CN109614799B - Information authentication method - Google Patents
Information authentication method Download PDFInfo
- Publication number
- CN109614799B CN109614799B CN201811435729.6A CN201811435729A CN109614799B CN 109614799 B CN109614799 B CN 109614799B CN 201811435729 A CN201811435729 A CN 201811435729A CN 109614799 B CN109614799 B CN 109614799B
- Authority
- CN
- China
- Prior art keywords
- hard disk
- trusted
- tpcm
- information
- computer system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to an information authentication method, which can complete user identity authentication at the starting stage of a trusted hard disk, thereby avoiding the behavior that computer equipment is stolen and information is falsified, and can utilize biological information to carry out security authentication on TPCM (trusted personal computer) and carry out security authentication at the starting stage of BIOS (basic input output system), thereby providing an all-round computer system security starting method for users, and greatly improving the security of a computer system.
Description
Technical Field
The invention relates to the field of computer security, in particular to an information authentication method.
Background
With the rapid development of trusted computing technology, the trusted computing technology is popular with businesses, society, research institutions and individuals, but the information security faces more and more security threats. At present, the information security problem becomes a bottleneck of real implementation of a trusted computing platform, the information security technology guarantees the safe operation of a system by means of combining a robust cryptographic algorithm and a secret key, but the mechanism of pure software is not absolutely secure, and many users can cause the leakage, the stealing, the tampering and the damage of sensitive data due to improper operation in management and use. In addition, pure software cryptographic operations consume a large amount of computer resources and time, so that the pure software cryptographic operations cannot meet the requirements for information security.
The trusted 3.0 is used for improving the overall security of the system, and the main idea is to introduce a trusted Platform module tpm (trusted Platform module) on the existing device hardware Platform, and provide cryptographic operation through the trusted Platform module to realize the functions of trusted boot, identity certification, data protection and the like, so as to ensure the system security of the computer. The TPCM realizes the functions of safe starting, identity authentication, data encryption and the like on a computer, and can solve the safety problem of a computer system.
Disclosure of Invention
The invention provides an information authentication method, which is suitable for carrying out security authentication on a computer system and can greatly improve the security of the computer system compared with the security authentication method in the prior art.
The invention provides an information authentication method, which is characterized by comprising the following steps:
step 1: the system is powered on and started, the TPCM carries out active security measurement on the computer system, if the measurement is passed, the step 2 is carried out, otherwise, the step 3 is carried out;
step 2: a login dialog box is added in the OPROM, and the identity authentication of personnel is realized in the OPROM when the trusted hard disk is started;
and step 3: and reporting abnormal information and forbidding the computer system to start.
Preferably, the step 2 comprises:
adding an 'administeror password' field setting in a TPCM configuration item in an OPROM, so that a manager can realize user identity authentication in a trusted hard disk starting stage by configuring the configuration item.
Preferably, before the step 1, the method further comprises:
and identifying the identity of an operator through the biological identification equipment, if the identity passes the identification, performing active security measurement on the computer system by using the TPCM, and otherwise, reporting abnormal information and forbidding the operator to operate the TPCM.
Preferably, the recognizing the identity of the operator by the biometric device includes:
the system is connected with the TPCM through an external biological recognition device, and prompts an operator to input biological information for safety verification after the TPCM is electrified and started and before the active safety measurement function is formally started.
Preferably, the biological information comprises one or more of the following biological information in combination:
fingerprint information, sclera information, and face information.
Preferably, the method further comprises the following steps between the step 1 and the step 2:
and changing the TPCM configuration item in the BIOS to realize the user identity authentication in the BIOS starting stage, if the authentication is passed, normally starting the computer system, otherwise, reporting abnormal information.
Preferably, the change of the TPCM configuration item in the BIOS:
an "administeror password" is added to the TPCM configuration item included in the BIOS.
