CN103268434A - Embedded type system and remote injection running method thereof - Google Patents
Embedded type system and remote injection running method thereof Download PDFInfo
- Publication number
- CN103268434A CN103268434A CN2013102244595A CN201310224459A CN103268434A CN 103268434 A CN103268434 A CN 103268434A CN 2013102244595 A CN2013102244595 A CN 2013102244595A CN 201310224459 A CN201310224459 A CN 201310224459A CN 103268434 A CN103268434 A CN 103268434A
- Authority
- CN
- China
- Prior art keywords
- target device
- long
- information
- range injection
- injection device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to the technical field of embedded type systems, and discloses an embedded type system and a remote injection running method thereof. The system comprises remote injection equipment and target equipment which are separated physically, wherein the remote injection equipment comprises a first communication unit and a storage unit; the target equipment comprises a second communication unit and an execution unit; connection is established between the first communication unit and the second communication unit when the embedded type system works; and information in the storage unit is remotely injected in the execution unit for running, wherein the information is automatically lost after power down of an internal memory of the execution unit. The system is divided into two physically separated assemblies, and functional software of corresponding equipment can be guaranteed not to be stolen under the condition that the equipment is lost, so that the confidentiality of the equipment is improved. Moreover, through the embedded type system and the remote injection running method thereof, the corresponding equipment can be guaranteed not to be used by other people under the condition of no authorization, so that the security of the equipment is improved.
Description
Technical field
The present invention relates to the embedded system technology field, particularly a kind of embedded system and long-range injection operation method thereof.
Background technology
Along with integrated circuit and development of computer, embedded system also gradually on traditional industrial control equipment or the household electrical appliance integrated control module develop into the individual devices with more demonstrations and control function, all might see the figure of embedded system in the various electronic equipments that use in the daily life.Such as, current most consumption electronic products, especially on the small-sized digital product, all be to rely on that the exclusive volume of embedded system is little, low in energy consumption, cost low and advantage just realized in limited space its complicated and various function such as systemic-function is customizable.
Because the personal information that these electronic equipments can be installed some special softwares or recording user mostly, can produce many potential safety hazards in case lose, by illegal operation, special software is replicated, revises or decompiling such as equipment, stolen or propagation of personal information etc.; Therefore a lot of electronic equipments have higher safety and privacy requirements, need effectively prevent other people the illegal use under the unauthorized situation.The possibility that is cracked in view of the safety operation that is provided by software purely is bigger, security in the electronic equipment at present mainly relies on safety chip to authorize or data encryption realizes, but use safety chip to increase system on the one hand and realize cost, volume and power consumption to product also has considerable influence on the other hand, and is not suitable in the embedded system.
Summary of the invention
(1) technical matters that will solve
At the above-mentioned defective of prior art, the present invention provides a kind of embedded system and long-range injection operation method thereof in order to solve the technical matters how safety guarantee is provided for embedded system.
(2) technical scheme
For achieving the above object, the present invention adopts following technical scheme:
On the one hand, the invention provides a kind of embedded system, described system comprises: physically separated long-range injection device and target device, wherein,
Described long-range injection device comprises first communication unit and storage unit, and described target device comprises second communication unit and performance element; Between first communication unit and second communication unit, connect during the work of described embedded system, the information remote in the described storage unit is injected to described performance element operation, have after the power down drop-out automatically in the wherein said performance element.
Preferably, described connection is wired form or wireless.
Preferably, also comprise grouting socket in the described target device, described grouting socket further comprises decision logic and upgrading unit, wherein,
Described decision logic is judged the information that receives from described long-range injection device, when information is can carry out just to be transferred to described performance element operation when using, when information is system data, be transferred to described upgrading unit described target device is carried out dynamic-configuration or firmware upgrade.
Preferably, also can comprise authenticating unit in the described long-range injection device, be used for authorization conditions and the device type of target device are judged, from described storage unit, select suitable information to transmit.
Preferably, corresponding at least one target device of described long-range injection device.
Preferably, after described long-range injection device was finished the long-range injection operation of functional software to target device, long-range injection device and target device physically broke away from.
Preferably, described system also comprises management equipment, during the operation of described management equipment and first communication unit of described long-range injection device connect, should be used for described long-range injection device is read and write configuration by operational management.
On the other hand, the present invention also provides a kind of long-range injection operation method of embedded system simultaneously, and described method comprises step:
S21) long-range injection device and target device are carried out physical connection, and the operation that powers on;
S22) by long-range injection device, the information that target device is required (can carry out and use or system data) is injected in the performance element of target device and moves;
S23) after the target device outage, the information that is injected in the performance element is lost automatically.
Preferably, between step S21, S22, also comprise step:
S211) long-range injection device carries out authentication according to the system information of target device, determines whether target device has the access authority, if authority is arranged, judges further which information target device can obtain.
Preferably, step S22 further comprises step:
S221) target device is judged the information that receives from long-range injection device, when information is can carry out just to be transferred to the performance element operation when using, then target device is carried out dynamic-configuration or firmware upgrade when information is system data.
(3) beneficial effect
In the solution of the present invention, by being physically-isolated two assemblies with system divides, can guarantee that the functional software of relevant device is not stolen under the situation of this device losses, thereby improve the confidentiality of equipment.In addition, by the present invention, can guarantee that relevant device can't be used by other people, has improved the security of equipment under undelegated situation.
Description of drawings
Fig. 1 is the structural representation of embedded system in the one embodiment of the invention;
Fig. 2 is the method flow synoptic diagram of the long-range injection operation of embedded system in the another embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment is a part of embodiment of the present invention, rather than whole embodiment.Based on the embodiment among the present invention, the every other embodiment that those of ordinary skills obtain under the prerequisite of not making creative work belongs to the scope of protection of the invention.
In order under the prerequisite that guarantees the dirigibility that embedded system is used, to provide higher security, the present invention is arranged to physically separated two assemblies with embedded system, any single component can't independently use, and the user carries out on the assembly of main operation and does not keep critical data, and the assembly that keeps critical data does not possess executive capability.In this way, random component is lost and can not had any impact to system, thereby has guaranteed security and the reliability of whole embedded system.
In one embodiment of the invention, as shown in Figure 1, embedded system comprises long-range injection device 1 and target device 2, two equipment physically separate, only connect in use, wherein, long-range injection device 1 comprises first communication unit 101 and storage unit 102, target device 2 comprises second communication unit 201 and performance element 202, connect at first communication unit 101 and 201 of second communication unit during embedded system work, information remote in the storage unit 102 is injected to performance element 202 operation, wherein performance element 202 in exist and do not keep any information (namely inject give the information power down of performance element 202 then lose automatically) after the power down.
Wherein, the type of attachment between long-range injection device 1 and the target device 2 can be wired form, also can be wireless.Generally, in case target device lose, can be because its distance have exceeded the join domain of long-range injection device and can't connect, thus ensure information security or prevent undelegated illegal use.More preferably, after long-range injection device was finished the long-range injection operation of functional software to target device, long-range injection device and target device can physically break away from, and come further to guarantee the security of connection thus.
In the preferred embodiment of the invention, also comprise grouting socket 203 in the target device 2, grouting socket further comprises decision logic 204 and upgrading unit 205,204 pairs of information that receive from long-range injection device 1 of decision logic are judged, when information is can carry out just to be transferred to performance element 202 operations when using, when information is system data, be transferred to 205 pairs of target devices in upgrading unit 2 and carry out dynamic-configuration or firmware upgrade.Such as, when the communication application program upgrading of using when first communication unit of target device or configuration change, also be to upgrade or configuration data is transferred to target device by long-range injection device, this moment, these data were just no longer by the performance element operation, upgraded or disposed but transfer to the upgrading unit.
In addition, also can comprise authenticating unit 103 in the long-range injection device 1, be used for authorization conditions and the device type of target device are judged, from storage unit 102, select suitable information to transmit.For instance, long-range injection device can corresponding one or more target devices, wherein store the data of each target device, and data comprises the version number of the authority of target device, the tabulation that can inject information, system data etc.; When target device connects, system information according to target device self is carried out authentication, determines whether target device has the access authority, if authority is arranged, judge further which information target device can obtain, and subsequently the authorization message corresponding with target device is transferred to target device.Like this, in case certain target device is lost, even it still can connect with long-range injection device under opposite extreme situations, also only need to rewrite the authority of this target device in the long-range injection device, can guarantee that this target device can't obtain any information from long-range injection device again, can ensure information security or prevent undelegated illegal use equally.
Itself does not possess executive capability long-range injection device, obtains long-range injection device separately and can not directly carry out read-write operation to it, and this has guaranteed wherein security of stored information.In preferred embodiment of the present invention, maintenance to long-range injection device is finished by management equipment, management equipment can be a kind of specific target device, its same first communication unit with long-range injection device connects, using (can be the application that management equipment carries, also can be the application of obtaining from long-range injection device by higher authority) by operational management comes long-range injection device is read and write configuration.
In another preferred embodiment of the present invention, as shown in Figure 2, the long-range injection operation method that adopts said system to carry out embedded system comprises step:
S21) long-range injection device and target device are carried out physical connection, and the operation that powers on;
S22) by long-range injection device, the information that target device is required (can carry out and use or system data) is injected in the performance element of target device and moves;
S23) after the target device outage, the information that is injected in the performance element is lost automatically.
Further, in the preferred embodiment of Fig. 2, between step S21, S22, also comprise step:
S211) long-range injection device carries out authentication according to the system information of target device self, determines whether target device has the access authority, if authority is arranged, judges further which information target device can obtain.
Step S22 further comprises step:
S221) target device is judged the information that receives from long-range injection device, when information is can carry out just to be transferred to the performance element operation when using, then target device is carried out dynamic-configuration or firmware upgrade when information is system data.
In the solution of the present invention, by being physically-isolated two assemblies with system divides, can guarantee that the functional software of relevant device is not stolen under the situation of this device losses, thereby improve the confidentiality of equipment.In addition, by the present invention, can guarantee that relevant device can't be used by other people, has improved the security of equipment under undelegated situation.
Above embodiment only is used for explanation the present invention; and be not limitation of the present invention; the those of ordinary skill in relevant technologies field; under the situation that does not break away from the spirit and scope of the present invention; can also make a variety of changes and modification; therefore all technical schemes that are equal to also belong to category of the present invention, and scope of patent protection of the present invention should be defined by the claims.
Claims (10)
1. an embedded system is characterized in that, described system comprises: physically separated long-range injection device and target device, wherein,
Described long-range injection device comprises first communication unit and storage unit, and described target device comprises second communication unit and performance element; Between first communication unit and second communication unit, connect during the work of described embedded system, the information remote in the described storage unit is injected to described performance element operation, have after the power down drop-out automatically in the wherein said performance element.
2. system according to claim 1 is characterized in that, described connection is wired form or wireless.
3. system according to claim 1, it is characterized in that, also comprise grouting socket in the described target device, described grouting socket further comprises decision logic and upgrading unit, wherein, described decision logic is judged the information that receives from described long-range injection device, when information is can carry out just to be transferred to described performance element operation when using, is transferred to described upgrading unit when information is system data described target device is carried out dynamic-configuration or firmware upgrade.
4. system according to claim 1 is characterized in that, also can comprise authenticating unit in the described long-range injection device, is used for authorization conditions and the device type of target device are judged, selects suitable information to transmit from described storage unit.
5. system according to claim 1 is characterized in that, corresponding at least one target device of described long-range injection device.
6. system according to claim 1 is characterized in that, after described long-range injection device was finished the long-range injection operation of functional software to target device, long-range injection device and target device physically broke away from.
7. system according to claim 1, it is characterized in that, described system also comprises management equipment, during the operation of described management equipment and first communication unit of described long-range injection device connect, should be used for described long-range injection device is read and write configuration by operational management.
8. long-range injection operation method as each described embedded system among the claim 1-7 is characterized in that described method comprises step:
S21) long-range injection device and target device are carried out physical connection, and the operation that powers on;
S22) by long-range injection device, the information that target device is required is injected in the performance element of target device and moves;
S23) after the target device outage, the information that is injected in the performance element is lost automatically.
9. method according to claim 8 is characterized in that, also comprises step between step S21, S22:
S211) long-range injection device carries out authentication according to the system information of target device, determines whether target device has the access authority, if authority is arranged, judges further which information target device can obtain.
