CN108197477A - A kind of method prevented hard disk and replaced - Google Patents
A kind of method prevented hard disk and replaced Download PDFInfo
- Publication number
- CN108197477A CN108197477A CN201711497972.6A CN201711497972A CN108197477A CN 108197477 A CN108197477 A CN 108197477A CN 201711497972 A CN201711497972 A CN 201711497972A CN 108197477 A CN108197477 A CN 108197477A
- Authority
- CN
- China
- Prior art keywords
- hard disk
- bios
- operator
- codes
- replaced
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/80—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
Abstract
The present invention discloses a kind of method prevented hard disk and replaced, and the hard disk communicates respectively with BIOS, EC;The BIOS communicates with EC, and this method includes the following steps:In start process, BIOS is authenticated hard disk, judges whether hard disk is legal, if hard disk is legal, start-up operation system;If hard disk is illegal, operator's permission is verified after restarting and being configured, if operator has BIOS administrator rights, start-up operation system;If operator does not have BIOS administrator rights, BIOS sends to EC and destroys order, and EC destroys hard disk.Whether the present invention is replaced hard disk authentication determination hard disk by BIOS, realizes that hard disk is destroyed when illegally being replaced by EC communications, ensures the safety of information.
Description
Technical field
The present invention relates to hard disks to replace field, and in particular to a kind of method prevented hard disk and replaced.
Background technology
Nowadays, it is the epoch of mobile interchange, mobile equipment development speed is getting faster, the pen as one of mobile equipment
Remember that the yield of this computer is also increasing.Common notebook is X86-based, and domestic notebook also begins to send out gradually in recent years
Exhibition.This method is suitable for the X86-based with EC chips and domestic laptop.
The development of information security technology is also further extended into addition to establishing the security mechanism on operating system level
Firmware layer.Firmware [BIOS and EC(Embedded Controller, embeded processor)] bottom in computer system,
Have with computer hardware platforms and most closely contact, if platform hardware is replaced or firmware is changed by malicious code, can make
Entirely collapsing or cause computer system by malicious person from bottom control into computer system.Since firmware and computer are put down
Platform hardware has most closely contact, therefore can realize the detection function to platform hardware in firmware.Based on background above,
This patent proposes the detection function realized in firmware to hard disc of computer, realizes that hard disk is prevented replacing with cooperating for EC by BIOS
Change function.
Invention content
To solve the above problems, the present invention provides a kind of method that prevention hard disk replacement is realized based on BIOS and EC.
The technical scheme is that:A kind of method prevented hard disk and replaced, the hard disk communicate respectively with BIOS, EC;
The BIOS communicates with EC, and this method includes the following steps:
In start process, BIOS is authenticated hard disk, judges whether hard disk is legal, if hard disk is legal, start-up operation system;
If hard disk is illegal, operator's permission is verified after restarting and being configured, if operator has BIOS administrator rights, is opened
Dynamic operating system;If operator does not have BIOS administrator rights, BIOS is sent to EC destroys order, and EC is to hard disk into marketing
It ruins.
Further, when hard disk is illegal, first determine whether illegal operation number reaches preset times,
If reaching preset times, BIOS sends to EC and destroys order, and EC destroys hard disk;
If not up to preset times, restart and be configured, later verification operation person permission;If operator has BIOS administrators power
It limits, then start-up operation system;If operator does not have BIOS administrator rights, BIOS continues to be authenticated hard disk.
Further, BIOS is authenticated hard disk to specifically include step:
Read hard disk SN codes;
The hard disk SN codes of reading and pre-stored hard disk SN codes are compared;
If the hard disk SN codes read are identical with pre-stored hard disk SN codes, hard disk certification passes through;Otherwise hard disk certification is obstructed
It crosses.
Further, hard disk is illegal, and when operator has BIOS administrator rights, before start-up operation system first
It closes hard disk certification or injects new hard disk SN codes.
