CN102270229A - Measurement method for basic input/output system (BIOS)-level system file - Google Patents
Measurement method for basic input/output system (BIOS)-level system file Download PDFInfo
- Publication number
- CN102270229A CN102270229A CN2011101959214A CN201110195921A CN102270229A CN 102270229 A CN102270229 A CN 102270229A CN 2011101959214 A CN2011101959214 A CN 2011101959214A CN 201110195921 A CN201110195921 A CN 201110195921A CN 102270229 A CN102270229 A CN 102270229A
- Authority
- CN
- China
- Prior art keywords
- file
- system file
- data
- sector
- measure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a measurement method for a basic input/output system (BIOS)-level system file. The method comprises the following steps of: reading a hard disk master boot record (MBR); positioning and reading super block sector data; calculating block size and block group inode (i node) number; calculating a group descriptor table starting sector and a sector number; parsing the path of a system file to be measured; reading the sector data of a parent directory of the system file to be measured; calculating and reading the sector number of the block of the system file to be measured; calculating the starting sector number of the file data; outputting the binary mirroring data of the file, and performing integrity measurement; and implementing the integrity measurement of the system file corresponding to a system file positioning index module of the BIOS-level system file. The security of the core system file before an operating system is started is effectively ensured. The method has strong universality, resolution and positioning of the binary mirroring file are realized by adopting a reliable and valid algorithm, and stability and high efficiency of system file measurement are ensured. The security of the system is further enhanced.
Description
Technical field
The present invention relates to a kind of BIOS level system file measure, particularly a kind of BIOS level file measure towards (SuSE) Linux OS.
Background technology
Along with popularizing day by day and the develop rapidly of Internet technology of computing machine, the computer security control technology is also in continuous progress.At present, computer security control technology under the stand-alone environment generally is implemented in the operating system aspect, its enforcement means have two kinds usually, a kind of is that ID authentication mechanism strengthens, its realization approach is the authentication mode of replacement operation system based on password, change two-factor authentication mode into, as smart card, USBKey etc. based on the hardware medium; Another kind is that security protection mechanism strengthens, and its realization approach is to increase the attack that fire wall limits disabled user on the internet in the operating system aspect, increases fire wall and prevents that validated user from carrying out that hard disc data is stolen etc.
Though the security control measure that increases in the operating system aspect can be satisfied people's demand for security to a certain extent, also exposes some problems simultaneously.On the one hand, a lot of computing machines are not provided with the authentication process BIOS (Basic Input/Output System) unloading phase, therefore, the disabled user only need be by simple technology, as modes such as CD-ROM drive guiding, USB flash disk guiding, the safety control strategy that just can get around operating system enters computing machine, obtains the data file of storing in the hard disk; On the other hand, though a lot of computing machines are provided with the authentication means based on password in the BIOS system, but still have some defectives, still can carry out hard disc data as: some validated user and steal by the safety control strategy that bootable equipment gets around operating system; The disabled user can remove password by simple operationss such as CMOS discharges; A lot of computer manufacturers are provided with super password to the BIOS system, and this super password also is a kind of potential potential safety hazard.
In addition,, also can constitute directly threat to the safety of system, cause the possibility of information leakage if the core system file of operating system is distorted or deleted.And under the BIOS system, can't finish directly the reading of file, because file system drives and only is present on the operating system, therefore need in BIOS, realize integrity measurement function to the operating system kernel file is finished in the identification of file.
Summary of the invention
The object of the invention is to provide a kind of system file measure based on BIOS, resolves, locatees and tolerance by the scale-of-two image file to system file, solves computing machine lacked effective security control measure before os starting problem.
The present invention adopts following technological means to realize:
A kind of BIOS level system file measure comprises file system structure analysis module, file data storing and resolving module, treats gauging system file path parsing module and system file location index module.Wherein the file system structure analysis comprises that the EXT2 file system structure is analyzed submodule, the EXT3 file system structure analyzes submodule and the EXT4 file system structure is analyzed submodule.
A kind of concrete steps of BIOS level system file measure are:
The first step: read hard disk MBR (Main Boot Record);
Corresponding to the file system structure analysis module of BIOS level system file measure, calling system interrupts reading first sectors of data of hard disk, resolves, and judges the file system in main partition;
Second step: the superblock sector data is read in the location;
Corresponding to the file system structure analysis module of BIOS level system file measure, the affirmation file system is behind a kind of among EXT2, EXT3 and the EXT4, and calling system interrupts reading the sector data of hard disk superblock;
The 3rd step: calculate block size and piece group inode (i node) node number;
Corresponding to the file data storing and resolving module of BIOS level system file measure,, calculate the size of piece and the inode node number that each piece group comprises in superblock particular offset position reading of data;
The 4th step: calculate group descriptor table initial sector and sector number;
Corresponding to the file data storing and resolving module of BIOS level system file measure, according to the size of piece, calculate the initial sector and the sector number of group descriptor table, and calling system interrupts reading the sector data of group descriptor table.
The 5th step: the path that the gauging system file is treated in analysis;
Corresponding to BIOS level system file measure treat gauging system file path parsing module, begin in layer to resolve from root directory, navigate to the parent directory for the treatment of the gauging system file, until navigate to treat the gauging system file till.
The 6th step: read the sector data for the treatment of gauging system file place parent directory;
Corresponding to the file system structure analysis module of BIOS level system file measure, read the sector data for the treatment of gauging system file place parent directory, and wait to measure filename or directory name mates, thereby navigate to corresponding deviation post.
The 7th step: calculate and read the sector number for the treatment of gauging system file place piece;
System file location index module corresponding to BIOS level system file measure, obtain and treat the pairing inode node number of gauging system file, calculate the node number in piece group number and the piece group, according to piece group descriptor table, carry out conversion Calculation, obtain the sector number of system file place piece.
The 8th step: calculation document data place start sector number;
System file location index module corresponding to BIOS level system file measure, take the characteristic of 128 bytes according to the node number in the piece group of gained and each inode, obtain this document place piece, carry out conversion Calculation, obtain file data place start sector number.
The 9th step: the scale-of-two mirror image data of output file, carry out integrity measurement;
System file location index module corresponding to BIOS level system file measure, according to file data place start sector number, press the scale-of-two mirror image data of piece output file, call credible cryptographic algorithm, mate with reference value, realize the system file integrity measurement.
So far, by above each step, effectively guaranteed the os starting security of core system file before.
The present invention compared with prior art has following remarkable advantages and beneficial effect:
1, highly versatile of the present invention both can be applicable to common computer, also can be applicable to the computing machine that server, built-in terminal etc. have the BIOS system;
2, the present invention takes reliable and effective algorithm to realize the parsing and the location of scale-of-two image file, guarantees the stability and the high efficiency of system file tolerance;
3, the invention process is the unloading phase of BIOS, can guarantee the security of core system file before the os starting, do not hinder the user to continue to implement other security control means, the further security of enhanced system in the operating system aspect simultaneously.
Description of drawings
Fig. 1 is a kind of process flow diagram of BIOS level system file measure;
Wherein, 1 is the file system structure analysis module, and 2 is file data storing and resolving module, 3. treats gauging system file path parsing module, and 4 are system file location index module.
Embodiment
Below in conjunction with Figure of description specific embodiments of the invention are illustrated:
See also shown in Figure 1ly, a kind of BIOS level system file measure comprises file system structure analysis module 1, file data storing and resolving module 2, treats gauging system file path parsing module 3 and system file location index module 4.Wherein file system structure analysis module 1 comprises that the EXT2 file system structure is analyzed submodule, the EXT3 file system structure analyzes submodule and the EXT4 file system structure is analyzed submodule.
A kind of concrete steps of the computer safety control method based on BIOS are:
The first step: read hard disk MBR
Corresponding to the file system structure analysis module 1 of BIOS level system file measure, calling system interrupts reading first sectors of data of hard disk, resolves, and judges the file system in main partition;
Second step: the superblock sector data is read in the location
Corresponding to the file system structure analysis module 1 of BIOS level system file measure, the affirmation file system is behind a kind of among EXT2, EXT3 and the EXT4, and calling system interrupts reading the sector data of hard disk superblock;
The 3rd step: calculate block size and piece group inode node number
Corresponding to the file data storing and resolving module 2 of BIOS level system file measure,, calculate the size of piece and the inode node number that each piece group comprises in superblock particular offset position reading of data;
The 4th step: calculate group descriptor table initial sector and sector number
Corresponding to the file data storing and resolving module 2 of BIOS level system file measure, according to the size of piece, calculate the initial sector and the sector number of group descriptor table, and calling system interrupts reading the sector data of group descriptor table.
The 5th step: the path that the gauging system file is treated in analysis
Corresponding to BIOS level system file measure treat gauging system file path parsing module 3, begin in layer to resolve from root directory, navigate to the parent directory for the treatment of the gauging system file, until navigate to treat the gauging system file till.
The 6th step: read the sector data for the treatment of gauging system file place parent directory
Corresponding to the file system structure analysis module 1 of BIOS level system file measure, read the sector data for the treatment of gauging system file place parent directory, mate with filename to be measured (or directory name), thereby navigate to corresponding deviation post.
The 7th step: calculate and read the sector number for the treatment of gauging system file place piece
System file location index module 4 corresponding to BIOS level system file measure, obtain and treat the pairing inode node number of gauging system file, calculate the node number in piece group number and the piece group, according to piece group descriptor table, carry out conversion Calculation, obtain the sector number of system file place piece.
The 8th step: calculation document data place start sector number
System file location index module 4 corresponding to BIOS level system file measure, take the characteristic of 128 bytes according to the node number in the piece group of gained and each inode, obtain this document place piece, carry out conversion Calculation, obtain file data place start sector number.
The 9th step: the scale-of-two mirror image data of output file, carry out integrity measurement
System file location index module 4 corresponding to BIOS level system file measure, according to file data place start sector number, press the scale-of-two mirror image data of piece output file, call credible cryptographic algorithm, mate with reference value, realize the system file integrity measurement.
So far, by above each step, effectively guaranteed the os starting security of core system file before.
Claims (1)
1. the measure of a BIOS level system file comprises file system structure analysis (1), file data storing and resolving (2), treats that the gauging system file path is resolved (3) and system file is located index (4); It is characterized in that may further comprise the steps:
Step 1: read hard disk MBR;
Corresponding to the file system structure analysis module (1) of BIOS level system file measure, calling system interrupts reading first sectors of data of hard disk, resolves, and judges the file system in main partition;
Step 2: the superblock sector data is read in the location;
Corresponding to the file system structure analysis module (1) of BIOS level system file measure, the affirmation file system is behind a kind of among EXT2, EXT3 and the EXT4, and calling system interrupts reading the sector data of hard disk superblock;
Step 3: calculate block size and piece group inode node number;
Corresponding to the file data storing and resolving module (2) of BIOS level system file measure,, calculate the size of piece and the inode node number that each piece group comprises in superblock particular offset position reading of data;
Step 4: calculate group descriptor table initial sector and sector number;
Corresponding to the file data storing and resolving module (2) of BIOS level system file measure, according to the size of piece, calculate the initial sector and the sector number of group descriptor table, and calling system interrupts reading the sector data of group descriptor table;
Step 5: the path that the gauging system file is treated in analysis;
Corresponding to BIOS level system file measure treat gauging system file path parsing module (3), begin in layer to resolve from root directory, navigate to the parent directory for the treatment of the gauging system file, until navigate to treat the gauging system file till;
Step 6: read the sector data for the treatment of gauging system file place parent directory;
File system structure analysis module (1) corresponding to BIOS level system file measure reads the sector data for the treatment of gauging system file place parent directory, mates with filename to be measured (or directory name), thereby navigates to corresponding deviation post;
Step 7: calculate and read the sector number for the treatment of gauging system file place piece;
System file location index module (4) corresponding to BIOS level system file measure, obtain and treat the pairing inode node number of gauging system file, calculate the node number in piece group number and the piece group, according to piece group descriptor table, carry out conversion Calculation, obtain the sector number of system file place piece;
Step 8: calculation document data place start sector number;
System file location index module (4) corresponding to BIOS level system file measure, take the characteristic of 128 bytes according to the node number in the piece group of gained and each inode, obtain this document place piece, carry out conversion Calculation, obtain file data place start sector number;
Step 9: the scale-of-two mirror image data of output file, carry out integrity measurement;
System file location index module (4) corresponding to BIOS level system file measure, according to file data place start sector number, press the scale-of-two mirror image data of piece output file, call credible cryptographic algorithm, mate with reference value, realize the system file integrity measurement.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011101959214A CN102270229B (en) | 2011-07-13 | 2011-07-13 | Measurement method for basic input/output system (BIOS)-level system file |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011101959214A CN102270229B (en) | 2011-07-13 | 2011-07-13 | Measurement method for basic input/output system (BIOS)-level system file |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102270229A true CN102270229A (en) | 2011-12-07 |
| CN102270229B CN102270229B (en) | 2013-02-13 |
Family
ID=45052534
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011101959214A Expired - Fee Related CN102270229B (en) | 2011-07-13 | 2011-07-13 | Measurement method for basic input/output system (BIOS)-level system file |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102270229B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102819705A (en) * | 2012-07-26 | 2012-12-12 | 郑州信大捷安信息技术股份有限公司 | System and method for realizing system file integrity verification in master boot sector |
| CN103150395A (en) * | 2013-03-25 | 2013-06-12 | 中国人民解放军国防科学技术大学 | Directory path analysis method of solid state drive (SSD)-based file system |
| CN107145802A (en) * | 2017-05-09 | 2017-09-08 | 郑州云海信息技术有限公司 | A kind of BIOS integrity measurement methods, baseboard management controller and system |
| CN107729069A (en) * | 2017-10-12 | 2018-02-23 | 浪潮(北京)电子信息产业有限公司 | A kind of method, apparatus of clean boot video card, computer-readable recording medium |
| CN108090168A (en) * | 2017-12-14 | 2018-05-29 | 厦门市美亚柏科信息股份有限公司 | A kind of general F2FS file system analytic method, terminal device and storage medium |
| CN110175054A (en) * | 2019-04-26 | 2019-08-27 | 武汉虹信通信技术有限责任公司 | A kind of automatic-calling method and system of system file |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6791157B1 (en) * | 2000-01-18 | 2004-09-14 | Advanced Micro Devices, Inc. | Integrated circuit package incorporating programmable elements |
| CN101044488A (en) * | 2004-11-15 | 2007-09-26 | 英特尔公司 | Secure boot scheme from exterbal memory using international memory |
-
2011
- 2011-07-13 CN CN2011101959214A patent/CN102270229B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6791157B1 (en) * | 2000-01-18 | 2004-09-14 | Advanced Micro Devices, Inc. | Integrated circuit package incorporating programmable elements |
| CN101044488A (en) * | 2004-11-15 | 2007-09-26 | 英特尔公司 | Secure boot scheme from exterbal memory using international memory |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102819705A (en) * | 2012-07-26 | 2012-12-12 | 郑州信大捷安信息技术股份有限公司 | System and method for realizing system file integrity verification in master boot sector |
| CN102819705B (en) * | 2012-07-26 | 2014-11-19 | 郑州信大捷安信息技术股份有限公司 | System and method for realizing system file integrity verification in master boot sector |
| CN103150395A (en) * | 2013-03-25 | 2013-06-12 | 中国人民解放军国防科学技术大学 | Directory path analysis method of solid state drive (SSD)-based file system |
| CN103150395B (en) * | 2013-03-25 | 2014-07-23 | 中国人民解放军国防科学技术大学 | Directory path analysis method of solid state drive (SSD)-based file system |
| CN107145802A (en) * | 2017-05-09 | 2017-09-08 | 郑州云海信息技术有限公司 | A kind of BIOS integrity measurement methods, baseboard management controller and system |
| CN107729069A (en) * | 2017-10-12 | 2018-02-23 | 浪潮(北京)电子信息产业有限公司 | A kind of method, apparatus of clean boot video card, computer-readable recording medium |
| CN108090168A (en) * | 2017-12-14 | 2018-05-29 | 厦门市美亚柏科信息股份有限公司 | A kind of general F2FS file system analytic method, terminal device and storage medium |
| CN110175054A (en) * | 2019-04-26 | 2019-08-27 | 武汉虹信通信技术有限责任公司 | A kind of automatic-calling method and system of system file |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102270229B (en) | 2013-02-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102270229B (en) | Measurement method for basic input/output system (BIOS)-level system file | |
| US20180107558A1 (en) | System and Method for Self-Healing Basic Input/Output System Boot Image and Secure Recovery | |
| CN104318147A (en) | Information processing method and electronic device | |
| CN105320867B (en) | Electronic device and fingerprinting method | |
| US10255438B2 (en) | Operating system agnostic validation of firmware images | |
| CN101276389A (en) | Separation of logical trusted platform modules within a single physical trusted platform module | |
| CN105577644A (en) | Encryption and authentication method and system | |
| Jackson et al. | Fostering Innovation in the US Court System: Identifying High-Priority Technology and Other Needs for Improving Court Operations and Outcomes | |
| CN105183388A (en) | Obtaining method, device and system for hardware physics serial number | |
| Fairhurst | Age factors in biometric processing | |
| CN103488937A (en) | Measuring method, electronic equipment and measuring system | |
| JP2006268861A (en) | Method and control device for controlling access of computer to user data | |
| TW201019113A (en) | Authenticable USB storage device and method thereof | |
| CN104361280B (en) | A kind of method realizing carrying out authentic authentication to USB storage device by SMI interrupt | |
| CN101488177A (en) | BIOS based computer security control system and method thereof | |
| CN102200917B (en) | Computing equipment and method for determining guiding equipment in startup process | |
| CN115130114B (en) | Gateway secure starting method and device, electronic equipment and storage medium | |
| CN103747241A (en) | Method and apparatus for detecting integrity of video | |
| CN105095513B (en) | A kind of method and apparatus cracking oracle database account password | |
| EP3523745B1 (en) | Electronic device, method for controlling thereof and computer-readable recording medium | |
| Verma et al. | Comparison of Various Segmentation Techniques in Iris Recognition: Case Study | |
| CN103020532A (en) | Flash encryption method and device for vehicle-mounted terminal | |
| CN109145626B (en) | RAID hardware encryption device and method | |
| JP2013114621A (en) | Information processing apparatus and program verification method for information processing apparatus | |
| US20220327193A1 (en) | Electronic system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130213 Termination date: 20150713 |
|
| EXPY | Termination of patent right or utility model |