A {Large-scale} analysis of the security of embedded firmwares | |
| EP3805968B1 (en) | Technologies for secure hardware and software attestation for trusted i/o | |
| US9455955B2 (en) | Customizable storage controller with integrated F+ storage firewall protection | |
| CN102792307B (en) | The system and method for NS software is provided in virtual environment | |
| US7788730B2 (en) | Secure bytecode instrumentation facility | |
| CN106682497B (en) | The system and method for secure execution code under supervisor mode | |
| RU2321055C2 (en) | Device for protecting information from unsanctioned access for computers of informational and computing systems | |
| CN107003866A (en) | The safety establishment of encrypted virtual machine from encrypted template | |
| US9338012B1 (en) | Systems and methods for identifying code signing certificate misuse | |
| CN103793654A (en) | Server active management technology (AMT) assisted secure boot | |
| GB2512376A (en) | Secure execution of software modules on a computer | |
| KR101369251B1 (en) | Apparatus, method, terminal and system for recovery protection of system files | |
| US9384353B2 (en) | System and method for encryption of disk based on pre-boot compatibility testing | |
| CN104361298A (en) | Method and device for information safety and confidentiality | |
| CN114547656A (en) | Intel SGX-based two-stage remote certification method in cloud environment | |
| US11409541B2 (en) | Systems and methods for binding secondary operating system to platform basic input/output system | |
| Banas | Cloud forensic framework for iaas with support for volatile memory | |
| US20220413936A1 (en) | Software containers | |
| CN112445705A (en) | Software running system, method, device, computer equipment and storage medium | |
| CN202077041U (en) | Trusted system based on USB (Universal Serial Bus) secure storage encryption card | |
| Huang et al. | Research on Linux trusted boot method based on reverse integrity verification | |
| Heiser et al. | What if you could actually trust your kernel? |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information |
Inventor after: Li Xinghua Inventor after: Meng Xianjia Inventor after: Ma Jianfeng Inventor after: Zhang Liang Inventor after: Lu Di Inventor after: Guo Chaohui Inventor after: Yang Li Inventor after: Wang Yichuan Inventor after: Deng Jingjing Inventor after: Yue Pan Inventor before: Li Xinghua Inventor before: Meng Xianjia Inventor before: Ma Jianfeng Inventor before: Zhang Liang Inventor before: Lu Di Inventor before: Guo Chaohui Inventor before: Yang Li Inventor before: Wang Yichuan Inventor before: Deng Jingjing Inventor before: Yue Pan |
|
| CB03 | Change of inventor or designer information | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150128 Termination date: 20200901 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |