A kind of computer booting anti-counterfeit authentication method based on BIOS
Technical field
The present invention relates to fake certification, relate in particular to a kind of computer booting anti-counterfeit authentication method, belong to the Computer Applied Technology field based on BIOS.
Background technology
Mainly by paste pressure sensitive adhesive on the hardware of computing machine, means such as frangible subsides realize existing computing machine method for anti-counterfeit.Although these class methods are very universal, defective such as it exists easily forges, and the antifalse effect influence factor is many.
The illegal businessman of on the market some utilizes these defectives, and the computing machine that the user is returned is used as completely new product and is sold to the client, and the client then can't determine whether the product of its purchase belongs to this type of afterproduct by present false proof means or other simple modes.
The businessman that simultaneously also has some to play one's cards well, with the part hardware in the hardware replacement brand of computer poor quality, or even pretend to be brand of computer to sell, grievous injury consumer's interests, also damaged the rights and interests of computer brand manufacturer simultaneously.
Existing computing machine method for anti-counterfeit can't prevent or solve this type of problem.
Therefore, develop a kind of reliability height, easy operating, with low cost, the computing machine method for anti-counterfeit that does not influence simultaneously the customer experience degree safeguard for the prestige of computing machine production firm and consumer's rights and interests protection for all have very important realistic meaning.
Summary of the invention
The objective of the invention is to overcome problems of the prior art, a kind of computer booting anti-counterfeit authentication method based on BIOS is provided.
The inventive method is according to the characteristic of PC, by in BIOS, implanting a start authentication unit, read the unique identification information of computer and encrypt and show, the user submits to the remote counterfeit deterrence authentication server by sending note or modes such as phone or network with displaying contents, through deciphering and relevant checking, return active coding and give the user.If success then can normally enter system, otherwise return error message.
Specifically, the inventive method comprises the following steps:
A) in BIOS, implant a start authentication unit;
B) described start authentication unit is ended start-up routine behind computer booting, reads the unique identification of computing machine and encrypt to be shown in computer screen;
C) user is sent to a remote counterfeit deterrence authentication server by an information sender formula with described ciphertext;
D) described server is deciphered described ciphertext and is verified described unique identification, verifies an active coding to be returned to the user after errorless;
E) described user imports described start authentication unit with described active coding, and the described start authentication unit in the errorless back of empirical tests continues described start-up routine.
Described unique identification comprises sequence number and ID.Described ID comprises CPU ID, BOIS sign, MAC Address, hard disk sign, one or more in the component identification information such as video card sign.
Described information sender formula is the mode by note or phone or computer network (LAN (Local Area Network), wide area network, the Internet etc.).
Described start authentication unit can be a software agent that obtains by programming, it also can be a hardware body, be mounted on the USB device of described computing machine such as one according to the PMP ROM standard of BIOS, described USB device loads after with the BIOS self check, and ends this start-up routine before the os starting in described computing machine.
On the basis of above-mentioned steps,, can adopt following manner in order to save the trouble of user's subsequent authentication:
Mode 1. described start authentication units verify that the errorless back of described active coding stores described active coding, and directly read described active coding and start-up routine in computer starting program after this.Described active coding preferably is stored in the shielded zone, in case active coding is had a mind to or deletion by mistake, and may be such as the user with the deletion of active coding mistake when the installing operating system.Described shielded zone can be implicit subregion (such as HPA, HOST PROTECTED AREA), also can be to be 0 sector before the initial sector 3F, any one subregion that also can right and wrong C dish.According to needed safe coefficient difference, can be in different ways.
Mode 2. described start authentication units are described computer installation one activation marker, and after described start authentication unit verified that described active coding is errorless, described activation marker was set to activate, directly move described start-up routine behind the after this described computer booting.
Encryption and decryption process of the present invention can adopt general encryption and decryption technology, does not have particular restriction.
Compare with prior art, advantage of the present invention embodies a concentrated reflection of:
By the inventive method can effectively solve the illegal dealer that exists on the market with old fill new, the situation of passing a fake product off as a genuine one, thus effectively protect consumer's interests.
2. can make computing machine production firm obtain sales data timely and effectively by the inventive method, make things convenient for stock control and sales incentive.
3. the inventive method operation is convenient, and with low cost, the reliability height is easy to promote the use of.
Description of drawings
Fig. 1 is the booting anti-counterfeit checking process flow diagram of the embodiment of the invention 1;
Fig. 2 is provided with process flow diagram for the activation marker of the embodiment of the invention 1, and a is used for Windows, and b is used for DOS;
Fig. 3 is the booting anti-counterfeit checking process flow diagram of the embodiment of the invention 2.
Embodiment
In conjunction with the accompanying drawings the present invention is further described below by specific embodiment.
Embodiment 1
The user buys a computing machine, implants a start authentication module among the BIOS of this computing machine.
After the user starts shooting first, this start authentication module reads activation marker, this moment, activation marker was set to un-activation, so this module hang up system start-up program, and read the SN+ID of computing machine, this SN+ID encrypted eject theactivewindow, this window display string, the SN+ID after promptly encrypting after forming a string short character.
The user sends a telegraph computer vendors, and this character string informed customer service, customer service is with its input validation system, verification system deciphering back judges whether this SN and ID have been kept in the database and can both mate, if not, then notify the user to make a mistake, if checking is errorless, then verification system generates and the active coding of this SN+ID correspondence and be shown to customer service.
Customer service is by this active coding of user that tells by telephone.
After the user imported this opening computer authentication module with this active coding, this active coding of this module verification was errorless, then the activation marker of this computing machine was made as to activate and start the operating system.
After this, after the each start of user, this start authentication module can successfully read activation marker, so shut-down operation system start-up program no longer.The process flow diagram of present embodiment as shown in Figure 1.
Relevant therewith, Fig. 2 has provided computer vendors is provided with SN+ID and activation marker in hard disc of computer before computing machine dispatches from the factory process flow diagram, and Fig. 2 a represents the set-up mode under the Windows system, and Fig. 2 b represents the set-up mode under the DOS system.
Embodiment 2
Present embodiment is based on the situation identical with embodiment 1, and difference is, on the computing machine that the user buys, articulates a USB device according to the PMP ROM standard of BIOS, and this USB device plays embodiment 1 described start authentication module.This equipment loads after with the BIOS self check, and ends this start-up routine before the os starting in described computing machine.
The difference of present embodiment and embodiment 1 is that also the user finishes whole verification process by note by means of third party's SMS platform.Fig. 3 is the process flow diagram of present embodiment.