CN106384053A - Trusted boot method and apparatus for mobile operation system - Google Patents
Trusted boot method and apparatus for mobile operation system Download PDFInfo
- Publication number
- CN106384053A CN106384053A CN201610826044.9A CN201610826044A CN106384053A CN 106384053 A CN106384053 A CN 106384053A CN 201610826044 A CN201610826044 A CN 201610826044A CN 106384053 A CN106384053 A CN 106384053A
- Authority
- CN
- China
- Prior art keywords
- credible
- kernel
- preloader
- encryption chip
- boot loader
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides a trusted boot method and apparatus for a mobile operation system. The method comprises the steps of powering on a system, executing a Boot ROM Code embedded in an SOC by a CPU, and calling a GMB algorithm of a security encryption chip and a measurement reference value pre-stored in the encryption chip to measure whether a Preloader is trusted or not; if the Preloader is trusted, executing a Preloader code, and calling the GMB algorithm of the security encryption chip and the measurement reference value pre-stored in the encryption chip to measure whether a Boot Loader is trusted or not; if the Boot Loader is trusted, executing a Boot Loader code, and calling the GMB algorithm of the security encryption chip and the measurement reference value pre-stored in the encryption chip to measure whether a kernel is trusted or not; if the kernel is trusted, executing the kernel, and calling the GMB algorithm of the security encryption chip and the measurement reference value pre-stored in the encryption chip to measure whether an application framework is trusted or not; and if the application framework is trusted, executing an application framework code, thereby finishing system boot. By adopting the scheme, the boot security of the mobile operation system can be improved.
Description
Technical field
The present invention relates to reliable computing technology field is and in particular to a kind of Mobile operating system credible startup method and dress
Put.
Background technology
Fast-developing with mobile communication technology, intelligent mobile terminal product also emerges in an endless stream, various mobile products
Product bring great convenience to us, have had become as a part for our live and works.
But the development of mobile product is more in the lifting of function and performance, the development of safety aspect is but relatively stagnant
Afterwards, the exposure of various information security issues can be as, safety has begun to cause everybody concern.For mobile product
Clean boot aspect, current technology means be more to rely on the verification of stage without from product once on electricity do and pacify
Using software cryptography algorithm and check value leaves in erasable Flash partition for startup, and the mode verifying entirely, such side
Formula cause illegally to be wiped subregion or bypass the verification of stage probability ratio larger, the safety of whole operation system start-up
Property is than relatively low.
Therefore, it is necessary for designing a kind of higher Mobile operating system credible startup method of safety.
Content of the invention
The present invention provides a kind of Mobile operating system credible startup method and apparatus, its objective is to improve Mobile operating system
Safety.
A kind of credible startup method of Mobile operating system, the flow process of described credible startup method includes:Carry out successively
Verification that Preloader is credible, Boot Loader is credible verification, kernel is credible verification, application framework is credible, and verification 4 verified
Journey.
In a kind of preferred embodiment of the Mobile operating system credible startup method that the present invention provides, described credible startup
Flow process concretely comprise the following steps:
Step 1:During described Mobile operating system system electrification, CPU execution is embedded in the Boot ROM Code within SOC;
Step 2:Described Boot ROM Code calls security encryption chip to confirm that Preloader is using the close algorithm of its state
No credible, if credible, execute next step, otherwise terminate;
Step 3:The described Preloader of CPU execution initializes internal memory, reads Boot Loader in internal memory, calls described
Security encryption chip utilizes the close algorithm of its state to confirm whether described Boot Loader is credible, if credible, executes next step, no
Then terminate;
Step 4:CPU executes described Boot Loader setup code, reads kernel in internal memory, calls described safety
Encryption chip utilizes the close algorithm of its state to confirm whether described kernel is credible, if credible, execute next step, otherwise terminates;
Step 5:CPU executes described kernel initialization core system, calls described security encryption chip to utilize the close calculation of its state
Method confirms whether application framework is credible, if credible, execute next step, otherwise terminates;
Step 6:System executes described application framework code and completes the startup of described Mobile operating system.
In a kind of preferred embodiment of the Mobile operating system credible startup method that the present invention provides, described step 2 is true
Recognize Preloader whether credible specially:
Described security encryption chip pre-saves the measuring standard value of described Preloader, and described Boot ROM Code will
Preloader described in outside Flash reads in SOC SRAM, and described Boot ROM Code is added by calling described safety
Close chip carries out to the described Preloader in described SOC SRAM calculating generation metric computations using the close algorithm of its state, will
The measuring standard value of described Preloader and metric computations are compared confirmation, if equal, think that described Preloader can
Letter.
In a kind of preferred embodiment of the Mobile operating system credible startup method that the present invention provides, in described step 3
Confirm whether Boot Loader is credible to be specially:
Described security encryption chip pre-saves the measuring standard value of described Boot Loader, and described Preloader will be just
Begin outside the pale of civilization portion DRAM, and Boot Loader described in outside Flash is read in DRAM, and described Preloader passes through to call
Described security encryption chip carries out to the described Boot Loader code in DRAM calculating producing using the close algorithm of its state measures meter
Calculation value, the measuring standard value of described Boot Loader and metric computations are compared confirmations, if equal, think described in
Boot Loader is credible.
In a kind of preferred embodiment of the Mobile operating system credible startup method that the present invention provides, in described step 4
Confirm whether kernel is credible to be specially:Described security encryption chip pre-saves the measuring standard value of described kernel, described Boot
Kernel described in outside Flash is read in DRAM by Loader, and described Boot Loader is by calling described safety encryption core
Piece carries out to the described kernel in DRAM calculating generation metric computations using the close algorithm of its state, by the measuring standard of described kernel
Value and metric computations are compared confirmation, if equal, think that described kernel is credible.
In a kind of preferred embodiment of the Mobile operating system credible startup method that the present invention provides, described step 5 is true
Recognize application framework whether credible specially:
Described security encryption chip pre-saves the measuring standard value of described application framework, and described kernel is described by calling
Security encryption chip carries out to described application framework calculating generation metric computations using the close algorithm of its state, by described application framework
Measuring standard value and metric computations compare confirmation, if equal, think that described application framework is credible.
The present invention also provides a kind of device based on above-mentioned Mobile operating system credible startup method, including:
Boot ROM starting module, for starting the Boot ROM Code being embedded within SOC;
Boot ROM is credible correction verification module, is used for calling security encryption chip to utilize the close algorithm of its state to confirm Preloader
Whether credible;
Preloader starting module, for calling at the beginning of described Preloader in the case of described Preloader is believable
Beginningization internal memory, reads Boot Loader in internal memory;
Preloader is credible correction verification module, is used for calling described security encryption chip to utilize the close algorithm of its state to confirm described
Whether Boot Loader is credible;
Boot Loader starting module, for calling described Boot in the case of described Boot Loader is believable
Loader, reads kernel in internal memory;
Boot Loader is credible correction verification module, in order to call described security encryption chip to utilize the close algorithm of its state to confirm institute
Whether credible state kernel;
Kernel starting module, for calling described kernel initialization core system in the case of described kernel is believable;
Kernel is credible correction verification module, calls described security encryption chip to utilize the close algorithm of its state to confirm that application framework whether may be used
Letter;
Application framework starting module, if credible for described application framework, system execution application framework code simultaneously completes
The startup of operating system.
In a kind of preferred embodiment of the device of the Mobile operating system credible startup method that the present invention provides, described dress
Put and also include:
Boot ROM acquisition module, for obtaining the described Preloader pre-saving in described security encryption chip
Measuring standard value;
Described Boot ROM starting module is specifically for calling Boot ROM Code by described in outside Flash
Preloader code reads in SOC SRAM;
Described Boot ROM is credible, and correction verification module is encrypted by calling described safety specifically for described Boot ROM Code
Chip carries out to the described Preloader code in described SOC SRAM calculating generation metric computations using the close algorithm of its state,
The measuring standard value of described Preloader and metric computations are compared confirmation, if equal, thinks described Preloader
Credible.
In a kind of preferred embodiment of the device of the Mobile operating system credible startup method that the present invention provides, described dress
Put and also include:
Preloader acquisition module, for obtaining the described Boot Loader pre-saving in described security encryption chip
Measuring standard value;
Described Preloader starting module is specifically for calling described Preloader will initialize outside DRAM, and incites somebody to action outer
Boot Loader code described in portion Flash reads in DRAM;
Described Preloader is credible correction verification module is specifically for described Preloader by calling described safety encryption core
Piece carries out to the described Boot Loader code in DRAM calculating generation metric computations using the close algorithm of its state, will be described
The measuring standard value of Boot Loader and metric computations are compared confirmation, if equal, think that described Boot Loader can
Letter.
In a kind of preferred embodiment of the device of the Mobile operating system credible startup method that the present invention provides, described dress
Put and also include:
Boot Loader acquisition module, for obtaining the degree pre-saving the described kernel in described security encryption chip
Amount reference value;
Described Boot Loader starting module initializes peripheral each equipment and initial specifically for described Boot Loader
Change memory headroom, and kernel described in outside Flash is read in DRAM;
Described Boot Loader is credible, and correction verification module is added by calling described safety specifically for described Boot Loader
Close chip carries out to the described kernel in DRAM calculating generation metric computations using the close algorithm of its state, and described kernel is measured base
Accurate value and metric computations are compared confirmation, if equal, think that described kernel is credible.
In a kind of preferred embodiment of the device of the Mobile operating system credible startup method that the present invention provides, described dress
Put and also include:
Kernel acquisition module, for obtaining the tolerance base pre-saving the described application framework in described security encryption chip
Quasi- value;
Described kernel starting module specifically for described kernel initialization operating system kernel assembly, carry root partition, plus
Carry security encryption chip to drive;
Described kernel is credible, and correction verification module utilizes its state specifically for described kernel by calling described security encryption chip
Close algorithm carries out to described application framework calculating generation metric computations, by the measuring standard value of described application framework and tolerance meter
Calculation value is compared confirmation, if equal, thinks that described application framework is credible.
Compared to prior art, described Mobile operating system that the present invention provides is credible to be started method and apparatus and have following has
Beneficial effect:
1. security performance is more preferable.Startup method that described Mobile operating system is credible starts each is started from system electrification
Flow process has all done credible verification, all linked with one another, only previous stage credible be possible to run the latter half, compared to existing
Interim credible verification, this method has more safety.
2. security algorithm and memory area are more reliable.Described Mobile operating system credible startup method employing safety encryption core
Piece, its chip comprises encription algorithms approved by the State Password Administration Committee Office algorithm and safety encryption memory area, can provide peace in terms of algorithm and storage two
Quan Xing.Compared to existing soft algorithm and non-security memory area, security encryption chip achieves hardware encrypting, and calculates
Method is the autonomous close algorithm of controlled state, and its secure storage section providing is also it is impossible to pass through illegal road through encryption storage
Footpath obtains, and therefore this method further increases security reliability.
Brief description
For the technical scheme being illustrated more clearly that in the embodiment of the present invention, embodiment will be described below used in
Accompanying drawing be briefly described it should be apparent that, drawings in the following description are only some embodiments of the present invention, for ability
For the those of ordinary skill of domain, on the premise of not paying creative work, can also be obtained other attached according to these accompanying drawings
Figure, wherein:
Fig. 1 is the overall framework figure of the credible startup of Mobile operating system that the present invention provides;
Fig. 2 is Preloader trust authentication flow chart in Mobile operating system credible startup method;
Fig. 3 is Boot Loader trust authentication flow chart in Mobile operating system credible startup method;
Fig. 4 is kernel trust authentication flow chart in Mobile operating system credible startup method;
Fig. 5 is application framework trust authentication flow chart in Mobile operating system credible startup method;
Fig. 6 be the present invention provide the credible starter of Mobile operating system overall construction drawing.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation describes it is clear that described embodiment is only a part of embodiment of the present invention, rather than whole embodiments.
Refer to Fig. 1, Fig. 1 is Mobile operating system Booting sequence figure provided in an embodiment of the present invention, in conjunction with institute of the present invention
Show the credible startup method of the Mobile operating system that embodiment provides, structure chart shown in the present embodiment compares and moves in prior art
The difference of dynamic operating system flow process is:Increase security encryption chip module and credible checking process.This security encryption chip
Have highest safe class, support encription algorithms approved by the State Password Administration Committee Office algorithm and embedded safety encryption memory area.
This Booting sequence overview is:System electrification, execution is embedded in the Boot ROM Code in SOC.Boot ROM
Code calls security encryption chip to obtain the measuring standard value of Preloader prestoring and obtain by secure cryptographic algorithm
The metric computations of Preloader are used for determining whether Preloader is credible;If Preloader is credible, execute
Preloader;Preloader calls security encryption chip to obtain the measuring standard value of Boot Loader prestoring and pass through
The metric computations that secure cryptographic algorithm obtains Boot Loader are used for determining whether Boot Loader is credible;If Boot
Loader is credible, then execute Boot Loader;Boot Loader calls security encryption chip to obtain the tolerance of the kernel prestoring
Reference value and be used for determining whether kernel is credible by the metric computations that secure cryptographic algorithm obtains kernel;If kernel can
Letter, then execute kernel;Kernel calls security encryption chip obtains the measuring standard value of application framework prestoring and by complete
The be applied metric computations of framework of property algorithm are used for determining whether application framework is credible;If application framework is credible, execute
Application framework is simultaneously finally completed system starting process.
Refer to Fig. 2, Fig. 2 is Preloader trust authentication flow chart in Mobile operating system credible startup method,
Preloader trust authentication flow process comprises the steps:
S201, executes Boot ROM Code;
Boot ROM Code is solidificated in chip internal, executes this Code after system electrification, initialization security encryption chip with
And External memory equipment.
S202, reads Preloader to SOC SRAM;
The running environment of Preloader is in the SRAM within SOC, and the storage location of Preloader is then positioned at outer
Portion's storage device, for mobile device, usually Flash.Boot ROM Code will be stored in outside Flash's
Preloader copies in SOC internal SRAM.
S203, obtains Preloader measuring standard value from security encryption chip secure storage areas;
The measuring standard value of Preloader writes security encryption chip memory area, Ke Yishi by escape way in advance
The digest value of the calculating by state's close SM3 hash algorithm of Preloader.
S204, calls security encryption chip interface to adopt the close algorithm of state to obtain Preloader metric computations;
The Preloader being stored in SRAM is entered using the close algorithm of state by calling the application interface of security encryption chip
Row calculates and obtains metric computations.The close algorithm of state herein can be state's close SM3 hash algorithm.
S205, whether reference value is equal to value of calculation;
Confirm whether Preloader is credible, if credible, continues by the contrast of measuring standard value and metric computations
Execution Preloader, if insincere, halt system starts.
S206, is ready to carry out Preloader.
Preloader is measured as credible, and therefore CPU jumps to Preloader entrance function, is ready to carry out
Preloader.
Refer to Fig. 3, Fig. 3 is Boot Loader trust authentication flow chart in Mobile operating system credible startup method,
Boot Loader trust authentication flow process comprises the steps:
S301, executes Preloader;
The outside DRAM of Preloader initialization, initialization storehouse initialization security encryption chip and External memory equipment.
S302, reads Boot Loader to outside DRAM;
The running environment of Boot Loader is in outside DRAM, and the storage location of Boot Loader is then externally-located
Storage device, for mobile device, usually Flash.Preloader will be stored in the Boot Loader of outside Flash
Copy in outside DRAM.
S303, obtains Boot Loader measuring standard value from security encryption chip secure storage areas;
The measuring standard value of Boot Loader writes security encryption chip memory area by escape way in advance, here
Measuring standard value can be Boot Loader the calculating by state's close SM3 hash algorithm digest value.
S304, calls security encryption chip interface to adopt the close algorithm of state to obtain Boot Loader metric computations;
By calling the application interface of security encryption chip using the close algorithm of state to the Boot Loader being stored in DRAM
Carry out calculating and obtain metric computations.The close algorithm of state herein can be state's close SM3 hash algorithm.
S305, whether reference value is equal to value of calculation;
Confirm whether Boot Loader is credible, if credible, continues by the contrast of measuring standard value and metric computations
Continuous execution Boot Loader, if insincere, halt system starts.
S306, is ready to carry out Boot Loader.
Boot Loader is measured as credible, and therefore CPU jumps to Boot Loader entrance function, is ready to carry out Boot
Loader.
Refer to Fig. 4, Fig. 4 is kernel trust authentication flow chart in Mobile operating system credible startup method, and kernel is credible
Checking flow process comprises the steps:
S401, executes Boot Loader;
The effect of Boot Loader is initialization system ancillary equipment, loading operation system kernel to DRAM, for subsequently interior
The operation of core is done initialization and is prepared.The embodiment of Boot Loader can be uboot herein, and another can also be LK
(Little Kernel).
S402, reading kernel mirror image to outside DRAM;
The running environment of kernel is in outside DRAM, and the storage location of kernel then externally-located storage device, for
For mobile device, usually Flash.The kernel that Boot Loader will be stored in outside Flash copies in outside DRAM.
S403, obtains kernel measuring standard value from security encryption chip secure storage areas;
The measuring standard value of kernel writes security encryption chip memory area, its measuring standard value by escape way in advance
A kind of example be the calculating that kernel passes through state's close SM3 hash algorithm digest value.
S404, calls security encryption chip interface to adopt the close algorithm of state to obtain kernel metric computations;
The kernel being stored in DRAM is counted using the close algorithm of state by calling the application interface of security encryption chip
Calculate and obtain metric computations.A kind of example of the close algorithm of state herein is state's close SM3 hash algorithm.
S405, whether reference value is equal to value of calculation;
Confirm whether kernel is credible by the contrast of measuring standard value and metric computations, if credible, continue executing with interior
Core, if insincere, halt system starts.
S406, is ready to carry out kernel.
Described kernel is measured as credible, and therefore CPU jumps to kernel entrance function, is ready to carry out kernel.
Refer to Fig. 5, Fig. 5 is application framework trust authentication flow chart in Mobile operating system credible startup method, application
Framework trust authentication flow process comprises the steps:
S501, executes kernel;
In this example, as kernel, it completes the initial chemical industry of each nucleus module of operating system to Linux Kernel
Make, initialize peripheral hardware devices, and finally run Init process.
S502, runs Init process;
Init process is first process of Linux Kernel management, and follow-up application framework is all based on this Init and enters
Journey is directly or indirectly called and runs.Init process completes the drive load of security encryption chip, is security encryption chip
Access prepare.
S503, obtains application framework subregion measuring standard value from security encryption chip secure storage areas;
In this example, application framework is stored in an independent read-only block file system partitioning, to application framework
Credible verification have various ways, one kind is can to carry out credible verification one by one, another kind side by each core document to application framework
Formula does overall single credible verification to the block file system partitioning of storage application framework.Using to application framework in this example
Subregion carries out the mode of credible verification.
For the credible verification of entirety of application framework subregion, due to being limited to the size of subregion, therefore this example is using right
Application framework subregion first carries out processing by fixed block (such as 4KB), and each data block carries out digest calculations, and each data block
Summary deposits in fixed block, forms ground floor summary block, then continues to carry out digest calculations to ground floor summary block, forms second
Layer summary block, so produces a root summary block until final repeatedly.Root summary block is utilized encription algorithms approved by the State Password Administration Committee Office SM3 hash algorithm meter
Calculate generation measuring standard value to be previously written in security encryption chip by escape way.
This step is exactly to pass through the acquisition of encryption chip driving interface access safety encryption chip secure storage section to deposit in advance
The measuring standard value of the application partition root summary block put.
S504, calls security encryption chip interface to adopt the close algorithm of state to calculate and obtains application framework subregion metric computations;
Based on described in S503, this step calls security encryption chip state close by the driving interface calling security encryption chip
SM3 hash algorithm carries out calculating acquisition metric computations to the root summary block of application framework subregion.
S505, whether reference value is equal to value of calculation;
Confirm whether application framework is credible by the contrast of measuring standard value and metric computations, if credible, continue to hang
Carry application framework subregion, if insincere, halt system starts.
S506, carry application framework subregion;
Application framework is measured as credible, therefore continuation carry application framework subregion, and finally execution application framework.
S507, operating system.
The credible Booting sequence of whole operation system completes, and therefore system is identified credible, normally behaves.
The structural representation of the credible starter of Mobile operating system that Fig. 6 provides for the present invention, this device can be embedding
Enter formula mobile product or module.This Mobile operating system is credible, and starter can execute Mobile operating system as shown in Figure 1
Credible startup method.
Specifically, in Fig. 6, each module executes the trust authentication flow process shown in Fig. 2 to Fig. 5 respectively, and wherein 601 to 603 is to hold
The structure drawing of device of Preloader trust authentication flow process shown in row Fig. 2, including:
Boot ROM starting module 601, for starting the Boot ROM Code being embedded within SOC;
Boot ROM acquisition module 602, for obtaining application framework subregion tolerance from security encryption chip secure storage areas
Reference value;
Boot ROM is credible correction verification module 603, is used for calling described Boot ROM Code to call security encryption chip to utilize
Whether the measuring standard value metric Preloader code that the close algorithm of its state and described Boot ROM acquisition module 702 obtain is credible;
In Fig. 6,604 to 606 are carried out the structure drawing of device of the trust authentication flow process of Boot Loader shown in Fig. 3, including:
Preloader starting module 604, if credible for described Preloader, calls described Preloader initial
Change internal memory, read Boot Loader in internal memory;
Preloader acquisition module 605, for obtaining Boot Loader subregion from security encryption chip secure storage areas
Measuring standard value;
Preloader is credible correction verification module 606, is used for calling described Boot ROM Code to call security encryption chip profit
Whether the measuring standard value metric Boot Loader code being obtained with described Preloader acquisition module 802 with the close algorithm of its state
Credible;
In Fig. 6,607 to 609 are carried out the structure drawing of device of the flow process of kernel trust authentication shown in Fig. 4, including:
Boot Loader starting module 607, if credible for described Boot Loader, calls described Boot
Loader, reads kernel in internal memory;
Boot Loader acquisition module 608, for obtaining kernel measuring standard from security encryption chip secure storage areas
Value;
Boot Loader is credible correction verification module 609, is used for calling described Boot ROM Code to call security encryption chip
Whether credible with the measuring standard value metric kernel that described Boot Loader acquisition module 902 obtains using the close algorithm of its state;
In Fig. 6,610 to 613 are carried out the structure drawing of device of the application framework trust authentication flow process shown in Fig. 5, including:
Kernel starting module 610, if credible for described kernel, calls described kernel initialization core system;
Kernel acquisition module 611, for obtaining application framework measuring standard value from security encryption chip secure storage areas;
Kernel is credible correction verification module 612, is used for calling described Boot ROM Code to call security encryption chip to utilize its state
Whether the measuring standard value metric application framework that close algorithm and described kernel acquisition module 1002 obtain is credible;
Application framework starting module 613, if credible for application framework, call described application framework, is finally completed behaviour
Make system start-up.Understand the Mobile operating system credible startup method that the present invention provides from embodiments of the invention illustrated above
There are two aspect advantages with device compared to the credible startup of other system, being on the one hand the present invention is to provide opening from system electrification
The credible verification begun, the only previous stage credible startup that just can carry out next stage, prevent to bypass the risk of credible verification;
On the other hand present invention uses security encryption chip, itself be the reliable equipment of high safety, using the close algorithm of state and
Comprise secure storage section, compare other credible start metric is stored in subregion or soft algorithm encryption and decryption for, safety plus
It is relatively reliable controlled that close chip enables to credible startup.
The foregoing is only embodiments of the invention, not thereby limit the present invention the scope of the claims, every using this
Equivalent structure or equivalent flow conversion that bright description is made, or directly or indirectly it is used in the technology neck of other correlations
Domain, is all included in the same manner within the scope of patent protection of the present invention.
Claims (11)
1. a kind of credible startup method of Mobile operating system is it is characterised in that the flow process of described credible startup includes:Carry out successively
The credible verification of Preloader, Boot Loader is credible verification, kernel is credible verification, application framework is credible 4 verifications of verification
Process.
2. according to claim 1 Mobile operating system credible startup method it is characterised in that the flow process of described credible startup
Concretely comprise the following steps:
Step 1:During described Mobile operating system system electrification, CPU execution is embedded in the Boot ROM Code within SOC;
Step 2:Described Boot ROM Code calls security encryption chip to utilize the close algorithm of its state to confirm that Preloader whether may be used
Letter, if credible, execute next step, otherwise terminates;
Step 3:The described Preloader of CPU execution initializes internal memory, reads Boot Loader in internal memory, calls described safety
Encryption chip utilizes the close algorithm of its state to confirm whether described Boot Loader is credible, if credible, executes next step, otherwise eventually
Only;
Step 4:CPU executes described Boot Loader setup code, reads kernel in internal memory, calls described safety to encrypt
Chip utilizes the close algorithm of its state to confirm whether described kernel is credible, if credible, execute next step, otherwise terminates;
Step 5:CPU executes described kernel initialization core system, calls described security encryption chip to utilize the close algorithm of its state true
Whether credible recognize application framework, if credible, execute next step, otherwise terminate;
Step 6:System executes described application framework code and completes the startup of described Mobile operating system.
3. the credible startup method of Mobile operating system according to claim 2 it is characterised in that:Described step 2 confirms
Whether Preloader is credible to be specially:
Described security encryption chip pre-saves the measuring standard value of described Preloader, and described Boot ROM Code is by outside
Preloader described in Flash reads in SOC SRAM, and described Boot ROM Code is by calling described safety encryption core
Piece carries out to the described Preloader in described SOC SRAM calculating generation metric computations using the close algorithm of its state, will be described
The measuring standard value of Preloader and metric computations are compared confirmation, if equal, think that described Preloader is credible.
4. the credible startup method of Mobile operating system according to claim 2 it is characterised in that:Confirm in described step 3
Whether Boot Loader is credible to be specially:
Described security encryption chip pre-saves the measuring standard value of described Boot Loader, and described Preloader will initialize
Outside DRAM, and Boot Loader described in outside Flash is read in DRAM, described Preloader is described by calling
Security encryption chip carries out to the described Boot Loader code in DRAM calculating generation metric calculation using the close algorithm of its state
Value, the measuring standard value of described Boot Loader and metric computations is compared confirmation, if equal, thinks described Boot
Loader is credible.
5. the credible startup method of Mobile operating system according to claim 2 it is characterised in that:Confirm in described step 4
Whether kernel is credible to be specially:
Described security encryption chip pre-saves the measuring standard value of described kernel, and described Boot Loader is by outside Flash
Described kernel reads in DRAM, and described Boot Loader utilizes the close algorithm pair of its state by calling described security encryption chip
Described kernel in DRAM carries out calculating generation metric computations, and the measuring standard value of described kernel and metric computations are carried out
Compare and confirm, if equal, think that described kernel is credible.
6. the credible startup method of Mobile operating system according to claim 2 it is characterised in that:Described step 5 confirms should
It is specially with whether framework is credible:
Described security encryption chip pre-saves the measuring standard value of described application framework, and described kernel is by calling described safety
Encryption chip carries out to described application framework calculating generation metric computations using the close algorithm of its state, by the degree of described application framework
Amount reference value and metric computations are compared confirmation, if equal, think that described application framework is credible.
7. a kind of device based on the credible startup method of Mobile operating system described in any one in claim 3-6, its feature
It is, including:
Boot ROM starting module, for starting the Boot ROMCode being embedded within SOC;
Boot ROM is credible correction verification module, is used for calling security encryption chip to utilize whether the close algorithm of its state confirms Preloader
Credible;
Preloader starting module, for calling described Preloader initialization in the case of described Preloader is believable
Internal memory, reads Boot Loader in internal memory;
Preloader is credible correction verification module, is used for calling described security encryption chip to utilize the close algorithm of its state to confirm described Boot
Whether Loader is credible;
Boot Loader starting module, for calling described Boot Loader in the case of described Boot Loader is believable,
Read kernel in internal memory;
Boot Loader is credible correction verification module, described interior in order to call described security encryption chip to utilize the close algorithm of its state to confirm
Whether core is credible;
Kernel starting module, for calling described kernel initialization core system in the case of described kernel is believable;
Kernel is credible correction verification module, calls described security encryption chip to utilize the close algorithm of its state to confirm whether application framework is credible;
Application framework starting module, if credible for described application framework, system execution application framework code simultaneously completes to operate
The startup of system.
8. the credible startup method of Mobile operating system according to claim 7 device it is characterised in that described device also
Including:
Boot ROM acquisition module, for obtaining the tolerance pre-saving the described Preloader in described security encryption chip
Reference value;
Described Boot ROM starting module is specifically for calling Boot ROM Code by Preloader generation described in outside Flash
Code reads in SOC SRAM;
Described Boot ROM is credible correction verification module is specifically for described Boot ROM Code by calling described security encryption chip
Described Preloader code in described SOC SRAM is carried out calculate using the close algorithm of its state and produce metric computations, by institute
State the measuring standard value of Preloader and metric computations are compared confirmation, if equal, think that described Preloader can
Letter.
9. the credible startup method of Mobile operating system according to claim 7 device it is characterised in that described device also
Including:
Preloader acquisition module, for obtaining the degree pre-saving the described Boot Loader in described security encryption chip
Amount reference value;
Described Preloader starting module specifically for calling described Preloader will initialize outside DRAM, and by outside
The code of Boot Loader described in Flash reads in DRAM;
Described Preloader is credible correction verification module is specifically for described Preloader by calling described security encryption chip profit
With its state close algorithm, the described Boot Loader code in DRAM is carried out calculating and produce metric computations, by described Boot
The measuring standard value of Loader and metric computations are compared confirmation, if equal, think that described Boot Loader is credible.
10. the device of the credible startup method of Mobile operating system according to claim 7 is it is characterised in that described device
Also include:
Boot Loader acquisition module, for obtaining the tolerance base pre-saving the described kernel in described security encryption chip
Quasi- value;
Described Boot Loader starting module initializes in peripheral each equipment and initialization specifically for described Boot Loader
Deposit space, and kernel described in outside Flash is read in DRAM;
Described Boot Loader is credible correction verification module is specifically for described Boot Loader by calling described safety encryption core
Piece carries out to the described kernel in DRAM calculating generation metric computations using the close algorithm of its state, by the measuring standard of described kernel
Value and metric computations are compared confirmation, if equal, think that described kernel is credible.
The device of startup method that 11. Mobile operating systems according to claim 7 are credible is it is characterised in that described device
Also include:
Kernel acquisition module, for obtaining the measuring standard pre-saving the described application framework in described security encryption chip
Value;
Described kernel starting module, specifically for described kernel initialization operating system kernel assembly, carry root partition, loads peace
Full encryption chip drives;
Described kernel is credible, and correction verification module utilizes the close calculation of its state specifically for described kernel by calling described security encryption chip
Method carries out to described application framework calculating generation metric computations, by the measuring standard value of described application framework and metric computations
Compare confirmation, if equal, think that described application framework is credible.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610826044.9A CN106384053A (en) | 2016-09-14 | 2016-09-14 | Trusted boot method and apparatus for mobile operation system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610826044.9A CN106384053A (en) | 2016-09-14 | 2016-09-14 | Trusted boot method and apparatus for mobile operation system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106384053A true CN106384053A (en) | 2017-02-08 |
Family
ID=57935655
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610826044.9A Pending CN106384053A (en) | 2016-09-14 | 2016-09-14 | Trusted boot method and apparatus for mobile operation system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106384053A (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107247910A (en) * | 2017-08-11 | 2017-10-13 | 郑州云海信息技术有限公司 | A kind of file integrality measurement detection method, system and detection device |
CN107403098A (en) * | 2017-06-13 | 2017-11-28 | 北京溢思得瑞智能科技研究院有限公司 | The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage |
CN107729069A (en) * | 2017-10-12 | 2018-02-23 | 浪潮(北京)电子信息产业有限公司 | A kind of method, apparatus of clean boot video card, computer-readable recording medium |
CN108549551A (en) * | 2018-04-13 | 2018-09-18 | 浪潮(北京)电子信息产业有限公司 | A kind of the startup method, apparatus and equipment of server network interface card |
CN108595981A (en) * | 2018-05-09 | 2018-09-28 | 深圳市桑格尔科技股份有限公司 | The method for encrypting Android system |
CN109740354A (en) * | 2019-01-03 | 2019-05-10 | 北京工业大学 | The method of BMC credible starting and recurrence after Networking private server lost contact |
CN110457083A (en) * | 2019-07-04 | 2019-11-15 | 深圳市中易通安全芯科技有限公司 | A kind of starting method and device of chip file system |
CN110543769A (en) * | 2019-08-29 | 2019-12-06 | 武汉大学 | Trusted starting method based on encrypted TF card |
CN110601831A (en) * | 2019-09-19 | 2019-12-20 | 北京天地和兴科技有限公司 | Industrial control network embedded safety equipment measuring method based on trusted module |
CN112651030A (en) * | 2021-01-14 | 2021-04-13 | 北京工业大学 | Trusted starting method for BMC firmware system security |
CN113127879A (en) * | 2019-12-31 | 2021-07-16 | 杭州海康威视数字技术股份有限公司 | Trusted firmware starting method, electronic equipment and readable storage medium |
CN113961939A (en) * | 2021-12-20 | 2022-01-21 | 北京智芯微电子科技有限公司 | Method and system for protecting safety of embedded operating system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090125716A1 (en) * | 2007-11-14 | 2009-05-14 | Microsoft Corporation | Computer initialization for secure kernel |
CN104778424A (en) * | 2015-03-24 | 2015-07-15 | 四川长虹电器股份有限公司 | Method for preventing ROM (Read Only Memory) root obtaining on basis of smart television |
CN104951316A (en) * | 2014-03-25 | 2015-09-30 | 华为技术有限公司 | Kernel trusted booting method and device |
CN104966022A (en) * | 2015-06-12 | 2015-10-07 | 浪潮电子信息产业股份有限公司 | Chain-of-trust construction method and device based on chip |
CN105656860A (en) * | 2014-11-20 | 2016-06-08 | 中兴通讯股份有限公司 | Safety management and control method, apparatus and system for Android system |
-
2016
- 2016-09-14 CN CN201610826044.9A patent/CN106384053A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090125716A1 (en) * | 2007-11-14 | 2009-05-14 | Microsoft Corporation | Computer initialization for secure kernel |
CN104951316A (en) * | 2014-03-25 | 2015-09-30 | 华为技术有限公司 | Kernel trusted booting method and device |
CN105656860A (en) * | 2014-11-20 | 2016-06-08 | 中兴通讯股份有限公司 | Safety management and control method, apparatus and system for Android system |
CN104778424A (en) * | 2015-03-24 | 2015-07-15 | 四川长虹电器股份有限公司 | Method for preventing ROM (Read Only Memory) root obtaining on basis of smart television |
CN104966022A (en) * | 2015-06-12 | 2015-10-07 | 浪潮电子信息产业股份有限公司 | Chain-of-trust construction method and device based on chip |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107403098A (en) * | 2017-06-13 | 2017-11-28 | 北京溢思得瑞智能科技研究院有限公司 | The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage |
CN107247910A (en) * | 2017-08-11 | 2017-10-13 | 郑州云海信息技术有限公司 | A kind of file integrality measurement detection method, system and detection device |
CN107729069A (en) * | 2017-10-12 | 2018-02-23 | 浪潮(北京)电子信息产业有限公司 | A kind of method, apparatus of clean boot video card, computer-readable recording medium |
CN108549551A (en) * | 2018-04-13 | 2018-09-18 | 浪潮(北京)电子信息产业有限公司 | A kind of the startup method, apparatus and equipment of server network interface card |
CN108595981B (en) * | 2018-05-09 | 2021-07-20 | 深圳市桑格尔科技股份有限公司 | Method for encrypting android system |
CN108595981A (en) * | 2018-05-09 | 2018-09-28 | 深圳市桑格尔科技股份有限公司 | The method for encrypting Android system |
CN109740354B (en) * | 2019-01-03 | 2020-11-20 | 北京工业大学 | Method for trusted boot and regression of BMC (baseboard management controller) after disconnection of networked special server |
CN109740354A (en) * | 2019-01-03 | 2019-05-10 | 北京工业大学 | The method of BMC credible starting and recurrence after Networking private server lost contact |
CN110457083B (en) * | 2019-07-04 | 2023-07-18 | 深圳市中易通安全芯科技有限公司 | Method and device for starting chip file system |
CN110457083A (en) * | 2019-07-04 | 2019-11-15 | 深圳市中易通安全芯科技有限公司 | A kind of starting method and device of chip file system |
CN110543769A (en) * | 2019-08-29 | 2019-12-06 | 武汉大学 | Trusted starting method based on encrypted TF card |
CN110543769B (en) * | 2019-08-29 | 2023-09-15 | 武汉大学 | Trusted starting method based on encrypted TF card |
CN110601831A (en) * | 2019-09-19 | 2019-12-20 | 北京天地和兴科技有限公司 | Industrial control network embedded safety equipment measuring method based on trusted module |
CN113127879A (en) * | 2019-12-31 | 2021-07-16 | 杭州海康威视数字技术股份有限公司 | Trusted firmware starting method, electronic equipment and readable storage medium |
CN113127879B (en) * | 2019-12-31 | 2023-09-05 | 杭州海康威视数字技术股份有限公司 | Firmware trusted starting method, electronic equipment and readable storage medium |
CN112651030A (en) * | 2021-01-14 | 2021-04-13 | 北京工业大学 | Trusted starting method for BMC firmware system security |
CN113961939B (en) * | 2021-12-20 | 2022-03-08 | 北京智芯微电子科技有限公司 | Method and system for protecting safety of embedded operating system |
CN113961939A (en) * | 2021-12-20 | 2022-01-21 | 北京智芯微电子科技有限公司 | Method and system for protecting safety of embedded operating system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106384053A (en) | Trusted boot method and apparatus for mobile operation system | |
TWI277904B (en) | Method, recording medium and system for protecting information | |
KR101662618B1 (en) | Measuring platform components with a single trusted platform module | |
CN104081407B (en) | Long-range trust for the server and client side in cloud computing environment proves and the methods, devices and systems of geographical position function | |
CN100511086C (en) | Providing a secure execution mode in a pre-boot environment | |
US9881162B2 (en) | System and method for auto-enrolling option ROMS in a UEFI secure boot database | |
CN103748594B (en) | For ARM*TRUSTZONETMThe credible platform module based on firmware realized | |
US7594124B2 (en) | Cross validation of data using multiple subsystems | |
CN103189877B (en) | software authentication | |
EP1944711A1 (en) | Methods and apparatus for authenticating components of processing systems | |
WO2017133559A1 (en) | Secure boot method and device | |
EP2727040B1 (en) | A secure hosted execution architecture | |
CN110110526A (en) | A kind of safety starting device and method based on safety chip | |
CN102012979B (en) | Embedded credible computing terminal | |
US8650655B2 (en) | Information processing apparatus and information processing program | |
CN104156659A (en) | Embedded system secure start method | |
CN106156635A (en) | Method for starting terminal and device | |
CN103080904A (en) | Providing a multi-phase lockstep integrity reporting mechanism | |
TW201342106A (en) | Securing device environment for trust provisioning | |
CN111630513A (en) | Authenticating authenticity of stored code and code updates | |
US20210248239A1 (en) | Verification of a provisioned state of a platform | |
US11228421B1 (en) | Secure secrets to mitigate against attacks on cryptographic systems | |
US11863661B2 (en) | Secure monitoring using block chain | |
JP2012003772A (en) | System and method for n-radix locality in security co-processor | |
CN105930733A (en) | Trust chain construction method and apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20170208 |