10. method according to claim 8 is characterized in that, step S22 further comprises step:
S221) target device is judged the information that receives from long-range injection device, when information is can carry out just to be transferred to the performance element operation when using, then target device is carried out dynamic-configuration or firmware upgrade when information is system data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013102244595A CN103268434A (en) | 2013-06-07 | 2013-06-07 | Embedded type system and remote injection running method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013102244595A CN103268434A (en) | 2013-06-07 | 2013-06-07 | Embedded type system and remote injection running method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103268434A true CN103268434A (en) | 2013-08-28 |
Family
ID=49012062
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013102244595A Pending CN103268434A (en) | 2013-06-07 | 2013-06-07 | Embedded type system and remote injection running method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103268434A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106844061A (en) * | 2015-12-03 | 2017-06-13 | 腾讯科技(深圳)有限公司 | Shared resource treating method and apparatus |
| CN107704756A (en) * | 2017-09-26 | 2018-02-16 | 晶晨半导体(上海)股份有限公司 | Safe checking method and system before a kind of system upgrade |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2751360Y (en) * | 2004-09-08 | 2006-01-11 | 北京融通高科科技发展有限公司 | A CPU card meter |
| CN1780466A (en) * | 2004-11-17 | 2006-05-31 | 华为技术有限公司 | Service controlling method in virtual exchange system |
| US20080040786A1 (en) * | 2006-08-14 | 2008-02-14 | Samsung Electronics Co., Ltd. | Client computer, remote control system, and remote control method |
| CN102065148A (en) * | 2011-01-12 | 2011-05-18 | 无锡网芯科技有限公司 | Memory system access authorizing method based on communication network |
-
2013
- 2013-06-07 CN CN2013102244595A patent/CN103268434A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2751360Y (en) * | 2004-09-08 | 2006-01-11 | 北京融通高科科技发展有限公司 | A CPU card meter |
| CN1780466A (en) * | 2004-11-17 | 2006-05-31 | 华为技术有限公司 | Service controlling method in virtual exchange system |
| US20080040786A1 (en) * | 2006-08-14 | 2008-02-14 | Samsung Electronics Co., Ltd. | Client computer, remote control system, and remote control method |
| CN102065148A (en) * | 2011-01-12 | 2011-05-18 | 无锡网芯科技有限公司 | Memory system access authorizing method based on communication network |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106844061A (en) * | 2015-12-03 | 2017-06-13 | 腾讯科技(深圳)有限公司 | Shared resource treating method and apparatus |
| CN106844061B (en) * | 2015-12-03 | 2020-02-14 | 腾讯科技(深圳)有限公司 | Shared resource processing method and device |
| CN107704756A (en) * | 2017-09-26 | 2018-02-16 | 晶晨半导体(上海)股份有限公司 | Safe checking method and system before a kind of system upgrade |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100437618C (en) | Portable information safety device | |
| CN104461945A (en) | Remote control crash-proof irreversible self-destroying method for solid-state drive | |
| CN104734277A (en) | Wireless charging and communication | |
| CN202150070U (en) | Personal on-line transaction terminal | |
| CN202694329U (en) | Wireless storage equipment | |
| CN201707677U (en) | High-confidentiality solid hard disk product based on double destroy technology | |
| CN203894830U (en) | Bidirectional communication intelligent lock | |
| CN109086634A (en) | A kind of BMC chip management method, system and BMC chip and storage medium | |
| CN102662804A (en) | Power-down-prevention irreversible self-destroying method for solid state disk | |
| CN105825151A (en) | Method for remotely controlling self destruction of solid-state disk | |
| CN103546478A (en) | Internal and external network secure access method and system | |
| US20230042384A1 (en) | Method and apparatus for a modular digital chassis lock assembly in an information handling system | |
| CN105975878A (en) | Safe storage method and system based on Nand Flash flash-memory | |
| CN103164789A (en) | Debug circuit structure provided with safety verification and achieving method of debug circuit structure provided with safety verification | |
| CN201654768U (en) | Active type intelligent security USB (Universal Serial Bus) removable storage equipment | |
| CN203618020U (en) | Internal and external network security access mode | |
| CN104850796A (en) | Storage equipment and access method thereof | |
| CN102004705B (en) | USB storage device based on hardware encryption | |
| CN103268434A (en) | Embedded type system and remote injection running method thereof | |
| CN104571942A (en) | Data storage system and method analyzing non-signal | |
| CN102789430B (en) | Memorizer memory devices, its Memory Controller and access method | |
| CN105740719A (en) | Wireless safe USB (Universal Serial Bus) flash disk and implementation method thereof | |
| CN201886463U (en) | USB (universal serial bus) memory device based on hardware encryption | |
| CN103873242A (en) | Intelligent secret key device | |
| CN206788951U (en) | A kind of gate control system card reader |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130828 |