Whether the method that prevention hard disk provided by the invention is replaced, be replaced hard disk authentication determination hard disk by BIOS,
It realizes that hard disk is destroyed when illegally being replaced by EC communications, ensures the safety of information.
Description of the drawings
Fig. 1 is connection relationship diagram between computer firmware and hard disk.
Fig. 2 is one method flow schematic diagram of the specific embodiment of the invention.
Fig. 3 is two method flow schematic diagram of the specific embodiment of the invention.
Specific embodiment
Below in conjunction with the accompanying drawings and pass through specific embodiment the present invention will be described in detail, following embodiment is to the present invention
Explanation, and the invention is not limited in implementation below.
As shown in Figure 1, in computer systems, hard disk communicates respectively with BIOS, EC, BIOS communicates with EC.Firmware(BIOS
And EC)There is direct connection relation with hard disk, therefore be easy to implement the detection to hard disk.
The method that prevention hard disk provided by the present invention is replaced, core concept are:BIOS realizes hard disk authentication function and carries
For configuration item, by being switched on when is authenticated hard disk to judge whether hard disk is illegally replaced.Certification is by illustrating that hard disk closes
Method, then normal start-up operation system;Certification does not pass through, then illustrates that hard disk may be replaced illegally, and then according to judging operator
Permission determines activation system or destroys hard disk.
Embodiment one
As shown in Fig. 2, the present embodiment specifically includes following steps:
S1:In start process, BIOS is authenticated hard disk, judges whether hard disk is legal.
S2:If hard disk is legal, start-up operation system;
It should be noted that by loading start-up operation system file, start-up operation system is realized.
S3:If hard disk is illegal, operator's permission is verified after restarting and being configured.
S4:If operator has BIOS administrator rights, start-up operation system.
S5:If operator does not have BIOS administrator rights, BIOS is sent to EC destroys order, and EC is to hard disk into marketing
It ruins.
In addition, it is necessary to explanation, BIOS is by reading hard disk SN(SN, Serial Number)Hard disk is recognized in realization
Card, concrete methods of realizing are as follows:
Read hard disk SN codes;
The hard disk SN codes of reading and pre-stored hard disk SN codes are compared;
If the hard disk SN codes read are identical with pre-stored hard disk SN codes, hard disk certification passes through;Otherwise hard disk certification is obstructed
It crosses.
It should be noted that pre-stored hard disk SN codes are stored in flash.
Embodiment two
On the basis of above-described embodiment one, to further improve prevention accuracy, prevent from accidentally destroying, cause unnecessary waste;
And after normally hard disk is replaced, quickly can normally it start, as shown in figure 3, the present embodiment provides following methods steps:
S1:In start process, BIOS is authenticated hard disk, judges whether hard disk is legal.
S2:If hard disk is legal, start-up operation system.
S3:If hard disk is illegal, judge whether illegal operation number reaches preset times;
It should be noted that in the present embodiment, preset times are set as 3 times.
In addition, it is necessary to explanation, BIOS is by reading hard disk SN(SN, Serial Number)Hard disk is recognized in realization
Card, concrete methods of realizing are as follows:
Read hard disk SN codes;
The hard disk SN codes of reading and pre-stored hard disk SN codes are compared;
If the hard disk SN codes read are identical with pre-stored hard disk SN codes, hard disk certification passes through;Otherwise hard disk certification is obstructed
It crosses.
It should be noted that pre-stored hard disk SN codes are stored in flash.
S4:If reaching preset times, BIOS sends to EC and destroys order, and EC destroys hard disk.
S5:If not up to preset times, restart and be configured.
S6:Verification operation person's permission;
It should be noted that operator's permission refers to whether there is BIOS administrator rights.
S7:If operator has BIOS administrator rights, close hard disk certification or inject new hard disk SN codes.
S8:Start-up operation system.
The present invention realizes the detection function to hard disc of computer in firmware, realizes that hard disk is prevented with cooperating for EC by BIOS
Replacement function, method is easy to operate, can effectively ensure that information security.
Disclosed above is only the preferred embodiment of the present invention, but the present invention is not limited to this, any this field
What technical staff can think several improvement for not having creative variation and being made without departing from the principles of the present invention and
Retouching, should all be within the scope of the present invention.
Claims (4)
1. a kind of method prevented hard disk and replaced, the hard disk communicate respectively with BIOS, EC;The BIOS communicates with EC, special
Sign is that this method includes the following steps:
In start process, BIOS is authenticated hard disk, judges whether hard disk is legal, if hard disk is legal, start-up operation system;
If hard disk is illegal, operator's permission is verified after restarting and being configured, if operator has BIOS administrator rights, is opened
Dynamic operating system;If operator does not have BIOS administrator rights, BIOS is sent to EC destroys order, and EC is to hard disk into marketing
It ruins.
2. the method that prevention hard disk according to claim 1 is replaced, which is characterized in that when hard disk is illegal, first determine whether
Whether illegal operation number reaches preset times,
If reaching preset times, BIOS sends to EC and destroys order, and EC destroys hard disk;
If not up to preset times, restart and be configured, later verification operation person permission;If operator has BIOS administrators power
It limits, then start-up operation system;If operator does not have BIOS administrator rights, BIOS continues to be authenticated hard disk.
3. the method that prevention hard disk according to claim 1 or 2 is replaced, which is characterized in that BIOS is authenticated hard disk
Specifically include step:
Read hard disk SN codes;
The hard disk SN codes of reading and pre-stored hard disk SN codes are compared;
If the hard disk SN codes read are identical with pre-stored hard disk SN codes, hard disk certification passes through;Otherwise hard disk certification is obstructed
It crosses.
4. the method that prevention hard disk according to claim 3 is replaced, which is characterized in that hard disk is illegal, and operator has
During standby BIOS administrator rights, hard disk certification is first closed before start-up operation system or injects new hard disk SN codes.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711497972.6A CN108197477A (en) | 2017-12-29 | 2017-12-29 | A kind of method prevented hard disk and replaced |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711497972.6A CN108197477A (en) | 2017-12-29 | 2017-12-29 | A kind of method prevented hard disk and replaced |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108197477A true CN108197477A (en) | 2018-06-22 |
Family
ID=62587660
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711497972.6A Pending CN108197477A (en) | 2017-12-29 | 2017-12-29 | A kind of method prevented hard disk and replaced |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108197477A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109710319A (en) * | 2018-12-06 | 2019-05-03 | 郑州云海信息技术有限公司 | A kind of recognition methods and system of computer hard disk in place |
| WO2021159653A1 (en) * | 2020-02-10 | 2021-08-19 | 山东超越数控电子股份有限公司 | Method and apparatus for measuring security of hard disk of server |
| CN117171815A (en) * | 2023-11-01 | 2023-12-05 | 北京初志科技有限公司 | Method and system for preventing hard disk data leakage and notebook computer |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030135350A1 (en) * | 2002-01-15 | 2003-07-17 | International Business Machines Corporation | Use of hidden partitions in a storage device for storing BIOS extension files |
| CN101165696A (en) * | 2006-10-16 | 2008-04-23 | 中国长城计算机深圳股份有限公司 | Safety identification method based on safe computer |
| CN101256610A (en) * | 2008-04-08 | 2008-09-03 | 深圳华北工控有限公司 | Method for ciphering computer system |
| CN102650944A (en) * | 2011-02-28 | 2012-08-29 | 国民技术股份有限公司 | Operation system security bootstrap device and bootstrap device |
| CN104866437A (en) * | 2015-06-03 | 2015-08-26 | 杭州华澜微科技有限公司 | BIOS authentication-based safety hard disk and data authentication method |
| CN106909848A (en) * | 2015-12-22 | 2017-06-30 | 中电科技(北京)有限公司 | A kind of computer security strengthening system and its method based on BIOS extensions |
-
2017
- 2017-12-29 CN CN201711497972.6A patent/CN108197477A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030135350A1 (en) * | 2002-01-15 | 2003-07-17 | International Business Machines Corporation | Use of hidden partitions in a storage device for storing BIOS extension files |
| CN101165696A (en) * | 2006-10-16 | 2008-04-23 | 中国长城计算机深圳股份有限公司 | Safety identification method based on safe computer |
| CN101256610A (en) * | 2008-04-08 | 2008-09-03 | 深圳华北工控有限公司 | Method for ciphering computer system |
| CN102650944A (en) * | 2011-02-28 | 2012-08-29 | 国民技术股份有限公司 | Operation system security bootstrap device and bootstrap device |
| CN104866437A (en) * | 2015-06-03 | 2015-08-26 | 杭州华澜微科技有限公司 | BIOS authentication-based safety hard disk and data authentication method |
| CN106909848A (en) * | 2015-12-22 | 2017-06-30 | 中电科技(北京)有限公司 | A kind of computer security strengthening system and its method based on BIOS extensions |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109710319A (en) * | 2018-12-06 | 2019-05-03 | 郑州云海信息技术有限公司 | A kind of recognition methods and system of computer hard disk in place |
| WO2021159653A1 (en) * | 2020-02-10 | 2021-08-19 | 山东超越数控电子股份有限公司 | Method and apparatus for measuring security of hard disk of server |
| CN117171815A (en) * | 2023-11-01 | 2023-12-05 | 北京初志科技有限公司 | Method and system for preventing hard disk data leakage and notebook computer |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110023941B (en) | System on chip and method for realizing switching of safety operation system | |
| JP5350528B2 (en) | System and method for providing platform with additional security through location-based data | |
| CN1795439B (en) | Security system and method for computer operating systems | |
| TWI279723B (en) | Method and apparatus for unlocking a computer system hard drive | |
| KR101654778B1 (en) | Hardware-enforced access protection | |
| US20090288161A1 (en) | Method for establishing a trusted running environment in the computer | |
| US20120011354A1 (en) | Boot loading of secure operating system from external device | |
| CN108197477A (en) | A kind of method prevented hard disk and replaced | |
| WO2008118663A1 (en) | Direct peripheral communication for restricted mode operation | |
| US20150302201A1 (en) | Device and method for processing transaction request in processing environment of trust zone | |
| CN105122260A (en) | Context based switching to a secure operating system environment | |
| JP2007034875A (en) | Use management method for peripheral, electronic system and constituent device therefor | |
| CN101782951A (en) | Hard disc remote destroying antitheft system and method | |
| WO2016127448A1 (en) | System switching method, system switching apparatus and terminal | |
| CN108763971A (en) | A kind of data safety storage device and method, mobile terminal | |
| CN100476761C (en) | Device and method of realizing hard disk safety isolation | |
| CN112181513B (en) | Trusted measurement method based on control host system guidance of hardware board card | |
| US10783088B2 (en) | Systems and methods for providing connected anti-malware backup storage | |
| CN101021793A (en) | Method and system for realizing Pre-OS Application utilizing extended BIOS technique | |
| TW201019160A (en) | Clearing secure system resources in a computing device | |
| CN101071459A (en) | Computer system safety protection setting method and its device | |
| CN111967025A (en) | Method, device, equipment and storage medium for encrypting and protecting server starting option | |
| US20020169989A1 (en) | Method and apparatus for access security in computers | |
| CN103020509A (en) | Terminal equipment encryption and decryption method, device and terminal equipment | |
| WO2010151102A1 (en) | Remote destroy mechanism using trusted platform module |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180622 |
|
| RJ01 | Rejection of invention patent application after publication |