The invention also provides a trusted control method based on the trusted hard disk, which is characterized by comprising the following steps:
step 1, electrifying a trusted hard disk, measuring other hardware in a system where the trusted hard disk is located by using a TPCM (tire pressure monitor) module embedded in a hard disk chip in the trusted hard disk, entering step 2 if the measurement result of the other hardware is normal, and alarming if the measurement result of the other hardware is abnormal;
step 2, electrifying other hardware, measuring software in a system where the credible hard disk is located after the system where the credible hard disk is located is started, entering step 3 if the measurement result of the software is normal, and alarming if the measurement result of the software is abnormal;
and 3, the system where the trusted hard disk is located normally operates, when the system where the trusted hard disk is located performs read/write operation on the trusted hard disk, the TPCM embedded in a hard disk chip in the trusted hard disk is utilized to perform decoding/encryption on the data which is cached in the system where the trusted hard disk is located and needs to be read/written, and then the data which is cached in the system where the trusted hard disk is located and needs to be read/written is read/written to the trusted hard disk.
Preferably, the other hardware in the system where the trusted hard disk is located includes: a BMC chip and a BIOS chip;
the software in the system where the trusted hard disk is located comprises: MBR, OS LOADER, and OS KERNEL.
Preferably, the decrypting/encrypting the data which is cached in the system where the trusted hard disk is located and needs to be read/written by using the TPCM module embedded in the hard disk chip of the trusted hard disk includes:
and the system where the trusted hard disk is located calls a TCM module of a TPCM module embedded in a hard disk chip in the trusted hard disk to decrypt/encrypt data to be read/written by the trusted hard disk in the system where the trusted hard disk is located.
Preferably, the trusted hard disk is an IDE hard disk, a PIDE hard disk, an SCSI hard disk, an SATA hard disk, an SAS hard disk or an SSD hard disk.
Preferably, the trusted hard disk supports an m.2 interface, an SAS interface, an SATA interface, and/or an M.P interface.
Preferably, the alarm comprises: and lightening an indicator lamp, sounding an alarm, and prompting printing error information or shutdown by a printing interface.
The information authentication method can complete user identity authentication in the starting stage of the trusted hard disk, thereby avoiding the behavior that the computer equipment is stolen and information is tampered, and can utilize the biological information to carry out safety authentication on the TPCM and carry out safety authentication in the starting stage of the BIOS, thereby providing an all-round computer system safety starting method for users, and further greatly improving the safety of the computer system.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a flowchart illustrating an information authentication method according to an embodiment of the present invention;
FIG. 2 is a flowchart of an information authentication method according to a second embodiment of the present invention;
fig. 3 is a flowchart of an information authentication method according to a third embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will now be described in detail with reference to the accompanying drawings.
The information authentication method is applied to a computer system, wherein the computer system has the function of active security measurement, and the function of active security measurement is realized by adding a TPCM security chip in the computer system.
The TPCM is used for carrying out active safety measurement on each main firmware and components of the computer system in the process of powering on and starting the computer system, wherein the main firmware and the components comprise BIOS firmware, BMC firmware, a designated hard disk partition and the like, if the active measurement result is normal, the computer system is allowed to be normally started, and otherwise, the computer system is forbidden to be normally started.
Example one
Based on the computer system, the present embodiment proposes an information authentication method, whose flowchart is shown in fig. 1, the method includes the following steps:
step 1: after the system is powered on and started, the identity of an operator is identified through the biological identification equipment, if the identity passes the step 2, otherwise, the step 3 is carried out.
Specifically, in order to realize the active security measurement of the computer system, the TPCM security chip needs to be powered on and started before the computer system is started.
Specifically, in order to avoid the TPCM being stolen and tampered by people, the TPCM is connected with a biological identification device such as an external USBKey and a fingerprint acquisition instrument, and after the TPCM is electrified and started and before an active security measurement function is formally started, an operator is prompted to enter biological information for security verification.
Preferably, the biological information includes fingerprint information, sclera information, face information, and the like.
Step 2: and the TPCM formally enters a working state and carries out active safety measurement on the computer system.
Specifically, the content of the active security metric includes integrity check of BIOS firmware, BMC firmware, a designated hard disk partition, and the like.
And step 3: and reporting abnormal information, and forbidding an operator to operate the TPCM.
Specifically, if the identity authentication of the operator fails, the computer system is proved to have risks of being stolen and information falsified, and in this case, the computer system automatically enables the TPCM to enter a locked state and controls the TPCM to be powered off.
According to the safety authentication method in the embodiment, when the computer system is started, the TPCM safety chip is authenticated by using the biological information of an operator, if the authentication is passed, the TPCM is used for carrying out active safety measurement on the computer system, otherwise, the operator is prohibited from operating the TPCM safety chip.
Example two
The present embodiment provides another information authentication method based on the first embodiment, and a flowchart thereof is shown in fig. 2, where the method includes:
step 1: and (3) electrifying and starting the system, carrying out active security measurement on the computer system by utilizing the TPCM, and entering the step 2 if the measurement is passed, or entering the step 3 if the measurement is not passed.
Specifically, the content of the active security metric is as described above, and is not described herein again.
Step 2: and (3) changing the TPCM configuration item in the BIOS to realize the user identity authentication in the BIOS starting stage, if the authentication is passed, normally starting the computer system, otherwise, entering the step 3.
Specifically, the changing of the TPCM configuration item in the BIOS includes adding an administeror password to the TPCM configuration item in the BIOS, so that an Administrator can configure the configuration item to realize user identity authentication at the BIOS startup stage.
And step 3: and reporting abnormal information and forbidding the computer system to start.
Specifically, if the identity authentication of the operator fails, the computer system is proved to have risks of being stolen and information falsified, and in this case, the computer system automatically enables the TPCM to enter a locked state and controls the TPCM to be powered off.
Preferably, the method in this embodiment may be combined with the method in the first embodiment, so as to obtain a method capable of performing biometric authentication on the TPCM and performing user identity security authentication in the BIOS stage at the same time, where the process of performing user identity authentication in the BIOS stage is located after the process of performing biometric authentication on the TPCM.
The safety authentication method in the embodiment realizes the user identity authentication in the BIOS starting stage by adding the configuration items about the TPCM in the BIOS, and can avoid the computer system from being stolen and information tampering, thereby improving the safety of the computer system.
EXAMPLE III
In this embodiment, another information authentication method is proposed based on the security authentication method in the first embodiment and the second embodiment, preferably, the flow of the security authentication method in this embodiment may be implemented alone, or may be combined with the flow of the method in the first embodiment and the second embodiment, and the flow chart is shown in fig. 3, where the security authentication method in this embodiment includes:
step 1: and (3) electrifying and starting the system, carrying out active security measurement on the computer system by the TPCM, and entering the step (2) if the measurement is passed, or entering the step (3).
Step 2: and a login dialog box is added in the OPROM, and the personnel identity authentication is realized in the OPROM when the trusted hard disk is started.
Specifically, an "administeror password" field is added in a TPCM configuration item in the OPROM, so that a manager can configure the configuration item to realize user identity authentication at a trusted hard disk boot stage.
And step 3: and reporting abnormal information and forbidding the computer system to start.
Specifically, if the identity authentication of the operator fails, the computer system is proved to have risks of being stolen and information falsified, and in this case, the computer system automatically enables the TPCM to enter a locked state and controls the TPCM to be powered off.
Preferably, before step 1, the TPCM may be authenticated by using the biometric information according to the method in the first embodiment, and between step 1 and step 2, the authentication of the user may be completed in the BIOS booting stage according to the method in the second embodiment.
The technical scheme of the embodiment can finish the user identity authentication at the starting stage of the trusted hard disk, so that the behaviors that the computer equipment is stolen and information is tampered are avoided, and the embodiment can be combined with the first embodiment and the second embodiment, so that an all-around computer system security authentication method is provided for a user, and the security of the computer system is greatly improved.
Example four
The invention also provides a trusted control method based on the trusted hard disk, which is characterized by comprising the following steps:
step 1, electrifying a trusted hard disk, measuring other hardware in a system where the trusted hard disk is located by using a TPCM (tire pressure monitor) module embedded in a hard disk chip in the trusted hard disk, entering step 2 if the measurement result of the other hardware is normal, and alarming if the measurement result of the other hardware is abnormal;
step 2, electrifying other hardware, measuring software in a system where the credible hard disk is located after the system where the credible hard disk is located is started, entering step 3 if the measurement result of the software is normal, and alarming if the measurement result of the software is abnormal;
and 3, the system where the trusted hard disk is located normally operates, when the system where the trusted hard disk is located performs read/write operation on the trusted hard disk, the TPCM embedded in a hard disk chip in the trusted hard disk is utilized to perform decoding/encryption on the data which is cached in the system where the trusted hard disk is located and needs to be read/written, and then the data which is cached in the system where the trusted hard disk is located and needs to be read/written is read/written to the trusted hard disk.
Preferably, the other hardware in the system where the trusted hard disk is located includes: a BMC chip and a BIOS chip;
the software in the system where the trusted hard disk is located comprises: MBR, OS LOADER, and OS KERNEL.
Preferably, the decrypting/encrypting the data which is cached in the system where the trusted hard disk is located and needs to be read/written by using the TPCM module embedded in the hard disk chip of the trusted hard disk includes:
and the system where the trusted hard disk is located calls a TCM module of a TPCM module embedded in a hard disk chip in the trusted hard disk to decrypt/encrypt data to be read/written by the trusted hard disk in the system where the trusted hard disk is located.
Preferably, the trusted hard disk can be an IDE hard disk, a PIDE hard disk, an SCSI hard disk, an SATA hard disk, an SAS hard disk and/or an SSD hard disk.
Preferably, the trusted hard disk supports an m.2 interface, an SAS interface, an SATA interface, and/or an M.P interface.
Preferably, the alarm comprises: and lightening an indicator lamp, sounding an alarm, and prompting printing error information or shutdown by a printing interface.
Through the technical scheme in the embodiment, other hardware in the system and software in the system where the trusted hard disk is located can be measured by using the TPCM embedded in the trusted hard disk, and in the normal operation process of the system where the trusted hard disk is located, the TPCM embedded in the trusted hard disk can be used for controlling the trusted reading and writing of data in the trusted hard disk.
In the embodiments provided in the present invention, it should be understood that the disclosed method and terminal can be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.
In addition, the technical solutions in the above several embodiments can be combined and replaced with each other without contradiction.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned. Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of modules or means recited in the system claims may also be implemented by one module or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.
Claims (9)
1. An information authentication method is applied to a computer system with the function of active security measurement, wherein the function of active security measurement is realized by adding a TPCM security chip in the computer system;
the TPCM is used for carrying out active security measurement on each main firmware and each component of the computer system in the process of power-on starting of the computer system;
the main firmware and components comprise BIOS firmware, BMC firmware and a designated hard disk partition; if the active measurement result is normal, allowing the computer system to be normally started, otherwise forbidding the computer system to be normally started;
the method comprises the following steps:
step 1: the system is powered on and started, the TPCM carries out active security measurement on the computer system, if the measurement is passed, the step 2 is carried out, otherwise, the step 3 is carried out;
before starting the computer system, the TPCM security chip is powered on and started;
the system is connected with the TPCM through an external USBKey and a fingerprint acquisition instrument biological identification device, and prompts an operator to input biological information for safety verification after the TPCM is electrified and started and before an active safety measurement function is formally started;
the biological information comprises one or more of fingerprint information, sclera information or face information;
step 2: a login dialog box is added in the OPROM, and the identity authentication of personnel is realized in the OPROM when the trusted hard disk is started;
and step 3: reporting abnormal information, and forbidding the computer system to start; disabling the operator from operating the TPCM: and if the identity authentication of the operator fails, the computer system is proved to have the risks of being stolen and information falsification, and in the case, the computer system automatically enables the TPCM to enter a locking state and controls the TPCM to be powered off.
2. An information authentication method as claimed in claim 1, wherein said step 2 comprises: adding an 'administeror password' field setting in a TPCM configuration item in an OPROM, so that a manager can realize user identity authentication in a trusted hard disk starting stage by configuring the configuration item.
3. The method for authenticating information according to claim 1, further comprising, between the step 1 and the step 2:
and changing the TPCM configuration item in the BIOS to realize the user identity authentication in the BIOS starting stage, if the authentication is passed, normally starting the computer system, otherwise, reporting abnormal information.
4. The information authentication method of claim 3, wherein said changing the TPCM configuration in the BIOS:
an "administeror password" is added to the TPCM configuration item included in the BIOS.
5. A trusted control method based on a trusted hard disk is characterized by comprising the following steps:
step 1, electrifying a trusted hard disk, measuring other hardware in a system where the trusted hard disk is located by using a TPCM (tire pressure monitor) module embedded in a hard disk chip in the trusted hard disk, entering step 2 if the measurement result of the other hardware is normal, and alarming if the measurement result of the other hardware is abnormal;
step 2, electrifying other hardware, measuring software in a system where the credible hard disk is located after the system where the credible hard disk is located is started, entering step 3 if the measurement result of the software is normal, and alarming if the measurement result of the software is abnormal;
step 3, the system where the trusted hard disk is located normally operates, when the system where the trusted hard disk is located performs read/write operation on the trusted hard disk, the TPCM module embedded in a hard disk chip in the trusted hard disk is used for performing decryption/encryption on the data which is cached in the system where the trusted hard disk is located and needs to be read/written, and then the data which needs to be read/written by the trusted hard disk is read/written to the trusted hard disk;
the method for decrypting/encrypting the data which is cached in the system where the trusted hard disk is located and needs to be read/written by using the TPCM embedded in the hard disk chip in the trusted hard disk comprises the following steps:
and the system where the trusted hard disk is located calls a TCM module of a TPCM module embedded in a hard disk chip in the trusted hard disk to decrypt/encrypt data to be read/written by the trusted hard disk in the system where the trusted hard disk is located.
6. The method of claim 5, wherein the other hardware in the system where the trusted hard disk resides comprises: a BMC chip and a BIOS chip;
the software in the system where the trusted hard disk is located comprises: MBR, OS LOADER, and OS KERNEL.
7. The method of claim 5, wherein the trusted hard disk is an IDE hard disk, a PIDE hard disk, a SCSI hard disk, a SATA hard disk, a SAS hard disk, or an SSD hard disk.
8. The method of claim 7, wherein the trusted hard disk supports an m.2 interface, a SAS interface, a SATA interface, and/or an M.P interface.
9. The method of claim 5, wherein the alerting comprises: and lightening an indicator lamp, sounding an alarm, and prompting printing error information or shutdown by a printing interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811435729.6A CN109614799B (en) | 2018-11-28 | 2018-11-28 | Information authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811435729.6A CN109614799B (en) | 2018-11-28 | 2018-11-28 | Information authentication method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109614799A CN109614799A (en) | 2019-04-12 |
| CN109614799B true CN109614799B (en) | 2021-03-16 |
Family
ID=66005311
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811435729.6A Active CN109614799B (en) | 2018-11-28 | 2018-11-28 | Information authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109614799B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110677250B (en) | 2018-07-02 | 2022-09-02 | 阿里巴巴集团控股有限公司 | Key and certificate distribution method, identity information processing method, device and medium |
| CN110795774B (en) | 2018-08-02 | 2023-04-11 | 阿里巴巴集团控股有限公司 | Measurement method, device and system based on trusted high-speed encryption card |
| CN110795742B (en) | 2018-08-02 | 2023-05-02 | 阿里巴巴集团控股有限公司 | Metric processing method, device, storage medium and processor for high-speed cryptographic operation |
| CN110874478B (en) | 2018-08-29 | 2023-05-02 | 阿里巴巴集团控股有限公司 | Key processing method and device, storage medium and processor |
| CN111858114B (en) * | 2019-04-30 | 2024-06-14 | 阿里巴巴集团控股有限公司 | Device starting exception handling and device starting control method, device and system |
| CN110933057B (en) * | 2019-11-21 | 2021-11-23 | 深圳渊联技术有限公司 | Internet of things security terminal and security control method thereof |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101515316A (en) * | 2008-02-19 | 2009-08-26 | 北京工业大学 | Trusted computing terminal and trusted computing method |
| CN201408535Y (en) * | 2009-05-11 | 2010-02-17 | 方正科技集团苏州制造有限公司 | Trusted hard disk facing to trusted computation cryptograph supporting platform |
| CN102279914A (en) * | 2011-07-13 | 2011-12-14 | 中国人民解放军海军计算技术研究所 | Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same |
| CN103534976A (en) * | 2013-06-05 | 2014-01-22 | 华为技术有限公司 | Data security protection method, server, host, and system |
| CN106295352A (en) * | 2016-07-29 | 2017-01-04 | 北京三未信安科技发展有限公司 | The method of credible tolerance, main frame and system under basic input output system environment |
| CN106934268A (en) * | 2017-03-31 | 2017-07-07 | 山东超越数控电子有限公司 | A kind of method that encrypting fingerprint is realized in BIOS |
| JP2017157018A (en) * | 2016-03-02 | 2017-09-07 | 株式会社リコー | Information processing device, information processing method, information processing program, and trusted platform module |
-
2018
- 2018-11-28 CN CN201811435729.6A patent/CN109614799B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101515316A (en) * | 2008-02-19 | 2009-08-26 | 北京工业大学 | Trusted computing terminal and trusted computing method |
| CN201408535Y (en) * | 2009-05-11 | 2010-02-17 | 方正科技集团苏州制造有限公司 | Trusted hard disk facing to trusted computation cryptograph supporting platform |
| CN102279914A (en) * | 2011-07-13 | 2011-12-14 | 中国人民解放军海军计算技术研究所 | Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same |
| CN103534976A (en) * | 2013-06-05 | 2014-01-22 | 华为技术有限公司 | Data security protection method, server, host, and system |
| JP2017157018A (en) * | 2016-03-02 | 2017-09-07 | 株式会社リコー | Information processing device, information processing method, information processing program, and trusted platform module |
| CN106295352A (en) * | 2016-07-29 | 2017-01-04 | 北京三未信安科技发展有限公司 | The method of credible tolerance, main frame and system under basic input output system environment |
| CN106934268A (en) * | 2017-03-31 | 2017-07-07 | 山东超越数控电子有限公司 | A kind of method that encrypting fingerprint is realized in BIOS |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109614799A (en) | 2019-04-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109614799B (en) | Information authentication method | |
| US10516533B2 (en) | Password triggered trusted encryption key deletion | |
| US7900252B2 (en) | Method and apparatus for managing shared passwords on a multi-user computer | |
| Altuwaijri et al. | Android data storage security: A review | |
| EP2583410B1 (en) | Single-use authentication methods for accessing encrypted data | |
| TWI277904B (en) | Method, recording medium and system for protecting information | |
| CN107665316B (en) | Computer BIOS design method based on authentication and credibility measurement | |
| US20150012748A1 (en) | Method And System For Protecting Data | |
| US20110040961A1 (en) | Binding data to a computing platform through use of a cryptographic module | |
| CN109583214B (en) | Safety control method | |
| CN107679425A (en) | A kind of credible startup method of the joint full disk encryption based on firmware and USBkey | |
| CN109614154A (en) | A kind of computer safety start method | |
| US7441118B2 (en) | Network appliance having trusted device for providing verifiable identity and/or integrity information | |
| CN109583169B (en) | Security authentication method | |
| CN104361298B (en) | The method and apparatus of Information Security | |
| CN113918953A (en) | Trusted server security control device and method and trusted server | |
| CN109583197B (en) | Trusted overlay file encryption and decryption method | |
| JP2008160325A (en) | User authentication method using removable device, and computer | |
| CN109598125B (en) | Safe starting method | |
| CN109598119B (en) | Credible encryption and decryption method | |
| Zhao et al. | Gracewipe: Secure and Verifiable Deletion under Coercion. | |
| CN110601846B (en) | System and method for verifying virtual trusted root | |
| CN109583196B (en) | Key generation method | |
| CN110020562A (en) | The full encryption method of hard disk and device based on UEFI | |
| CN109598150B (en) | Key using method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |