CN102567682A - User access method based on BIOS (Basic Input Output System) setting - Google Patents
User access method based on BIOS (Basic Input Output System) setting Download PDFInfo
- Publication number
- CN102567682A CN102567682A CN2011104575644A CN201110457564A CN102567682A CN 102567682 A CN102567682 A CN 102567682A CN 2011104575644 A CN2011104575644 A CN 2011104575644A CN 201110457564 A CN201110457564 A CN 201110457564A CN 102567682 A CN102567682 A CN 102567682A
- Authority
- CN
- China
- Prior art keywords
- user
- bios
- authority
- usb key
- capture method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a user access method based on BIOS(Basic Input Output System) setting, which comprises the steps: a BIOS confirms user authority level through a USB Key corresponding to a user being about to access the BIOS setting; and a BIOS provides a function corresponding to the authority level to the user. By using the user access method based on BIOS setting, the safety of BIOS management authority is improved through the USB Key, different management authorities are distinguished through different USB Keys, thus different authority levels are provided for a user, and a computer system has better confidentiality and is more simply managed.
Description
Technical field
Relate generally to computer realm of the present invention more specifically relates to the user capture method that a kind of basic input-output system BIOS is provided with.
Background technology
In the development and application of active computer mainboard, BIOS is provided with the performance or the signal testing that can influence a lot of computing machines.Therefore in BIOS Setup (BIOS setting), the keeper has higher-rights, the open option of BIOS that scalable is all, and the user then can only do the part option and set adjustment.But need more open option to go deep into the debug service for BIOS slip-stick artist does, and the necessary professional and technical personnel's operation of these multi-purpose modules, if by user's operation, the damage that possibly bring hardware.Just must set up the authority of higher level, and guarantee its security.
In the prior art, a kind of guard method of computerized information is provided, method comprises step: the guard of computer password is set; Set up the system control program of the corresponding computer BIOS of password; When the computing machine operate as normal, get into protection if desired, the triggering system control program is provided with the I/O trapping state, gets into guard mode; When guard mode, if the input data, system control program judges whether the data of input are identical with password, if identical, the normal operating conditions of recovery computing machine; If different, quiescing.This technical scheme can be protected computerized information to a certain extent.
Yet this technical scheme security is relatively poor, if single software setting password is deposited among the CMOS, uses hardware short circuit COMS pin, perhaps removes the CMOS battery, just can be with the password full scale clearance.Even deposit among the VRAM, thereby also possibly obtain decoding from fixed address.Thereby make this information protecting method security lower.
Summary of the invention
To the lower defective of information protecting method security of the prior art, the present invention proposes the user capture method of the basic input-output system BIOS setting that can address the aforementioned drawbacks.
The invention provides the user capture method that a kind of BIOS is provided with, comprising: BIOS through with will visit the pairing USB Key of user that BIOS is provided with and confirm user's Permission Levels; And BIOS will offer the user with the corresponding function of Permission Levels.
Preferably, BIOS is through confirming that with the pairing USB Key of user that will visit the BIOS setting step of user's Permission Levels comprises: BIOS carries out the identification about the user to USB Key; According to the user's who is identified identity, BIOS confirms user's Permission Levels.
Preferably, BIOS utilizes the key among the USB Key to carry out identification.
Preferably, user's identity comprises domestic consumer, keeper and Senior Administrator.
Preferably, user's Permission Levels comprise elementary authority, intermediate authority and super-ordinate right.
Preferably, when the user was domestic consumer, BIOS confirmed as elementary authority with user's authority.
Preferably, when the user was the keeper, BIOS confirmed as intermediate authority with user's authority.
Preferably, when the user was the Senior Administrator, BIOS confirmed as super-ordinate right with user's authority.
Preferably; Comprise demonstration BIOS place system for computer information with the pairing function of elementary authority; With the pairing function of intermediate authority comprise show and the change computing machine in the information of voltage and clock, and comprise all functions of BIOS in being provided with the pairing function of super-ordinate right.
Preferably, before confirming user's Permission Levels through USB Key, comprising: BIOS place system for computer starts; And BIOS receives the access request from the user, and searches USBKey.
Preferably, when BIOS did not find USB Key, BIOS sent information to the user.
The user capture method of utilizing BIOS of the present invention to be provided with; Improved the security of BIOS administration authority through USB Key; And the USB Key through different distinguishes different administration authorities; Thereby the setting of different Permission Levels is offered the user, thereby make that the confidentiality of this computer system is better, manage simpler.
Other features and advantages of the present invention will be set forth in instructions subsequently, and, partly from instructions, become obvious, perhaps understand through embodiment of the present invention.The object of the invention can be realized through the structure that in the instructions of being write, claims and accompanying drawing, is particularly pointed out and obtained with other advantages.
Description of drawings
Fig. 1 is the process flow diagram of the user capture method of BIOS setting according to an embodiment of the invention; And
Fig. 2 is the process flow diagram of the user capture method of BIOS setting according to another embodiment of the invention.
Embodiment
Below in conjunction with accompanying drawing the preferred embodiments of the present invention are described, should be appreciated that preferred embodiment described herein only is used for explanation and explains the present invention, and be not used in qualification the present invention.
Fig. 1 is the process flow diagram of the user capture method of BIOS setting according to an embodiment of the invention.
In step 100, BIOS through with will visit the pairing USBKey of user that BIOS is provided with and confirm user's Permission Levels.Wherein, BIOS (Basic Input Output System) is a Basic Input or Output System (BIOS).Program, the system of the most important basic input and output of its in store computing machine is provided with information, start back self-check program and system's self-triggered program, and its major function provides the bottom, the most directly hardware setting and control for computing machine.USB Key is a kind of hardware storage device of USB interface.The profile of USB Key is similar with common U; Different is that single-chip microcomputer or intelligent card chip have been deposited in its inside; USB Key has certain storage space, can store user's private key and digital certificate, utilizes the built-in public key algorithm of USB Key can realize the authentication to user identity.In the time will visiting BIOS and be provided with, after the user inserts computing machine with USB Key through USB interface, BIOS through with the pairing USB Key of this user in information confirm user's Permission Levels.
In step 102, BIOS will offer the user with the corresponding function of Permission Levels.BIOS confirms after user's the Permission Levels, will offer the user with the corresponding function of this user's Permission Levels.
The user capture method of utilizing BIOS of the present invention to be provided with; Improved the security of BIOS administration authority through USB Key; And the USB Key through different distinguishes different administration authorities; Different Permission Levels are offered the user, thereby make that the confidentiality of this computer system is better, manage simpler.
Fig. 2 is the process flow diagram of the user capture method of BIOS setting according to another embodiment of the invention.
In step 200, BIOS place system for computer starts.In step 202, BIOS receives the access request from the user, and searches USB Key.When computer system starting, if the user receives the access request from the user, then this BIOS begins to search USB Key.
In step S204, BIOS through with will visit the pairing USBKey of user that BIOS is provided with and confirm user's Permission Levels.BIOS is through confirming that with the pairing USB Key of user that will visit the BIOS setting step of user's Permission Levels comprises: BIOS carries out the identification about the user to USB Key; According to the user's who is identified identity, BIOS confirms user's Permission Levels.Wherein, BIOS utilizes the key among the USB Key to carry out identification.User's identity comprises domestic consumer, keeper and Senior Administrator.User's Permission Levels comprise elementary authority, intermediate authority and super-ordinate right.
Particularly, after BIOS finds USB Key, utilize the built-in key of USB Key to realize authentication to user identity.Then, according to the user identity that is identified, BIOS confirms user's Permission Levels.Particularly, when the user was domestic consumer, BIOS confirmed as elementary authority with user's authority.When the user was the keeper, BIOS confirmed as intermediate authority with user's authority.When the user was the Senior Administrator, BIOS confirmed as super-ordinate right with user's authority.
In step S206, BIOS will offer the user with the corresponding function of Permission Levels.Wherein, Comprise demonstration BIOS place system for computer information with the pairing function of elementary authority; With the pairing function of intermediate authority comprise show and the change computing machine in the information of voltage and clock, and comprise all functions of BIOS in being provided with the pairing function of super-ordinate right.Particularly; When BIOS through with will visit the pairing USB Key of user that BIOS is provided with and confirm that user's Permission Levels are elementary authority the time; The system for computer information at BIOS place is shown to the user, and wherein, system information does not influence the mainboard operate as normal; For example, system information comprises: CPU information, internal memory, bios version, USB information and hard disk information etc.; When BIOS through with will visit the pairing USB Key of user that BIOS is provided with and confirm that user's Permission Levels are intermediate authority the time, with system information and comprise show and the change computing machine in voltage and the information of clock be shown to this user; And when BIOS through with will visit the pairing USB Key of user that BIOS is provided with and confirm that user's Permission Levels are super-ordinate right the time, will comprise that the information of all functions of BIOS in being provided with is shown to this user.
In addition, when BIOS did not find USB Key, BIOS sent information to the user.Particularly, when system for computer started at the BIOS place, BIOS received after the access request from the user, begins to search USB Key, if search the Key less than USB, then BIOS sends information to the user and " whether inserts USB Key ".
For example,, when the computer system starting at BIOS place,, propose access request, connect USB Key through USB interface then by " Del " key if when the user with super-ordinate right will visit BIOS and is provided with.Receive as BIOS after this user's the request, search USB Key.If BIOS finds USB Key, BIOS utilizes the key among this user's the USB Key to carry out identification and user identity identification is the Senior Administrator.According to the user identity that identifies, BIOS confirms that user's authority is a super-ordinate right.The function of all functions during then, BIOS will be provided with the pairing BIOS of comprising of super-ordinate right is shown to this user.Like this, can open the greater functionality option in the BIOS function setting interface to this user, these options help the debugging (debug) of BIOS professional domain, can help Hardware Engineer, the Test Engineer function of adjusting needs adjusting test more simply.
The user capture method of utilizing BIOS of the present invention to be provided with; Can be through user's different USBKey; To different users the difference in functionality in the different BIOS function setting interface is provided; Not only communication safety of computer system can be guaranteed, and on-the-spot Hardware Engineer, Test Engineer's debugging can be made things convenient for.
User capture method through utilizing BIOS of the present invention to be provided with can obtain following technique effect: (1) utilizes USB Key of the present invention to carry out identification; Because USB Key has certain storage space; Can store user's key and digital certificate; Utilize the built-in key of USB Key can realize authentication, can fully guarantee system information safety user identity; (2) through USBKey identification active user's rights of using, can carry out other rights management of a plurality of level, be applicable to the field that security requirement is very high.Particularly; The system for computer information at BIOS place is shown to the user of elementary Permission Levels; To comprise show and the change computing machine in the information of voltage and clock be shown to the user of intermediate Permission Levels, will comprise that the information of all functions of BIOS in being provided with is shown to other user of super-ordinate right level.Thereby guaranteeing provides different administration authorities to different users, guarantees the information security of computer system; (3) can be to BIOS slip-stick artist, open more administrator right makes things convenient for the on-the-spot Installation and Debugging of slip-stick artist etc., thereby has strengthened system functionality.
More than be merely the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various changes and variation.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (11)
1. the user capture method that is provided with of a basic input-output system BIOS comprises:
BIOS through with will visit the pairing USB Key of user that said BIOS is provided with and confirm said user's Permission Levels; And
Said BIOS will offer said user with the corresponding function of said Permission Levels.
2. user capture method according to claim 1 is characterized in that, BIOS is through confirming that with the pairing USB Key of user that will visit said BIOS setting the step of said user's Permission Levels comprises:
Said BIOS carries out the identification about said user to said USB Key;
According to the said user's who is identified identity, said BIOS confirms said user's Permission Levels.
3. user capture method according to claim 2 is characterized in that, said BIOS utilizes the key among the said USB Key to carry out said identification.
4. user capture method according to claim 3 is characterized in that said user's identity comprises domestic consumer, keeper and Senior Administrator.
5. user capture method according to claim 4 is characterized in that said user's Permission Levels comprise elementary authority, intermediate authority and super-ordinate right.
6. user capture method according to claim 5 is characterized in that, when said user was said domestic consumer, said BIOS confirmed as elementary authority with said user's authority.
7. user capture method according to claim 5 is characterized in that, when said user was said keeper, said BIOS confirmed as intermediate authority with said user's authority.
8. user capture method according to claim 5 is characterized in that, when said user was said Senior Administrator, said BIOS confirmed as super-ordinate right with said user's authority.
9. according to each described family access method among the claim 6-8; It is characterized in that; Comprise demonstration BIOS place system for computer information with the pairing function of said elementary authority; Comprise the information that shows and change voltage and clock in the said computing machine with the pairing function of said intermediate authority, and comprise all functions of said BIOS in being provided with the pairing function of said super-ordinate right.
10. user capture method according to claim 1 is characterized in that, before confirming said user's Permission Levels through said USB Key, comprising:
BIOS place system for computer starts; And
Said BIOS receives the access request from said user, and searches said USB Key.
11. user capture method according to claim 10 is characterized in that, when said BIOS did not find said USB Key, said BIOS sent information to said user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104575644A CN102567682A (en) | 2011-12-31 | 2011-12-31 | User access method based on BIOS (Basic Input Output System) setting |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104575644A CN102567682A (en) | 2011-12-31 | 2011-12-31 | User access method based on BIOS (Basic Input Output System) setting |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102567682A true CN102567682A (en) | 2012-07-11 |
Family
ID=46413064
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011104575644A Pending CN102567682A (en) | 2011-12-31 | 2011-12-31 | User access method based on BIOS (Basic Input Output System) setting |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102567682A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104811941A (en) * | 2015-04-30 | 2015-07-29 | 福建星网锐捷网络有限公司 | Offline virtual machine safety management method and device |
| CN105988830A (en) * | 2015-02-04 | 2016-10-05 | 联想(北京)有限公司 | Information processing method and electronic equipment |
| CN106326722A (en) * | 2015-07-01 | 2017-01-11 | 昆达电脑科技(昆山)有限公司 | BIOS setting menu access method |
| CN106339616A (en) * | 2016-09-12 | 2017-01-18 | 合肥联宝信息技术有限公司 | Method and device for starting computer |
| CN106372545A (en) * | 2016-08-29 | 2017-02-01 | 北京新能源汽车股份有限公司 | Data processing method, on-board diagnostics (OBD) controller and vehicle |
| CN106548061A (en) * | 2015-09-16 | 2017-03-29 | 伊姆西公司 | Server management method and management system |
| CN108170482A (en) * | 2018-01-17 | 2018-06-15 | 联想(北京)有限公司 | Information processing method and computer equipment |
| CN109886003A (en) * | 2019-02-28 | 2019-06-14 | 苏州浪潮智能科技有限公司 | A kind of method for managing user right, system and associated component |
| CN113157323A (en) * | 2021-02-24 | 2021-07-23 | 联想(北京)有限公司 | Control method and device and electronic equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2002251226A (en) * | 2001-02-23 | 2002-09-06 | Sumitomo Life Insurance Co | Computer key authentication device and method, key authentication program, and computer readable storage medium stored with the program |
| CN1609748A (en) * | 2004-10-14 | 2005-04-27 | 苏州超锐微电子有限公司 | Method for realizing starting up lock function in network card bootstrap zone |
| CN1743991A (en) * | 2005-09-29 | 2006-03-08 | 浪潮电子信息产业股份有限公司 | Computer local safety access control method |
| CN102298679A (en) * | 2011-08-12 | 2011-12-28 | 无锡城市云计算中心有限公司 | BIOS (Basic Input/ Output System) authentication method based on USB (Universal Serial Bus) key |
-
2011
- 2011-12-31 CN CN2011104575644A patent/CN102567682A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2002251226A (en) * | 2001-02-23 | 2002-09-06 | Sumitomo Life Insurance Co | Computer key authentication device and method, key authentication program, and computer readable storage medium stored with the program |
| CN1609748A (en) * | 2004-10-14 | 2005-04-27 | 苏州超锐微电子有限公司 | Method for realizing starting up lock function in network card bootstrap zone |
| CN1743991A (en) * | 2005-09-29 | 2006-03-08 | 浪潮电子信息产业股份有限公司 | Computer local safety access control method |
| CN102298679A (en) * | 2011-08-12 | 2011-12-28 | 无锡城市云计算中心有限公司 | BIOS (Basic Input/ Output System) authentication method based on USB (Universal Serial Bus) key |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105988830A (en) * | 2015-02-04 | 2016-10-05 | 联想(北京)有限公司 | Information processing method and electronic equipment |
| CN105988830B (en) * | 2015-02-04 | 2019-07-26 | 联想(北京)有限公司 | Information processing method and electronic equipment |
| CN104811941A (en) * | 2015-04-30 | 2015-07-29 | 福建星网锐捷网络有限公司 | Offline virtual machine safety management method and device |
| CN104811941B (en) * | 2015-04-30 | 2018-09-11 | 福建星网锐捷网络有限公司 | Offline secure virtual machine management method and device |
| CN106326722A (en) * | 2015-07-01 | 2017-01-11 | 昆达电脑科技(昆山)有限公司 | BIOS setting menu access method |
| CN106548061A (en) * | 2015-09-16 | 2017-03-29 | 伊姆西公司 | Server management method and management system |
| US10496300B2 (en) | 2015-09-16 | 2019-12-03 | EMC IP Holding Company LLC | Method and apparatus for server management |
| CN106372545A (en) * | 2016-08-29 | 2017-02-01 | 北京新能源汽车股份有限公司 | Data processing method, on-board diagnostics (OBD) controller and vehicle |
| CN106339616A (en) * | 2016-09-12 | 2017-01-18 | 合肥联宝信息技术有限公司 | Method and device for starting computer |
| CN108170482A (en) * | 2018-01-17 | 2018-06-15 | 联想(北京)有限公司 | Information processing method and computer equipment |
| CN109886003A (en) * | 2019-02-28 | 2019-06-14 | 苏州浪潮智能科技有限公司 | A kind of method for managing user right, system and associated component |
| CN113157323A (en) * | 2021-02-24 | 2021-07-23 | 联想(北京)有限公司 | Control method and device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102567682A (en) | User access method based on BIOS (Basic Input Output System) setting | |
| Wurm et al. | Introduction to cyber-physical system security: A cross-layer perspective | |
| JP6239788B2 (en) | Fingerprint authentication method, apparatus, intelligent terminal, and computer storage medium | |
| US20190050598A1 (en) | Secure data storage | |
| US20150012748A1 (en) | Method And System For Protecting Data | |
| RU2321055C2 (en) | Device for protecting information from unsanctioned access for computers of informational and computing systems | |
| CN203746071U (en) | Security computer based on encrypted hard disc | |
| CN202795383U (en) | Device and system for protecting data | |
| CN100432890C (en) | Computer starting up identifying system and method | |
| CN101599832B (en) | Method and system of authenticating personal identity for logging in a network system | |
| CN103886234A (en) | Safety computer based on encrypted hard disk and data safety control method of safety computer | |
| US20080155268A1 (en) | Secure data verification via biometric input | |
| CN103530548B (en) | Startup method that built-in terminal based on mobile trustable computation module is credible | |
| CN109409050B (en) | Protection system including machine learning snapshot evaluation | |
| CN101986325A (en) | Computer security access control system and method | |
| CN110651261A (en) | Secure memory device with unique identifier for authentication | |
| CN104584023B (en) | The method and apparatus for forcing access protection for hardware | |
| EP2330787B1 (en) | Generation of a time-dependent password in a mobile comunication device | |
| CN102509046A (en) | Globally valid measured operating system launch with hibernation support | |
| CN113168480A (en) | Trusted execution based on environmental factors | |
| CN103198247B (en) | A kind of computer safety protective method and system | |
| CN103649964A (en) | Secure hosted execution architecture | |
| CN102027480A (en) | System and method for providing a system management command | |
| US20210165909A1 (en) | Security processor configured to authenticate user and authorize user for user data and computing system including the same | |
| CN103823692B (en) | A kind of computer operating system starting method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120711 |