A kind of computer booting anti-counterfeit authentication method based on BIOS
Technical field
The present invention relates to fake certification, relate in particular to a kind of computer booting anti-counterfeit authentication method, belong to the Computer Applied Technology field based on BIOS.
Background technology
Mainly through on the hardware of computing machine, pasting pressure sensitive adhesive, means such as frangible subsides realize existing computing machine method for anti-counterfeit.Defectives such as although these class methods are very universal, it exist to be prone to is forged, and the antifalse effect influence factor is many.
The illegal businessman of on the market some utilizes these defectives, and the computing machine that the user is returned is used as completely new product and is sold to the client, and the client then can't confirm whether the product of its purchase belongs to this type of afterproduct through present false proof means or other simple modes.
The businessman that simultaneously also has some to play one's cards well, with the part hardware in the hardware replacement brand of computer poor quality, or even pretend to be brand of computer to sell, grievous injury consumer's interests, also damaged the rights and interests of computer brand manufacturer simultaneously.
Existing computing machine method for anti-counterfeit can't prevent or solve this type of problem.
Therefore, it is high to develop a kind of reliability, and easy operating is with low cost, the computing machine method for anti-counterfeit that does not influence the customer experience degree simultaneously safeguard for the prestige of computing machine production firm and consumer's rights and interests protection for all have very important realistic meaning.
Summary of the invention
The objective of the invention is to overcome the problem that exists in the prior art, a kind of computer booting anti-counterfeit authentication method based on BIOS is provided.
The inventive method is according to the characteristic of PC; Through in BIOS, implanting a start authentication unit; Read the unique identification information of computer and encrypt and show; The user submits to the remote counterfeit deterrence authentication server through sending note or modes such as phone or network with displaying contents, through deciphering and relevant checking, returns active coding and gives the user.If success then can normally get into system, otherwise return error message.
Specifically, the inventive method comprises the following steps:
A) in BIOS, implant a start authentication unit;
B) said start authentication unit is ended start-up routine behind computer booting, reads the unique identification of computing machine and encrypt to obtain ciphertext, is shown in computer screen;
C) user is sent to a remote counterfeit deterrence authentication server through an information sender formula with said ciphertext;
D) said fake certification server is deciphered said ciphertext and is verified said unique identification, verifies an active coding to be returned to the user after errorless;
E) said user imports said start authentication unit with said active coding, and the said start authentication unit in the errorless back of empirical tests continues said start-up routine.
Said unique identification comprises sequence number and ID.Said ID comprises CPU ID, BOIS sign, MAC Address, hard disk sign, one or more in the component identification information such as video card sign.
Said information sender formula is the mode through note or phone or computer network (LAN, wide area network, the Internet etc.).
Said start authentication unit can be a software agent that obtains through programming; It also can be a hardware body; Be mounted on the USB device of said computing machine such as one according to the PMP ROM standard of BIOS; Said USB device loads after with the BIOS self check, and ends this start-up routine before the os starting in said computing machine.
On the basis of above-mentioned steps,, can adopt following manner in order to save the trouble of user's subsequent authentication:
Mode 1. said start authentication units verify that the errorless back of said active coding stores said active coding, and in computer starting program after this, directly read said active coding and start-up routine.Said active coding preferably is stored in the shielded zone, in case active coding is had a mind to or deletion by mistake, and maybe be such as the user with the deletion of active coding mistake when the installing operating system.Said shielded zone can be implicit subregion (such as HPA, HOSTPROTECTEDAREA), also can be to be 0 sector before the initial sector 3F, any one subregion that also can right and wrong C dish.Different according to needed safe coefficient, can adopt different modes.
Mode 2. said start authentication units are said computer installation one activation marker, and after said start authentication unit verified that said active coding is errorless, said activation marker was set to activate, directly move said start-up routine behind the after this said computer booting.
Encryption and decryption process of the present invention can adopt general encryption and decryption technology, does not have particular restriction.
Compare with prior art, advantage of the present invention embodies a concentrated reflection of:
Through the inventive method can effectively solve the illegal dealer that exists on the market with old fill new, the situation of passing a fake product off as a genuine one, thus effectively protect consumer's interests.
2. can make computing machine production firm obtain sales data timely and effectively through the inventive method, make things convenient for stock control and sales incentive.
3. the inventive method operation is convenient, with low cost, and reliability is high, is easy to promote the use of.
Description of drawings
Fig. 1 is the booting anti-counterfeit checking process flow diagram of the embodiment of the invention 1;
Fig. 2 is provided with process flow diagram for the activation marker of the embodiment of the invention 1, and a is used for Windows, and b is used for DOS;
Fig. 3 is the booting anti-counterfeit checking process flow diagram of the embodiment of the invention 2.
Embodiment
Combine accompanying drawing that the present invention is further described through specific embodiment below.
Embodiment 1
The user buys a computing machine, implants a start authentication module among the BIOS of this computing machine.
After the user starts shooting first; This start authentication module reads activation marker, and this moment, activation marker was set to un-activation, so this module hang up system start-up program; And read the SN+ID of computing machine; This SN+ID encrypted eject theactivewindow, this window display string, the SN+ID after promptly encrypting after forming a string short character.
The user sends a telegraph computer vendors; And this character string informed customer service, and customer service is its input validation system, and verification system deciphering back judges whether this SN and ID have been kept in the database and can both mate; If not; Then notify the user to make a mistake, if checking is errorless, the active coding that then verification system generates and this SN+ID is corresponding also is shown to customer service.
Customer service is through this active coding of user that tells by telephone.
The user with this opening computer authentication module of this active coding input after, this active coding of this module verification is errorless, then the activation marker of this computing machine is made as and activates and start the operating system.
After this, after the each start of user, this start authentication module can successfully read activation marker, so shut-down operation system start-up program no longer.The process flow diagram of present embodiment is as shown in Figure 1.
Relevant therewith, Fig. 2 has provided computer vendors is provided with SN+ID and activation marker in hard disc of computer before computing machine dispatches from the factory process flow diagram, and Fig. 2 a representes the set-up mode under the Windows system, and Fig. 2 b representes the set-up mode under the DOS system.
Embodiment 2
Present embodiment is based on the situation identical with embodiment 1, and difference is, on the computing machine that the user buys, articulates a USB device according to the PMP ROM standard of BIOS, and this USB device plays embodiment 1 described start authentication module.This equipment loads after with the BIOS self check, and ends this start-up routine before the os starting in said computing machine.
The difference of present embodiment and embodiment 1 is that also the user accomplishes whole verification process through note by means of third party's SMS platform.Fig. 3 is the process flow diagram of present embodiment.