CN105426750A - Startup method of embedded system, and embedded device - Google Patents
Startup method of embedded system, and embedded device Download PDFInfo
- Publication number
- CN105426750A CN105426750A CN201510882012.6A CN201510882012A CN105426750A CN 105426750 A CN105426750 A CN 105426750A CN 201510882012 A CN201510882012 A CN 201510882012A CN 105426750 A CN105426750 A CN 105426750A
- Authority
- CN
- China
- Prior art keywords
- operating system
- certificate
- routine
- signature
- validity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a startup method of an embedded system, and an embedded device. The method comprises the following steps: after the embedded system is electrified, entering a safe mode; under the safe mode, executing an initialization instruction by the embedded system to initialize the embedded system; loading a program starting file by a memory, and verifying the effectiveness of the program starting file by a first certificate; when the program starting file is effective, executing the program starting file; loading an operating system by the program starting file, and verifying the effectiveness of the operating system by a second certificate; and when the operating system is effective, executing the operating system. Through multiple hardware-level safety measures and multiple software-level safety measures, codes which are operated by the embedded system in a whole process can be guaranteed to be legal codes which are verified from an electrification moment until the operating system is completely operated, and therefore, a situation that no malicious codes can replace or falsify the program starting file and the operating system can be guaranteed from the source.
Description
Technical field
The present invention relates to the problem of the clean boot of embedded system, particularly a kind of starting method of embedded system and embedded equipment.
Background technology
Along with a large amount of employings of embedded device, be that the equipment of representative has taken over people's various sensitive information used in everyday gradually with mobile phone, such as Alipay program, a large amount of application programs such as Net silver program are used on mobile phone.Application program provider such as Alibaba itself has spent the security making great efforts to promote oneself program and flow process greatly, but the effort of everything has a prerequisite, be exactly that operating system itself does not have implanted virus, suppose that hacker controls system in operating system kernel aspect, so no matter this application program inherent logic has and perfects more, and it is all unsafe.
Therefore concerning terminal user, need mobile phone provider to ensure a bit: mobile phone once after dispatching from the factory, in any case all cannot automatically renewal rewards theory system to one without the version verified.Only have the authenticated version of official of mobile phone provider just can upgrade on user mobile phone.Thus, the clean boot of embedded system is very important.
Summary of the invention
The object of the invention is to solve the problem of start-up routine that embedded system destroyed by malicious code in the process started and operating system.
For achieving the above object, on the one hand, the starting method that the invention provides a kind of embedded system comprises the following steps:
After embedded system powers on, enter safe mode;
In the secure mode, embedded system performs the initialization directive be stored in storer, with initialization embedded system;
Storer loads start-up routine file, and verifies the validity of start-up routine file with First Certificate; When start-up routine file is effective, perform start-up routine file;
Start-up routine files loading operating system, and by the validity of the second certification authentication operating system; When operating system is effective, executive operating system.
Particularly, storer loads start-up routine file, and the validity step of certificate of utility checking start-up routine file comprises:
Read the first signature of start-up routine file, the first signature of start-up routine is produced by the private key of First Certificate, and leave ending place of start-up routine file in;
With PKI, the first signature is calculated, obtain the first cryptographic hash of start-up routine file;
Second cryptographic hash of first cryptographic hash of described start-up routine file with the described start-up routine file calculated by hash algorithm compared, if comparison success, then start-up routine file is effective.
Particularly, storer loads start-up routine file, and also comprises before the validity step of certificate of utility checking start-up routine file: the validity of checking First Certificate; When First Certificate is effective, checking start-up routine file; Otherwise, stop checking start-up routine file.
Particularly, the step of the validity of authentication certificate comprises:
Calculate the first cryptographic hash of First Certificate; Read the second cryptographic hash of the correct First Certificate of fuse (FUSE) the inside burning in advance; First cryptographic hash of comparison First Certificate and the second cryptographic hash of First Certificate, if both are equal, perform the validity of checking start-up routine file; Otherwise, stop the validity performing checking start-up routine file.
Particularly, start-up routine files loading operating system, and comprise by the validity step of the second certification authentication operating system:
Second signature of read operation system, the second signature of operating system is produced by the private key of the second certificate;
With PKI, the second signature is calculated, obtain the first cryptographic hash of operating system;
Second cryptographic hash of first cryptographic hash of described operating system with the described operating system calculated by hash algorithm compared, if comparison success, then operating system is effective, executive operating system.
Particularly, start-up routine files loading operating system, and also comprise with before the validity step of the second certification authentication operating system: the validity verifying the second certificate; When second certificate is effective, verification operation system; Otherwise, stop verification operation system.
Particularly, verify that the step of the validity of the second certificate comprises:
Calculate the first cryptographic hash of the second certificate; Read the second cryptographic hash of the second correct certificate of fuse (FUSE) the inside burning in advance; First cryptographic hash of comparison second certificate and the second cryptographic hash of the second certificate, if both are equal, perform the validity of verification operation system; Otherwise, stop the validity performing verification operation system.
On the other hand, the invention provides a kind of embedded equipment, this device comprises:
Security mode module, enters safe mode after powering in embedded system;
Initialization module, in the secure mode, embedded system performs the initialization directive be stored in storer, with initialization embedded system;
First authentication module, loads start-up routine file for storer, and verifies the validity of start-up routine file with First Certificate; When start-up routine file is effective, perform start-up routine file;
Second authentication module, for start-up routine files loading operating system, and by the validity of the second certification authentication operating system;
Execution module, is verified rear executive operating system.
Preferably, the first authentication module comprises loading unit, the first signature unit and the first authentication unit;
First loading unit, for loading start-up routine file; First signature unit, carries out the first signature for First Certificate to start-up routine file; First authentication unit, for verifying the validity of the first signature, if the first signature effectively, then performs start-up routine file; Otherwise, stop performing start-up routine file.
Preferably, the second authentication module comprises the second loading unit, the second signature unit and the second authentication unit;
Second loading unit, for start-up routine files loading operating system; Second signature unit, for carrying out the second signature by the second certificate to operating system; Second authentication unit, for verifying the effective of the second signature, if the second signature effectively, then executive operating system; Otherwise, stop executive operating system.
The present invention is by the safety practice storer of several hardware-levels, fuse (FUSE) and chip secure pattern, and the safety practice cryptographic hash of several software levels and digital signature, can ensure that embedded system moment from power on starts, until embedded OS runs completely, the omnidistance code run all is through the legitimate code of checking; Thus ensure that do not have malicious code to replace or to distort start-up routine file and operating system from source.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme in the embodiment of the present invention, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
The structure flow chart of a kind of embedded system start method that Fig. 1 provides for the embodiment of the present invention and embedded equipment;
The structural representation of a kind of embedded system start method that Fig. 2 provides for the embodiment of the present invention and embedded equipment;
Fig. 3 is the inner structure schematic diagram of the first authentication module in Fig. 2;
Fig. 4 is the inner structure schematic diagram of the second authentication module in Fig. 2;
A kind of method flow diagram verifying start-up routine file availability that Fig. 5 provides for system shown in Figure 1;
The method flow diagram of a kind of verification operation system effectiveness that Fig. 6 provides for system shown in Figure 1.
Embodiment
Technical scheme in the application is understood better in order to make those skilled in the art person, below in conjunction with accompanying drawing, the technical scheme of the application is clearly and completely described, obviously, described embodiment is only some embodiments of the present application, instead of whole embodiment.Based on the embodiment in the application, those of ordinary skill in the art are not making other embodiments obtained under any creative work prerequisite, all should belong to the scope of the application's protection.
The starting method of embedded system that Fig. 1 embodiment of the present invention provides and the structure flow chart of embedded device.As shown in Figure 1, embedded system start method step:
Step 10: after embedded system powers on, enters safe mode (ARMsecuremode);
In embodiments of the present invention, the software and hardware condition of safe mode (ARMsecuremode) demand fulfillment is:
First, whole operating system must have a reliable source, and this source ensures safety by chip manufacturer; Can the ROM (Read-OnlyMemory) of selective system inside as reliable source, in the process of chip design, ROM (Read-OnlyMemory) is put into the region of a hardware-level safety, only have the code of hardware privilege level (ARMTrustzone) that this region can be had access to, and the program of permission access ROM (Read-OnlyMemory) itself is just run after being through signature.
Secondly, the region that operating system hardware-level needs a safety can be used for depositing key, the sensitive informations such as cryptographic hash; Can be the module of an operating system design fuse (FUSE), fuse (FUSE) module itself deposits in the region of hardware security, can not by extraneous physical detecting; First the program in all this regions of access must be switched to chip secure pattern (ARMTrustzone), otherwise read-write all can be failed.
