CN104298913B - A kind of general intelligent terminal safe starting method - Google Patents

A kind of general intelligent terminal safe starting method Download PDF

Info

Publication number
CN104298913B
CN104298913B CN201310303401.XA CN201310303401A CN104298913B CN 104298913 B CN104298913 B CN 104298913B CN 201310303401 A CN201310303401 A CN 201310303401A CN 104298913 B CN104298913 B CN 104298913B
Authority
CN
China
Prior art keywords
boot
bootstrap
operating system
intelligent terminal
integrity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310303401.XA
Other languages
Chinese (zh)
Other versions
CN104298913A (en
Inventor
于爱民
杨文思
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Information Engineering of CAS
Original Assignee
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Information Engineering of CAS filed Critical Institute of Information Engineering of CAS
Priority to CN201310303401.XA priority Critical patent/CN104298913B/en
Publication of CN104298913A publication Critical patent/CN104298913A/en
Application granted granted Critical
Publication of CN104298913B publication Critical patent/CN104298913B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses a kind of general intelligent terminal safe starting method.This method is:1)In intelligent terminal start jump location, clean boot module s boot are set;Wherein preserve the integrity reference value of bootstrap and the integrity reference value of operating system;2)S boot are performed after intelligent terminal start, obtain the bootstrap of the intelligent terminal and the storage location of operating system;3)S boot load the bootstrap, obtain the integrity measurement value of the bootstrap, the bootstrap is verified, if checking is not by forcing the resetting of intelligent terminal;If the verification passes, then continue loading operation system, and integrity measurement is carried out to it, obtain the integrity measurement value of the operating system, the operating system is verified, if the verification passes, then Bootloader;Otherwise the resetting of intelligent terminal is forced.Other changes need not be made on terminal device, you can to ensure the secure launch process of system.

Description

A kind of general intelligent terminal safe starting method
Technical field
The invention belongs to mobile terminal safety field, the clean boot solution of mobile intelligent terminal is related generally to, more It is precisely that and is related to a kind of general safe starting method, is intended for diversified mobile terminal device and flexile outer Establishing is put, and the safety problem such as can effectively solve to escape from prison.
Background technology
In recent years, with mobile intelligent terminals such as the fast development of integrated circuit technique, smart mobile phone, tablet personal computers Possess extremely powerful disposal ability, its storage capacity, computing capability, the speed of service, which are obtained for, significantly to be lifted.Along with Transformation of the mobile intelligent terminal from function machine to intelligent machine, mobile terminal operating system arise at the historic moment.Intelligent terminal operation system No longer to provide call management as main purpose, and be to provide one include call management, Entertainment, office account etc. it is all kinds of Running environment including application software, intelligence degree are increasingly constantly close to desktop PC operating systems.Mobile intelligent terminal is grasped The fast development for making system causes all kinds of the Internet, applications also to be migrated therewith to mobile intelligent terminal, and mobile Internet application layer goes out It is not poor, become increasingly prosperous.
The prosperity of the popularization of mobile intelligent terminal and mobile Internet application causes increasing user by mobile intelligence Can all kinds of security sensitive business of terminal processes.Therefore, it is quick to be more and more related to business secret and individual privacy etc. for mobile terminal Feel information, so as to cause mobile terminal to be faced with various security threats, such as steal accounts information, monitor call.Wherein, escape from prison As a kind of specific safety threat for mobile intelligent terminal, there is extremely strong destructive power.Escape from prison and obtain root authority, dislike Meaning software can do anything after escaping from prison.Such as android system is built based on linux kernel, root user Have systematic highest authority, can access and change file all on mobile terminal after escaping from prison.For the end after escaping from prison End equipment, all security mechanisms run thereon can be bypassed, and the security architecture and mechanism of operating system level are just as void If so that current intelligent mobile terminal faces serious potential security threat.And solve escape from prison problem one of them effectively way Footpath is exactly the integrality for protecting intelligent terminal operation system.
At present, traditional PC trust chain technology has been gradually improved, and trust chain can effectively protect the complete of system mode This viewpoint of property has been commonly recognized.Therefore, we can will establish this technical thought of trust chain and be incorporated into intelligence on traditional PC It can come in terminal.It is personalized very strong but relative to traditional PC, mobile terminal is more flexible, software systems therein and hard The combination of part closely, will typically be directed to the transplanting that hardware carries out system, even in same brand, with a series of product It is also required to constantly be modified according to the change and increase and decrease of system hardware.So design one kind is towards with varied system It is a significant challenge that the universal safety in the mobile intelligent terminal field of framework and external equipment, which starts scheme,.
The content of the invention
It is an object of the invention to provide the intelligent operating system run on a kind of effective approach protection mobile intelligent terminal Integrality, structure trusts, Malware checked from source and is escaped from prison the powerful destructive power brought afterwards, while can be operation The security mechanism that system kernel provides provides guarantee.
In order to achieve the above object, the present invention proposes a kind of general intelligent terminal safe starting method, is powered up in system Moment is to introduce integrity verification mechanism, load operating entity in guarantee system(Including bootstrap and operating system)It is complete Property is not destroyed, as shown in figure 1, its step is as follows:
1)The ROM first in piece, i.e., clean boot module s-boot, s-boot are set at iROM start jump address In preserve the integrity reference value of bootstrap and the integrity reference value of operating system, integrity reference value is by using s- The correct cryptographic Hash that boot production firm precalculates out.S-boot is stored in iROM in a manner of a programming, It can ensure that s-boot is not distorted by rogue program, keep its integrality.System performs s-boot after power, i.e., safety opens Dynamic model block;
2)S-boot initializes the hardware of system first;
3)S-boot judges the Starting mode of terminal device;
4)Selected to obtain the bootstrap of terminal device and the storage location of operating system according to the Starting mode of equipment;
5)Bootstrap is loaded from corresponding storage device;
6)Integrity measurement is carried out to bootstrap, i.e., the cryptographic Hash of bootstrap is calculated using hash algorithm;
7)Integrity verification is carried out to bootstrap, i.e., integrity measurement value and integrity reference value are compared;
8)If be proved to be successful, continue loading operation system;Otherwise, terminal resets are forced, that is, allow system not started Come;
9)From corresponding storage device loading operation system;
10)Integrity measurement is carried out to operating system, i.e., the cryptographic Hash of operating system is calculated using hash algorithm;
11)Integrity verification is carried out to operating system, i.e., integrity measurement value and integrity reference value are compared;
12)If be proved to be successful, into the normal Booting sequence of system;Otherwise, terminal resets are forced.
Beneficial effects of the present invention:
The method that traditional PC typically takes chain type when chain is built, system control is being passed into next module Before, next starting module is measured first.This also implies that each run entity on guiding chain is required for Change to support credible startup.Present patent application only adds clean boot module in systems, is guided after being powered up as system First run entity, as starting point is trusted, integrity measurement and checking are uniformly carried out to other entities on guiding chain, reduced Modification to system, while shorten the length of trust chain.Other changes need not be made on terminal device, it is only necessary to load peace Full starting module, you can to ensure the secure launch process of system.
In addition, mobile intelligent terminal for traditional PC, has and differed greatly from.First, processor architecture is a variety of Various, processor system more popular at present has ARM, MIPS, PowerPC etc.;Secondly, same processor framework has a variety of Different series, to handle due to the flexibility in mobile intelligent terminal field and with wide family these features of crowd's coverage rate The model of device is numerous and diverse various, and each processor has different series to provide relatively unique performance to meet that different application is led The demand in domain;Again, peripheral hardware is flexible and changeable, and due to the particularity in mobile intelligent terminal field, the configuration of peripheral hardware is also very flexible, Different production firms can need to encapsulate different number of pin according to different, use different external memory etc..Due to upper Feature is stated, it is also that species is various to run superincumbent bootstrap and operating system, and such as popular bootstrap has Uboot, vivi, redboot, blob etc., and common operating system such as android, ios, windows mobile, Symbian etc..This flexible and changeable characteristic to support clean boot to lack unified interface.The safety of present patent application Starting module provides for this unified interface, i.e., need not be concerned about run on terminal device be which kind of bootstrap or Operating system, it is only necessary to according to the incoming parameter of unified interface requirement of clean boot module.
Brief description of the drawings
Fig. 1 is the clean boot flow chart of the inventive method;
Fig. 2 is that sample architecture figure is implemented in clean boot;
Fig. 3 is that exemplary flowchart is implemented in clean boot;
Fig. 4 is that example detail flowchart is implemented in clean boot.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is further described, It is understood that described embodiment is only part of the embodiment of the present invention, rather than whole embodiments.Based on this Embodiment in invention, the every other implementation that those skilled in the art are obtained under the premise of creative work is not made Example, belongs to the scope of protection of the invention.
The system architecture for the embodiment that present patent application provides is as shown in Fig. 2 ROM, i.e. iROM include clean boot in piece Module s-boot.S-boot is stored in iROM in a manner of a programming, can ensure that s-boot is not usurped by rogue program Change, keep its integrality.Ram in slice, i.e. iRAM, it is the static RAM of low capacity.DRAM and External memory equipment(Such as nand Flash, SD card etc.)It is attached by the controller on piece.
S-boot is safe guiding module, main other important modules being responsible for system, such as u-boot, android systems Mirror image etc. of uniting carries out integrity measurement, to ensure the credible of charging assembly.First, the integrity reference value provided using s-boot Calculation procedure carries out Hash calculation to the u-boot and Android system mirror image that are used in the present embodiment, obtains corresponding complete Property reference value.Then, the ardware model number of the present embodiment and the integrity reference value above calculated are added in option is compiled, is compiled Translate and generate final s-boot mirror images.The Starting mode of system is started from SD card in the present embodiment, and s-boot is initialized first Corresponding external equipment and dram controller, u-boot and Android system mirror image are read in DRAM from SD card.In order to protect S-boot safety is demonstrate,proved, we take the mode of a programming to be together stored in it in iROM together with initial solidification code.u- Boot is traditional bootloader modules, is responsible for the loading and guiding of Android system.Other all codes of system, bag Include u-boot and android and application program is stored in SD card.
The integrity measurement and the unified interface function of authentication module realized in s-boot be:
Bool integrity_verification (unsigned char * input, int len, unsigned char hash[32])
■ interfaces describe:
(1) parameter is read in:Main program entry address, main program length, main program reference value;
(2) return value:True | | whether false, representative are verified
According to the parameter of these readings it is known that uboot or OS entry address and length, also just can according to this two Individual parameter goes to calculate the integrity measurement value of whole main program mirror image;It is apparent that there are a variety of modes it is possible to notify that s-boot The storage location and length that carry out integrity measurement and the key code of checking required for it.The addition pair such as in s-boot The support of FAT file system form, by the way that SD card is formatted as into FAT file system, configuration file is stored in SD card.s- Boot is by reading the configuration file on FAT file system to obtain bootloader and OS storage location and size, then The binary file of designated length is read from specified location to internal memory, integrity measurement and checking are carried out to it.Such as Fig. 3 institutes Show, in the present embodiment, we take the mode of subregion that SD card is divided into u-boot subregions and Android system mirrored partition.s- Boot detailed operational process is as shown in figure 4, comprise the following steps that:
1) the clean boot module s-boot storage locations that system jumps in iROM after power, s-boot safety is performed Starting module;Jump address is specifically set by the designer of hardware, and which to jump to after determining start;Generally it can all set Be calculated as jumping at OXOOOOOOO, s-boot is placed on to the opening position redirected, i.e., address at OXOOOOOOOO, this address one As in the case of be exactly scope that iROM spaces are included, i.e. a programming ROM;
2) s-boot completes basic hardware initialization first;
3) s-boot initializes SD card controller, system is started from SD card;
4) s-boot initializes dram controller;
5) s-boot reads partition table from first sector in SD card;
6) s-boot loads first subregion to DRAM, i.e. u-boot subregions according to the information of partition table;
7) s-boot carries out Hash operation processing to u-boot subregions, calculates its integrity measurement value;
8) s-boot compares integrity measurement value that step 7 is calculated and the integrity reference value recorded in advance, enters Row integrity verification.If be proved to be successful, continue to load android operating systems;Otherwise, terminal resets are forced;
If 9) step 8 is proved to be successful, second subregion is loaded according to the information of partition table and grasped to DRAM, i.e. android Make system partitioning;
10) integrity measurement is carried out to the data on android operating system partitions, i.e., calculates its Kazakhstan using hash algorithm Uncommon value, obtains integrity measurement value;
11) integrity verification is carried out to Android system, i.e., compared integrity measurement value and integrity reference value It is right;
If 12) be proved to be successful, bootstrap is performed, into the normal Booting sequence of system, otherwise, forces terminal to be answered Position.
This method can disposably verify the integrality of uboot and kernel mirror image, the not responsible systems of s-boot by s-boot Guiding, the guiding work of system still completed by uboot.

Claims (7)

1. a kind of general intelligent terminal safe starting method, its step are:
1)In the iROM of intelligent terminal start jump location, clean boot module s-boot is set;Preserved in wherein s-boot The integrity reference value of bootstrap and the integrity reference value of operating system;
2)S-boot is performed after intelligent terminal start, s-boot obtains the bootstrap of the intelligent terminal and depositing for operating system Storage space is put;
3)S-boot loads the bootstrap, and carries out integrity measurement to it, obtains the integrity measurement value of the bootstrap;
4)S-boot is according to the integrity reference value of bootstrap and the integrity measurement value of the bootstrap to the bootstrap Verified, if the verification passes, then carry out step 5);Otherwise, the resetting of intelligent terminal is forced;
5)S-boot continues loading operation system, and carries out integrity measurement to it, obtains the integrity measurement of the operating system Value;
6)S-boot is according to the integrity reference value of operating system and the integrity measurement value of the operating system to the operating system Verified, if the verification passes, then Bootloader;Otherwise the resetting of intelligent terminal is forced.
2. the method as described in claim 1, it is characterised in that the integrity reference value of the bootstrap is by using s- The cryptographic Hash for the bootstrap that boot production firm precalculates out;The integrity reference value of the operating system is by making The cryptographic Hash for the operating system for precalculating out with s-boot production firm.
3. method as claimed in claim 1 or 2, it is characterised in that a unified interface function is set in the s-boot;s- Boot completes the integrity measurement to bootstrap and checking, and the integrality to operating system by the unified interface function Measurement and checking;The reading parameter of the unified interface function includes:Main program entry address, main program length, main program ginseng Examine value;Wherein, main program refers to bootstrap or operating system.
4. method as claimed in claim 3, it is characterised in that the s-boot is solidificated in intelligent end by a programming mode In the iROM at end.
5. method as claimed in claim 3, it is characterised in that the s-boot obtains it according to the Starting mode of intelligent terminal The storage location of bootstrap and operating system.
6. method as claimed in claim 5, it is characterised in that the Starting mode starts for SD card.
7. method as claimed in claim 6, it is characterised in that the SD card is provided with bootstrap subregion, operating system or operation System image subregion, it is respectively used to store bootstrap and operating system.
CN201310303401.XA 2013-07-18 2013-07-18 A kind of general intelligent terminal safe starting method Active CN104298913B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310303401.XA CN104298913B (en) 2013-07-18 2013-07-18 A kind of general intelligent terminal safe starting method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310303401.XA CN104298913B (en) 2013-07-18 2013-07-18 A kind of general intelligent terminal safe starting method

Publications (2)

Publication Number Publication Date
CN104298913A CN104298913A (en) 2015-01-21
CN104298913B true CN104298913B (en) 2018-01-09

Family

ID=52318636

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310303401.XA Active CN104298913B (en) 2013-07-18 2013-07-18 A kind of general intelligent terminal safe starting method

Country Status (1)

Country Link
CN (1) CN104298913B (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104537302B (en) * 2015-01-16 2017-12-12 宇龙计算机通信科技(深圳)有限公司 A kind of safe starting method of terminal, device and terminal
CN104750532A (en) * 2015-04-27 2015-07-01 东南大学 Android-based dual-system land verification PAD (portable android device) and starting method
CN106295318A (en) * 2015-06-05 2017-01-04 北京壹人壹本信息科技有限公司 A kind of system start-up bootstrap technique and device
CN105426750A (en) * 2015-12-03 2016-03-23 致象尔微电子科技(上海)有限公司 Startup method of embedded system, and embedded device
CN106529301B (en) * 2016-09-28 2020-02-21 东软集团股份有限公司 Control method and device of vehicle-mounted machine system and vehicle-mounted machine system
CN109948327A (en) * 2017-12-20 2019-06-28 北京可信华泰信息技术有限公司 A kind of abnormality check method and terminal
CN109445874A (en) * 2018-11-15 2019-03-08 济南浪潮高新科技投资发展有限公司 A kind of more activation systems and method with safety certification based on embedded Linux system
CN109684839A (en) * 2018-12-19 2019-04-26 Oppo广东移动通信有限公司 Self-definition model tamper resistant method, device, terminal device and storage medium
CN111443950A (en) * 2018-12-29 2020-07-24 北京奇虎科技有限公司 Vehicle-mounted system safety starting method and vehicle-mounted system
CN110543769B (en) * 2019-08-29 2023-09-15 武汉大学 Trusted starting method based on encrypted TF card
CN111723379B (en) * 2020-06-18 2024-03-19 中国电力科学研究院有限公司 Trusted protection method, system, equipment and storage medium for trusted platform area intelligent terminal
CN112464271B (en) * 2021-01-27 2021-05-04 信联科技(南京)有限公司 Method and system for constructing high-reliability execution environment of power Internet of things edge Internet of things agent

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101038556A (en) * 2007-04-30 2007-09-19 中国科学院软件研究所 Trusted bootstrap method and system thereof
CN101295340A (en) * 2008-06-20 2008-10-29 北京工业大学 Credible platform module and active measurement method thereof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101038556A (en) * 2007-04-30 2007-09-19 中国科学院软件研究所 Trusted bootstrap method and system thereof
CN101295340A (en) * 2008-06-20 2008-10-29 北京工业大学 Credible platform module and active measurement method thereof

Also Published As

Publication number Publication date
CN104298913A (en) 2015-01-21

Similar Documents

Publication Publication Date Title
CN104298913B (en) A kind of general intelligent terminal safe starting method
JP6053786B2 (en) Firmware-based Trusted Platform Module (TPM) for ARM® Trust Zone implementation
KR101702289B1 (en) Continuation of trust for platform boot firmware
Wang et al. Exploiting smart-phone usb connectivity for fun and profit
EP2795829B1 (en) Cryptographic system and methodology for securing software cryptography
US20090132816A1 (en) PC on USB drive or cell phone
CN111159691B (en) Dynamic credibility verification method and system for application program
US9881158B2 (en) Secure option ROM control
US8935793B2 (en) Hygienic charging station for mobile device security
US9111089B1 (en) Systems and methods for safely executing programs
US11165572B2 (en) Trusted measuring method, apparatus, system, storage medium, and computing device
CN107908977B (en) TrustZone-based intelligent mobile terminal trust chain security transmission method and system
CN106778337B (en) Document protection method, device and terminal
CN106096418B (en) SELinux-based startup security level selection method and device and terminal equipment
CN106909848A (en) A kind of computer security strengthening system and its method based on BIOS extensions
CN110674494B (en) Process protection method, system and data processing method
CN109190411A (en) A kind of active safety means of defence, system and the terminal device of operating system
CN109523261A (en) Transaction verification method, relevant apparatus and the readable storage medium storing program for executing of block chain terminal
WO2022078366A1 (en) Application protection method and apparatus, device and medium
CN104346572A (en) Construction method of universal external intelligent terminal safety operation environment
JP6174247B2 (en) Program integrity verification method using hash
WO2011055290A2 (en) Method and apparatus for providing a fast and secure boot process
CN108171063A (en) Method, terminal and the computer readable storage medium of access safety element
CN110543769B (en) Trusted starting method based on encrypted TF card
CN107368738A (en) A kind of anti-Root method and devices of smart machine

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant