CN107798246A - One kind is based on the credible detection method and device of server - Google Patents

One kind is based on the credible detection method and device of server Download PDF

Info

Publication number
CN107798246A
CN107798246A CN201711139657.6A CN201711139657A CN107798246A CN 107798246 A CN107798246 A CN 107798246A CN 201711139657 A CN201711139657 A CN 201711139657A CN 107798246 A CN107798246 A CN 107798246A
Authority
CN
China
Prior art keywords
server
bmc
cpld
credible
signal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711139657.6A
Other languages
Chinese (zh)
Inventor
黄冰冰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201711139657.6A priority Critical patent/CN107798246A/en
Publication of CN107798246A publication Critical patent/CN107798246A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Power Sources (AREA)

Abstract

The invention provides one kind to be based on the credible detection method and device of server, power on request is sent to server, server MB CPLD receive starting-up signal, judge whether system is in trusted status by the credible input/output interface signals of BMC simultaneously, if being in insincere state, the MB CPLD refuse power on request;If being in trusted status, server system boots up operation.For the present invention in BMC detection service device systems in the case of believable, server system can just carry out start-up operation, so as to avoid server from starting under dangerous environment, enhance the reliability of server system, and cost has been saved to system encryption using software.

Description

One kind is based on the credible detection method and device of server
Technical field
The present invention relates to the technical field of server, and in particular to one kind is based on the credible detection method and device of server.
Background technology
In server field, when system is in insincere state, server system carries out the behaviour of any form start Work can all cause either large or small destruction to server, even cause great irreversible destruction sometimes.As server is to being The requirement more and more higher for reliability of uniting, this problem is also urgently to be resolved hurrily, and in currently available technology, server is all on used hardware System is encrypted, cost is higher.
The content of the invention
Based on above mentioned problem, the present invention proposes one kind and is based on the credible detection method and device of server, can in BMC detections During letter or when BMC detecting systems are in insincere state, server system will be unable to carry out any form start Operation, so as to drastically increase the reliability of server system.
The present invention provides following technical scheme:
On the one hand, the invention provides one kind to be based on the credible detection method of server, and methods described includes:
Power on request is sent to server, the server MB CPLD receive starting-up signal, while credible defeated by BMC Enter output interface signal and judge whether system is in trusted status, if being in insincere state, the MB CPLD refusals start please Ask;If being in trusted status, server system boots up operation.
Wherein, it is described by the credible input/output interface signals of BMC judge system whether in trusted status be by The credible input/output interfaces of BMC between BMC and MB CPLD are realized.
Wherein, server system boots up operation and is specially:Server MB CPLD send system boot signal to platform Control unit, after the platform control unit is connected to starting-up signal, transmission timing signal to the MB CPLD, control system is pressed Sequential normal boot-strap.
Wherein, when system is in normal operating condition, BMC detects that system is insincere, then passes through the credible input and output of BMC Interface notification MB CPLD, power-off operation is carried out to server system.
In addition, present invention also offers one kind to be based on the credible detection means of server, described device includes:BMC、MB CPLD and platform control unit PCH;The credible input/output interfaces of BMC are set between BMC and MB CPLD;Server MB CPLD Starting-up signal is received, while judges whether system is in trusted status by the credible input/output interface signals of BMC, if described BMC is in insincere state, and the MB CPLD refuse power on request;If the BMC is in trusted status, server system enters Row power-on operation.
Wherein, server system boots up operation and is specially:Server MB CPLD send system boot signal to platform Control unit, after the platform control unit is connected to starting-up signal, transmission timing signal to MB CPLD, control system is chronologically Normal boot-strap.
The invention provides one kind to be based on the credible detection method and device of server, sends power on request to server, clothes Business device MB CPLD receive starting-up signal, while judge whether system is in credible shape by the credible input/output interface signals of BMC State, if being in insincere state, the MB CPLD refuse power on request;If being in trusted status, server system boots up Operation.For the present invention in BMC detection service device systems in the case of believable, server system can just carry out start-up operation, from And avoid server from starting under dangerous environment, the reliability of server system is enhanced, using software to system encryption Cost is saved.
Brief description of the drawings
Fig. 1 is the structure drawing of device of the present invention;
Embodiment
Technical scheme in order to illustrate the embodiments of the present invention more clearly, it will use below required in embodiment Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for ability For the those of ordinary skill of domain, on the premise of not paying creative work, it can also be obtained according to these accompanying drawings other attached Figure.
On the one hand, embodiments of the present invention provide one kind and are based on the credible detection method of server, and accompanying drawing 1 is the present invention Structure drawing of device, methods described includes:
Power on request is sent to server, the server MB CPLD receive starting-up signal, while credible defeated by BMC Enter output interface signal and judge whether system is in trusted status, if being in insincere state, the MB CPLD refusals start please Ask;If being in trusted status, server system boots up operation.
Credible detecting system is not increased, server switching on and shutting down process is:After server receives power on request, server MB CPLD will send system boot signal SYSTEM POWER ON and be connected to starting-up signal to platform control unit (south bridge) PCH, PCH Afterwards, SLP S4 clock signals can be sent and give MB CPLD, and then MB CPLD control systems chronologically normal boot-strap.
After credible detecting system is increased, a credible detection GPIO can be increased between BMC and MB CPLD, for BMC Notify the result of credible detection to MB CPLD, MB CPLD can be by BMC TRUSTED GPIO while receiving starting-up signal (BMC is credible input/output interface) signal judges whether system is in trusted status, if BMC is in insincere state, MB CPLD will refuse any request of starting shooting, and only be in trusted status in BMC, server system can just boot up operation.
When system normal operation, BMC detects that system is insincere, it will is notified by BMC TRUSTED GPIO MB CPLD, while MB CPLD will carry out power-off operation to server system.
The present invention can be applied in any server product and Related product.
The invention provides one kind to be based on the credible detection method of server, sends power on request to server, server MB CPLD receives starting-up signal, while judges whether system is in trusted status by the credible input/output interface signals of BMC, if place In insincere state, the MB CPLD refuse power on request;If being in trusted status, server system boots up operation.This In BMC detection service device systems in the case of believable, server system can just carry out start-up operation for invention, so as to avoid taking Business device start under dangerous environment, enhance the reliability of server system, system encryption has been saved using software into This.
On the other hand, embodiments of the present invention provide one kind and are based on the credible detection means of server, described device bag Include:BMC, MB CPLD and platform control unit PCH;The credible input/output interfaces of BMC are set between BMC and MB CPLD;Clothes Business device MB CPLD receive starting-up signal, while judge whether system is in credible shape by the credible input/output interface signals of BMC State, if the BMC is in insincere state, the MB CPLD refuse power on request;If the BMC is in trusted status, service Device system boots up operation.
Credible detecting system is not increased, server switching on and shutting down process is:After server receives power on request, server MB CPLD will send system boot signal SYSTEM POWER ON and be connected to starting-up signal to platform control unit (south bridge) PCH, PCH Afterwards, SLP S4 clock signals can be sent and give MB CPLD, and then MB CPLD control systems chronologically normal boot-strap.
After credible detecting system is increased, a credible detection GPIO can be increased between BMC and MB CPLD, for BMC Notify the result of credible detection to MB CPLD, MB CPLD can be by BMC TRUSTED GPIO while receiving starting-up signal (BMC is credible input/output interface) signal judges whether system is in trusted status, if BMC is in insincere state, MB CPLD will refuse any request of starting shooting, and only be in trusted status in BMC, server system can just boot up operation.
When system normal operation, BMC detects that system is insincere, it will is notified by BMC TRUSTED GPIO MB CPLD, while MB CPLD will carry out power-off operation to server system.
The present invention can be applied in any server product and Related product.
The invention provides one kind to be based on the credible detection means of server, including BMC, MB CPLD and platform courses list First PCH, power on request is sent to server, server MB CPLD receive starting-up signal, while pass through the credible input and output of BMC Interface signal judges whether system is in trusted status, if being in insincere state, the MB CPLD refuse power on request;If In trusted status, server system boots up operation.The present invention in BMC detection service device systems in the case of believable, Server system can just carry out start-up operation, so as to avoid server from starting under dangerous environment, enhance server The reliability of system, cost is saved to system encryption using software.
The foregoing description of the disclosed embodiments, those skilled in the art are enable to realize or using the present invention.To this A variety of modifications of a little embodiments will be apparent for a person skilled in the art, and generic principles defined herein can Without departing from the spirit or scope of the present invention, to realize in other embodiments.Therefore, the present invention will not be limited The embodiments shown herein is formed on, but meets the most wide model consistent with principles disclosed herein and features of novelty Enclose.

Claims (6)

1. one kind is based on the credible detection method of server, it is characterised in that methods described includes:
Power on request is sent to server, the server MB CPLD receive starting-up signal, while defeated by the credible inputs of BMC Outgoing interface signal judges whether system is in trusted status, if being in insincere state, the MB CPLD refuse power on request; If being in trusted status, server system boots up operation.
2. according to the method for claim 1, it is characterised in that:It is described to be judged by the credible input/output interface signals of BMC Whether system in trusted status is realized by the credible input/output interfaces of BMC between BMC and MB CPLD.
3. according to the method for claim 1, it is characterised in that:Server system boots up operation:Server MB CPLD send system boot signal to platform control unit, after the platform control unit is connected to starting-up signal, transmission timing Signal is to MB CPLD, control system chronologically normal boot-strap.
4. according to the method for claim 1, it is characterised in that:When system is in normal operating condition, BMC detects system It is insincere, then MB CPLD are notified by the credible input/output interfaces of BMC, power-off operation is carried out to server system.
5. one kind is based on the credible detection means of server, it is characterised in that:Described device includes:BMC, MB CPLD and platform Control unit PCH;The credible input/output interfaces of BMC are set between BMC and MB CPLD;
Server MB CPLD receive starting-up signal, while judge whether system is in by the credible input/output interface signals of BMC Trusted status, if the BMC is in insincere state, the MB CPLD refuse power on request;If the BMC is in credible shape State, server system boot up operation.
6. device according to claim 5, it is characterised in that:Server system boots up operation:Server MB CPLD send system boot signal to platform control unit, after the platform control unit is connected to starting-up signal, transmission timing Signal is to MB CPLD, control system chronologically normal boot-strap.
CN201711139657.6A 2017-11-16 2017-11-16 One kind is based on the credible detection method and device of server Pending CN107798246A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711139657.6A CN107798246A (en) 2017-11-16 2017-11-16 One kind is based on the credible detection method and device of server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711139657.6A CN107798246A (en) 2017-11-16 2017-11-16 One kind is based on the credible detection method and device of server

Publications (1)

Publication Number Publication Date
CN107798246A true CN107798246A (en) 2018-03-13

Family

ID=61535255

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711139657.6A Pending CN107798246A (en) 2017-11-16 2017-11-16 One kind is based on the credible detection method and device of server

Country Status (1)

Country Link
CN (1) CN107798246A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108804952A (en) * 2018-05-29 2018-11-13 郑州云海信息技术有限公司 A kind of server start-up control device and control method
CN109583212A (en) * 2018-11-16 2019-04-05 郑州云海信息技术有限公司 A kind of firmware file guard method and system based on Intel Whitley platform
CN109670349A (en) * 2018-12-13 2019-04-23 英业达科技有限公司 The hardware structure of trusted computer and the credible starting method of computer
CN110837632A (en) * 2019-09-29 2020-02-25 深圳市火乐科技发展有限公司 Safety detection method, intelligent projector and related product
CN117235004A (en) * 2023-10-10 2023-12-15 合芯科技(苏州)有限公司 Control method and device of server, terminal equipment and readable storage medium

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108804952A (en) * 2018-05-29 2018-11-13 郑州云海信息技术有限公司 A kind of server start-up control device and control method
CN108804952B (en) * 2018-05-29 2021-06-25 郑州云海信息技术有限公司 Server startup control device and control method
CN109583212A (en) * 2018-11-16 2019-04-05 郑州云海信息技术有限公司 A kind of firmware file guard method and system based on Intel Whitley platform
CN109583212B (en) * 2018-11-16 2021-11-02 郑州云海信息技术有限公司 Firmware file protection method and system based on Intel Whitley platform
CN109670349A (en) * 2018-12-13 2019-04-23 英业达科技有限公司 The hardware structure of trusted computer and the credible starting method of computer
CN109670349B (en) * 2018-12-13 2021-10-01 英业达科技有限公司 Hardware architecture of trusted computer and trusted starting method of computer
CN110837632A (en) * 2019-09-29 2020-02-25 深圳市火乐科技发展有限公司 Safety detection method, intelligent projector and related product
CN117235004A (en) * 2023-10-10 2023-12-15 合芯科技(苏州)有限公司 Control method and device of server, terminal equipment and readable storage medium

Similar Documents

Publication Publication Date Title
CN107798246A (en) One kind is based on the credible detection method and device of server
CN100504740C (en) Remote control method, device and computer switcher
CN107783849B (en) Event processing method and client
CN101542444B (en) Security features in interconnect centric architectures
CN104657228B (en) A kind of system exception processing method and processing device of mobile terminal
CN110690985A (en) Network function virtualization architecture with device isolation
CN109670319A (en) A kind of server flash method for managing security and its system
US11972033B2 (en) Alert handling
CN104809400A (en) Process protection method and device
US10986556B2 (en) Circuit for monitoring a data processing system
US8423817B2 (en) Method, system, and device for resetting network elements
CN103558907B (en) Electronic device and method for reducing power consumption of electronic device
CN104199517A (en) Heterogeneous trusted redundant server system based on domestic processor
US20170147440A1 (en) Chip Initialization System and Method for Initializing Chip by Using Reset Pin
CN110069922B (en) System interface hijacking detection method and device and terminal
CN105467870A (en) Synchronous operation method and system thereof
CN104850522B (en) A kind of signal output method and device
USRE46520E1 (en) Server cluster and control mechanism thereof
CN107315660A (en) A kind of two-node cluster hot backup method of virtualization system, apparatus and system
CN105446751B (en) A kind of information processing method and electronic equipment
CN105989273B (en) Application program login method, device and electronic equipment
CN103092711A (en) Power-off control method and system for electronic equipment and start control method and system for electronic equipment
CN104598789A (en) Protection method of hot-plugging functional module device and electronic device
KR102290796B1 (en) Method of automatically restarting ecu upon occurrence of lin communicatin errors
KR20150086215A (en) Error signal handling unit, device and method for outputting an error condition signal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180313

RJ01 Rejection of invention patent application after publication