Needing to design a set of code based on chip secure pattern, with visiting the inner data of fuse (FUSE), and being used for processing the service logic of safe mode.The authority of this cover security code is higher than operating system such as Android, ideally utilizes the securemode of the safe mode of chip hardware rank such as ARM to realize.
Step 11: in the secure mode, embedded system performs the initialization directive be stored in storer, with initialization embedded system;
Storer is ROM (Read-OnlyMemory) in the present invention, the first instruction that ROM (Read-OnlyMemory) performs also is the code that embedded system first is performed, and ROM (Read-OnlyMemory) has not rewritable characteristic, and therefore embedded system is in a safe condition after power-up.
Step 12: storer loads start-up routine file, and verify the validity of start-up routine file with First Certificate; When start-up routine file is effective, perform start-up routine file;
Need first to generate First Certificate, the generation of First Certificate is the First Certificate being generated a text formatting by common editing machine, use hash algorithm to calculate the cryptographic hash of First Certificate, and the cryptographic hash of First Certificate is burnt to fuse (FUSE); First Certificate is the file of a text formatting TXT, and anyone directly can understand its content.
The First Certificate generated can be used for carrying out the first signature to start-up routine file, and the first signature is by First Certificate is treated as parameter, and uses hash algorithm to calculate the cryptographic hash of start-up routine file; Use rivest, shamir, adelman, generate a pair asymmetrical key: PKI and private key (private key is kept properly, and cannot reveal), and with private key, computing is carried out to the cryptographic hash of start-up routine file, obtain the first signature of start-up routine file; Start-up routine file, the first signature file, PKI and First Certificate are synthesized a file, and composite document is burnt to embedded memory device.
Next need to verify start-up routine file, first ROM (Read-OnlyMemory) reads the file of start-up routine file, the first signature file, PKI and First Certificate synthesis from embedded memory device, and this file declustering synthesized is gone out start-up routine file, the first signature file, PKI and First Certificate; ROM (Read-OnlyMemory) can verify the validity of First Certificate; When First Certificate is effective, just can verify the validity of start-up routine file, the start-up routine file be only verified could be performed by ROM (Read-OnlyMemory).
In the software of fuse (FUSE), the code of access fuse (FUSE) all runs inside safe mode; At the hardware aspect of fuse, fuse (FUSE) can not by extraneous physical detecting, and therefore fuse itself is hardware security.
Step 13: start-up routine files loading operating system, and by the validity of the second certification authentication operating system; When operating system is effective, executive operating system.
Perform step 12 and just can perform step 13 by rear, otherwise can stop performing step 12.
Need first to generate the second certificate, the generation of the second certificate is the second certificate being generated a text formatting by common editing machine, use hash algorithm to calculate the cryptographic hash of the second certificate, and the cryptographic hash of the second certificate is burnt to fuse (FUSE); Second certificate is the file of a text formatting (TXT), and anyone directly can understand its content.
The second certificate generated can be used for carrying out the second signature to operating system, and the second signature is by the second certificate is treated as parameter, and uses the cryptographic hash of hash algorithm calculating operation system; Use rivest, shamir, adelman, generate a pair asymmetrical key: PKI and private key (private key is kept properly, and cannot reveal), and with private key, computing is carried out to the cryptographic hash of operating system, obtain the second signature of operating system; Operating system file, the second signature file, PKI and the second certificate are synthesized a file, and by synthesis burning file to embedded memory device.
Next need to verify operating system, first start-up routine read operation system file, the second signature file, PKI and second certificate from embedded memory device synthesizes a file, and this merged file is split out operating system file, the second signature file, PKI and the second certificate; Start-up routine can to the validity of checking second certificate; When second certificate is effective, just can verify the validity of operating system, the operating system be only verified just can be performed.
The structural representation of a kind of embedded system start method that Fig. 2 provides for the embodiment of the present invention and embedded equipment.As shown in Figure 2, embedded equipment comprises: security mode module 10, initialization module 11, first load-on module 12, second load-on module 13 and execution module 14; Wherein,
Security mode module 10, enters safe mode after powering in embedded system;
Initialization module 11, in the secure mode, embedded system performs the initialization directive be stored in storer, with initialization embedded system;
First authentication module 12, loads start-up routine file for storer, and verifies the validity of start-up routine file with First Certificate; When start-up routine file is effective, perform start-up routine file;
Second authentication module 13, for start-up routine files loading operating system, and by the validity of the second certificate start-up routine file verification operating system;
Execution module 14, is verified rear executive operating system.
Particularly, the first authentication module 12 comprises loading unit, the first signature unit and the first authentication unit; First loading unit, for loading start-up routine file; First signature unit, carries out the first signature for First Certificate to start-up routine file; First authentication unit, for verifying the validity of the first signature, if the first signature effectively, then performs start-up routine file; Otherwise, stop performing start-up routine file.
Particularly, the second authentication module 13 comprises the second loading unit, the second signature unit and the second authentication unit; Second loading unit, for start-up routine files loading operating system; Second signature unit, for carrying out the second signature by the second certificate to operating system; Second authentication unit, for verifying the effective of the second signature, if the second signature effectively, then executive operating system; Otherwise, stop executive operating system.
A kind of method flow diagram verifying start-up routine file availability that Fig. 5 provides for system shown in Figure 1.As shown in Figure 5, verify that the step of start-up routine file availability comprises:
Step S101: the first signature reading start-up routine file, the first signature of start-up routine is produced by the private key of First Certificate, and leave ending place of start-up routine file in;
Step S102: with PKI, the first signature is calculated, obtain the first cryptographic hash of start-up routine file;
Step S103: second cryptographic hash of the first cryptographic hash with the start-up routine file calculated by hash algorithm compared, if comparison success, then start-up routine file is effective.
Also needed to perform step S100 before execution step S101, namely the validity of First Certificate is verified.
Particularly, verify that the step of First Certificate validity comprises: the first cryptographic hash calculating First Certificate; Read second cryptographic hash of burning in advance at the First Certificate of fuse (FUSE) inside; Relatively the first cryptographic hash of First Certificate and the second cryptographic hash of First Certificate, both are identical, then verification succeeds.
If First Certificate is effective, illustrate that First Certificate is not changed by rogue program, and be legal, next the validity of checking start-up routine file.
Particularly, after having verified start-up routine file availability, only have start-up routine file effective, just can perform start-up routine file, otherwise stop performing start-up routine file.
The method flow diagram of a kind of verification operation system effectiveness that Fig. 6 provides for system shown in Figure 1.As shown in Figure 6, the step of verification operation system effectiveness comprises:
Step S201: the second signature of read operation system, the second signature of operating system is produced by the private key of the second certificate;
Step S202: with PKI, the second signature is calculated, obtain the first cryptographic hash of operating system;
Step S203: second cryptographic hash of the first cryptographic hash with the operating system calculated by hash algorithm compared, if comparison success, then operating system is effective.
Also needed to perform step S200 before execution step S201, namely the validity of the second certificate is verified.
Particularly, verify that the step of the second certificate validity comprises: the first cryptographic hash calculating the second certificate; Read second cryptographic hash of burning in advance at the second certificate of fuse (FUSE) inside; Relatively the first cryptographic hash of the second certificate and the second cryptographic hash of the second certificate, both are identical, then verification succeeds.
If the second certificate is effective, illustrates that the second certificate is not changed by rogue program, and be legal, the validity of following verification operation system.
Particularly, after having verified operating system validity, only have operating system effective, just can executive operating system, otherwise stop executive operating system.The present invention is by the safety practice storer of several hardware-levels, fuse (FUSE) and chip secure pattern, and the safety practice cryptographic hash of several software levels and digital signature, can ensure that embedded equipment moment from power on starts, until operating system is run completely, the omnidistance code run all is through the legitimate code of checking; Thus ensure that do not have malicious code to replace or to distort start-up routine file and operating system from source.
Professional should recognize further, in conjunction with unit and the algorithm steps of each example of embodiment disclosed herein description, can realize with electronic hardware, computer software or the combination of the two, in order to the interchangeability of hardware and software is clearly described, generally describe composition and the step of each example in the above description according to function.These functions perform with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Professional and technical personnel can use distinct methods to realize described function to each specifically should being used for, but this realization should not thought and exceeds scope of the present invention.
The software module that the method described in conjunction with embodiment disclosed herein or the step of algorithm can use hardware, processor to perform, or the combination of the two is implemented.Software module can be placed in the storage medium of other form any known in random access memory (RAM), internal memory, ROM (read-only memory) (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field.
Above embodiment; object of the present invention, technical scheme and beneficial effect are further described; be understood that; these are only the specific embodiment of the present invention; the protection domain be not intended to limit the present invention; within the spirit and principles in the present invention all, any amendment made, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. a starting method for embedded system, is characterized in that, comprises the following steps:
After described embedded system powers on, enter safe mode;
In the secure mode, described embedded system performs the initialization directive be stored in storer, with embedded system described in initialization;
Described storer loads start-up routine file, and verifies the validity of described start-up routine file with First Certificate; When described start-up routine file is effective, perform described start-up routine file;
Described start-up routine files loading operating system, and by the validity of operating system described in the second certification authentication; When described operating system is effective, perform described operating system.
2. method according to claim 1, is characterized in that, described storer loads start-up routine file, and certificate of utility verifies that the validity step of described start-up routine file comprises:
Read the first signature of start-up routine file, the first signature of described start-up routine is produced by the private key of described First Certificate, and leave ending place of described start-up routine file in;
With PKI, described first signature is calculated, obtain the first cryptographic hash of described start-up routine file; Second cryptographic hash of first cryptographic hash of described start-up routine file with the described start-up routine file calculated by hash algorithm compared, if comparison success, then described start-up routine file is effective.
3. method according to claim 1, is characterized in that, described storer loads start-up routine file, and certificate of utility also comprises before verifying the validity step of described start-up routine file:
Verify the validity of described First Certificate;
When described First Certificate is effective, verify described start-up routine file; Otherwise, stop the described start-up routine file of checking.
4. method according to claim 3, is characterized in that, the step of the validity of the described certificate of described checking comprises:
Calculate the first cryptographic hash of described First Certificate;
Read the second cryptographic hash of the correct described First Certificate of fuse (FUSE) the inside burning in advance;
First cryptographic hash of First Certificate described in comparison and the second cryptographic hash of described First Certificate, if both are equal, perform the validity of described checking start-up routine file; Otherwise, stop the validity performing described checking start-up routine file.
5. method according to claim 1, is characterized in that, described start-up routine files loading operating system, and comprises by the validity step of operating system described in the second certification authentication:
Read the second signature of described operating system, the second signature of described operating system is produced by the private key of the second certificate;
With PKI, described second signature is calculated, obtain the first cryptographic hash of described operating system;
Second cryptographic hash of first cryptographic hash of described operating system with the described operating system calculated by hash algorithm compared, if comparison success, then described operating system is effective, performs described operating system.
6. method according to claim 1, is characterized in that, described start-up routine files loading operating system, and also comprises with before the validity step of operating system described in the second certification authentication:
Verify the validity of described second certificate;
When described second certificate is effective, verify described operating system; Otherwise, stop the described operating system of checking.
7. method according to claim 6, is characterized in that, the step of the validity of described second certificate of described checking comprises:
Calculate the first cryptographic hash of described second certificate;
Read the second cryptographic hash of correct described second certificate of fuse (FUSE) the inside burning in advance;
First cryptographic hash of the second certificate described in comparison and the second cryptographic hash of described second certificate, if both are equal, perform the validity of described verification operation system; Otherwise, stop the validity performing described verification operation system.
8. an embedded equipment, is characterized in that, comprising:
Security mode module (10), enters safe mode after powering in embedded system;
Initialization module (11), in the secure mode, described embedded system performs the initialization directive be stored in storer, with embedded system described in initialization;
First authentication module (12), loads start-up routine file for described storer, and verifies the validity of described start-up routine file with described First Certificate; When described start-up routine file is effective, perform described start-up routine file;
Second authentication module (13), for described start-up routine files loading operating system, and by the validity of operating system described in the second certification authentication;
Execution module (14), is verified the described operating system of rear execution.
9. device according to claim 8, is characterized in that, described first authentication module (12) comprises loading unit, the first signature unit and the first authentication unit;
Described first loading unit, for loading described start-up routine file;
Described first signature unit, carries out the first signature for described First Certificate to described start-up routine file;
Described first authentication unit, for verifying the validity of described first signature, if described first signature effectively, then performs described start-up routine file; Otherwise, stop performing described start-up routine file.
10. device according to claim 8, is characterized in that, described second authentication module (13) comprises the second loading unit, the second signature unit and the second authentication unit;
Described second loading unit, for operating system described in described start-up routine files loading;
Described second signature unit, for carrying out the second signature by described second certificate to described operating system;
Described second authentication unit, for verifying the effective of described second signature, if described second signature effectively, then performs described operating system; Otherwise, stop performing described operating system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510882012.6A CN105426750A (en) | 2015-12-03 | 2015-12-03 | Startup method of embedded system, and embedded device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510882012.6A CN105426750A (en) | 2015-12-03 | 2015-12-03 | Startup method of embedded system, and embedded device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105426750A true CN105426750A (en) | 2016-03-23 |
Family
ID=55504955
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510882012.6A Pending CN105426750A (en) | 2015-12-03 | 2015-12-03 | Startup method of embedded system, and embedded device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105426750A (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106096420A (en) * | 2016-06-15 | 2016-11-09 | 京信通信技术(广州)有限公司 | The method and apparatus of embedded device clean boot |
CN106789012A (en) * | 2016-12-21 | 2017-05-31 | 珠海市魅族科技有限公司 | A kind of method and device of production line burning firmware |
WO2017206768A1 (en) * | 2016-05-30 | 2017-12-07 | 深圳市中兴微电子技术有限公司 | Method and device for checking boot program and computer readable storage medium |
CN107704282A (en) * | 2017-09-15 | 2018-02-16 | 北京东土科技股份有限公司 | A kind of loading method and device applied to embedded system |
CN107729743A (en) * | 2016-08-10 | 2018-02-23 | 中国电信股份有限公司 | The method, apparatus and system started for realizing mobile terminal safety |
CN109445874A (en) * | 2018-11-15 | 2019-03-08 | 济南浪潮高新科技投资发展有限公司 | A kind of more activation systems and method with safety certification based on embedded Linux system |
CN110168552A (en) * | 2017-01-12 | 2019-08-23 | 谷歌有限责任公司 | Verified guidance and key rotation |
CN110378125A (en) * | 2019-07-24 | 2019-10-25 | 北京智芯微电子科技有限公司 | The verification method of trust computing |
CN110688649A (en) * | 2019-10-16 | 2020-01-14 | 中国电子信息产业集团有限公司第六研究所 | Application loading method and device based on trusted technology |
CN112395621A (en) * | 2020-11-27 | 2021-02-23 | 中电科技(北京)有限公司 | Operating system boot method, firmware, security certificate and computer |
CN112632562A (en) * | 2020-12-28 | 2021-04-09 | 四川虹微技术有限公司 | Equipment starting method, equipment management method and embedded equipment |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102722669A (en) * | 2012-05-28 | 2012-10-10 | 清华大学 | Completeness verification method of operating system |
CN102867141A (en) * | 2012-09-29 | 2013-01-09 | 北京奇虎科技有限公司 | Method and device for processing master boot record malicious programs |
WO2013025321A1 (en) * | 2011-08-16 | 2013-02-21 | Google Inc. | Secure recovery apparatus and method |
CN103530548A (en) * | 2013-10-22 | 2014-01-22 | 山东神思电子技术股份有限公司 | Embedded terminal dependable starting method based on mobile dependable computing module |
CN104298913A (en) * | 2013-07-18 | 2015-01-21 | 中国科学院信息工程研究所 | Universal safe intelligent terminal starting method |
CN104408370A (en) * | 2014-12-25 | 2015-03-11 | 珠海全志科技股份有限公司 | Android system security verification method and verification device thereof |
-
2015
- 2015-12-03 CN CN201510882012.6A patent/CN105426750A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2013025321A1 (en) * | 2011-08-16 | 2013-02-21 | Google Inc. | Secure recovery apparatus and method |
CN102722669A (en) * | 2012-05-28 | 2012-10-10 | 清华大学 | Completeness verification method of operating system |
CN102867141A (en) * | 2012-09-29 | 2013-01-09 | 北京奇虎科技有限公司 | Method and device for processing master boot record malicious programs |
CN104298913A (en) * | 2013-07-18 | 2015-01-21 | 中国科学院信息工程研究所 | Universal safe intelligent terminal starting method |
CN103530548A (en) * | 2013-10-22 | 2014-01-22 | 山东神思电子技术股份有限公司 | Embedded terminal dependable starting method based on mobile dependable computing module |
CN104408370A (en) * | 2014-12-25 | 2015-03-11 | 珠海全志科技股份有限公司 | Android system security verification method and verification device thereof |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017206768A1 (en) * | 2016-05-30 | 2017-12-07 | 深圳市中兴微电子技术有限公司 | Method and device for checking boot program and computer readable storage medium |
CN106096420A (en) * | 2016-06-15 | 2016-11-09 | 京信通信技术(广州)有限公司 | The method and apparatus of embedded device clean boot |
CN107729743A (en) * | 2016-08-10 | 2018-02-23 | 中国电信股份有限公司 | The method, apparatus and system started for realizing mobile terminal safety |
CN106789012A (en) * | 2016-12-21 | 2017-05-31 | 珠海市魅族科技有限公司 | A kind of method and device of production line burning firmware |
CN106789012B (en) * | 2016-12-21 | 2020-04-24 | 珠海市魅族科技有限公司 | Method and device for burning firmware in production line |
CN110168552A (en) * | 2017-01-12 | 2019-08-23 | 谷歌有限责任公司 | Verified guidance and key rotation |
CN110168552B (en) * | 2017-01-12 | 2023-09-08 | 谷歌有限责任公司 | Method, apparatus, system and medium for authenticated bootstrapping and key rotation |
CN107704282A (en) * | 2017-09-15 | 2018-02-16 | 北京东土科技股份有限公司 | A kind of loading method and device applied to embedded system |
CN107704282B (en) * | 2017-09-15 | 2021-02-02 | 北京东土科技股份有限公司 | Loading method and device applied to embedded system |
CN109445874A (en) * | 2018-11-15 | 2019-03-08 | 济南浪潮高新科技投资发展有限公司 | A kind of more activation systems and method with safety certification based on embedded Linux system |
CN110378125A (en) * | 2019-07-24 | 2019-10-25 | 北京智芯微电子科技有限公司 | The verification method of trust computing |
CN110688649A (en) * | 2019-10-16 | 2020-01-14 | 中国电子信息产业集团有限公司第六研究所 | Application loading method and device based on trusted technology |
CN112395621A (en) * | 2020-11-27 | 2021-02-23 | 中电科技(北京)有限公司 | Operating system boot method, firmware, security certificate and computer |
CN112632562A (en) * | 2020-12-28 | 2021-04-09 | 四川虹微技术有限公司 | Equipment starting method, equipment management method and embedded equipment |
CN112632562B (en) * | 2020-12-28 | 2024-01-26 | 四川虹微技术有限公司 | Device starting method, device management method and embedded device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105426750A (en) | Startup method of embedded system, and embedded device | |
CN103189877B (en) | software authentication | |
CN104424441B (en) | Processing system | |
KR102157560B1 (en) | System and method for verifying the integrity of electronic devices | |
US20100325628A1 (en) | Information processing device | |
US20130031371A1 (en) | Software Run-Time Provenance | |
JP5001123B2 (en) | Recording device, integrated circuit, access control method, program recording medium | |
US8392724B2 (en) | Information terminal, security device, data protection method, and data protection program | |
CN104956374A (en) | A method for software anti-rollback recovery | |
US20110093693A1 (en) | Binding a cryptographic module to a platform | |
CN103530548B (en) | Startup method that built-in terminal based on mobile trustable computation module is credible | |
CN108345805B (en) | Method and device for verifying firmware | |
CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
EP2547135A2 (en) | Apparatus and method for preventing copying of terminal unique information in portable terminal | |
WO2016101559A1 (en) | Secure data access method and device, and computer storage medium | |
JP6930884B2 (en) | BIOS management device, BIOS management system, BIOS management method, and BIOS management program | |
CN101908115A (en) | Method for realizing software trusted execution based on trusted platform module | |
EP3176723B1 (en) | Computer system and operating method therefor | |
US8844024B1 (en) | Systems and methods for using tiered signing certificates to manage the behavior of executables | |
TWI467408B (en) | Embedded devices and control methods thereof | |
CN102542698B (en) | Safety protective method of electric power mobile payment terminal | |
CN114816549A (en) | Method and system for protecting bootloader and environment variable thereof | |
CN110543769B (en) | Trusted starting method based on encrypted TF card | |
CN111125717A (en) | Method, device, equipment and medium for safely running BIOS (basic input output System) driver | |
Galanou et al. | Matee: Multimodal attestation for trusted execution environments |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160323 |
|
RJ01 | Rejection of invention patent application after publication |