CN110096882A - A kind of security measure method in equipment running process - Google Patents
A kind of security measure method in equipment running process Download PDFInfo
- Publication number
- CN110096882A CN110096882A CN201810092539.2A CN201810092539A CN110096882A CN 110096882 A CN110096882 A CN 110096882A CN 201810092539 A CN201810092539 A CN 201810092539A CN 110096882 A CN110096882 A CN 110096882A
- Authority
- CN
- China
- Prior art keywords
- tpcm
- equipment
- operating system
- measurement
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a kind of security measure methods in equipment running process, including in the normal boot process to equipment, measurement and verification operation are carried out to operating system loader and operating system nucleus, equipment enters normal operating conditions if being normally if measurement results, and operating system is measured in real time, if it was found that measurement results are abnormal, then equipment is shut down, technical solution of the present invention can integrate TPCM module in main control chip to realize the multiplexing of solid-state memory, TPCM security measure function is realized using main control chip, the object of measurement includes the firmware of various chips, OS LOADER, OS KERNEL and running operating system etc., to carry out comprehensive security measure to equipment.
Description
Technical field
Security measure method the present invention relates to trust computing field, in particular in a kind of equipment running process.
Background technique
Trust computing is as one new developing direction of information security field by more and more companies and research institution
Pay attention to.The main target of credible accounting system is the calculating environment for constructing a user and being expected, to guarantee computing resource
It will not be maliciously tampered, steal.
The concept of domestic trust computing has also obtained being widely recognized as and promoting for government, army, enterprise etc..By many years
Other countries have been led in development, the research of domestic trust computing theory and technology, and having developed to has active control, active
3.0 epoch of trust computing of measurement.One of main innovation of trust computing 3.0 is to realize active metric function, actively control
The credible platform control module TPCM of system carries out integrity measurement to firmware before CPU runs firmware code, it is ensured that firmware is not
It is tampered.The password support function to trusted software base may be implemented in TPCM module combination TCM module.
Trust computing 3.0 will lean on the mode of the TPCM card of special PCIE interface to be aided with the side of individual mainboard connecting line at present
Formula is realized, however the TPCM card for being provided with PCIE interface has the characteristics that hardware cost is high, and it is independent to need mainboard to provide
PCIE slot support there is certain requirement to the space of equipment, interface;In addition this connection type also needs individually to connect
Wiring, therefore the compatibility of mainboard can be reduced, and the presence of connecting line may the stabilization to equipment can have a certain impact.
Summary of the invention
Based on the above-mentioned problems in the prior art, it is necessary to propose the security measure side in a kind of equipment running process
The TPCM firmware for being used for security measure is integrated in main control chip by method, carries out security measure to equipment to guarantee its operation
Safety.
A kind of security measure method in equipment running process, which comprises the steps of:
Step 1:TPCM carries out integrity measurement and verification to operating system loader OS LOADER, if measurement results are
Normally, then it executes the OS LOADER and continues to execute step 2;Otherwise prompt has exception;
Step 2:TPCM to operating system nucleus OS KERNEL carry out measurement and verification operation, if measurement results be it is normal,
The OS KERNEL and load document system are then run, and enters step 3;Otherwise prompt has exception;
Step 3: equipment enters operating system, and TPCM carries out real-time metrics to operating system, if measurement results are exception,
Prompt has exception.
The metric operations call TCM to complete by the TPCM module in main control chip.
TPCM described in the step 3 carries out real-time metrics to operating system are as follows:
The security metrics to operating system are completed at interval at predetermined time intervals.
Before the step 1, by TPCM in equipment BIOS and BMC firmware or PNOR and BMC firmware part carry out
Completeness check measurement.
In the main control chip of equipment firmware storage system integrate TPCM module, when equipment starting when TPCM module it is preferential on
Electricity, when the completion of TPCM module is normal to the integrity measurement and measurement results of BIOS and BMC firmware or PNOR and BMC firmware
When, execute the operation in step 1.
It includes: to light indicator light, the alarm that pipes, printing interface prompt misprint letter that the prompt, which has abnormal mode,
Breath or shutdown.
The invention discloses a kind of security measure methods in equipment running process, including in normally starting to equipment
Cheng Zhong carries out measurement and verification operation to operating system loader and operating system nucleus, equipment if being normally if measurement results
It is measured in real time into normal operating conditions, and to operating system, if discovery measurement results are abnormal, equipment shutdown, this
Inventive technique scheme can integrate TPCM module in main control chip to realize the multiplexing of solid-state memory, utilize main control chip reality
Existing TPCM security measure function, the object of measurement include the firmwares of various chips, OS LOADER, OS KERNEL and running
Operating system etc., to carry out comprehensive security measure to equipment.
Detailed description of the invention
Fig. 1 is in the embodiment of the present invention 1 for realizing the device figure of the TPCM storage system of the trust computing;
Fig. 2 is a kind of work flow diagram of trust computing implementation method in the embodiment of the present invention 1;
Fig. 3 is the work flow diagram of a kind of security measure method in the embodiment of the present invention 4 in equipment running process.
Specific embodiment
The present invention provides the implementation method and device of a kind of trust computing.To make the purpose of the present invention, technical solution and effect
Fruit is clearer, clear, and the present invention is described in more detail as follows in conjunction with drawings and embodiments.It should be appreciated that this place
Specific examples are only used to explain the present invention for description, is not intended to limit the present invention.
Description and claims of this specification and term " first ", " second ", " third " " in above-mentioned attached drawing
The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage
The data that solution uses in this way are interchangeable under appropriate circumstances, so that the embodiments described herein can be in addition to illustrating herein
Or the sequence other than the content of description is implemented.In addition, term " includes " and " having " and their any deformation, it is intended that
Cover it is non-exclusive include, for example, containing the process, method, system, product or equipment of a series of steps or units need not limit
In step or unit those of is clearly listed, but may include be not clearly listed or for these process, methods, produce
The other step or units of product or equipment inherently.
Embodiment one
The present invention for realizing the TPCM storage system of the trust computing device figure as shown in Figure 1, it mainly includes
Following functional module: main control chip is stored with TPCM firmware in the main control chip, for completing security measure function;
Credible password module TCM, for realizing trusted cryptography's verifying function;Cache chip, for being cached to data;FLASH/
DRAM module, for carrying out data storage;Power supply interface is used for after device power-up, by mainboard battery directly to described
The power supply of TPCM storage system, enables the main control chip in system preferentially power on;Data-interface, the data-interface can be supported
Data communication protocol SATA/SAS/PCIE etc. commonly used in the art.
Above-mentioned TPCM storage system proposed by the present invention increases dedicated compared with storage system common in the prior art
Power supply interface increases TPCM active control function inside main control chip, increases TCM module in system.It is wherein dedicated
Power supply interface is used for when equipment is also in pre-actuated state (state when having been turned on power supply but not completing starting), to described
Storage system power supply enables main control chip preferentially power on and then completes security measure function;After the completion of security measure work, enable
The normal electrifying startup of the components such as BIOS and CPU changes be powered by firmware memory data-interface to the storage system at this time,
Even the storage system restores normal operating conditions.
Attached drawing 2 shows the work flow diagram of the trust computing implementation method, comprising the following steps:
Step 1: whether detection device is in pre-actuated state, if then entering step 2.
Specifically, the pre-actuated state refers to that equipment has connected power supply but the also formal state completed when starting, than
Such as after having pressed starting key and equipment completes the state launched between life's work mode.
Step 2: detecting with the presence or absence of TPCM module in the storage system, if then first in the storage system
Main control chip powers on, and jumps to step 3;If otherwise equipment executes normal boot-strap process.
Specifically, corresponding flag bit is stored in FLASH/DRAM module in advance, if existing in the storage system
The flag bit is then set as 1 by TPCM module, and equipment preferentially supplies main control chip using power supply interface in next start-up course
Electricity;If TPCM module is not present in the storage system, the flag bit is set as 0, equipment is adopted in next start-up course
Component each in equipment is powered with power supply interface to enable it execute normal boot-strap process.
Specifically, the power supply interface realizes TPCM main control chip by mainboard battery, the power supply modes such as directly power
It preferentially powers on, above-mentioned power supply mode can enable main control chip rapidly enter normal operating conditions.
Step 3: after main control chip preferentially powers on, active safety measurement being carried out to equipment.
Specifically, carrying out active safety measurement to equipment includes carrying out integrality degree to the firmware of the BIOS unit in equipment
Amount.
Specifically, the TPCM module in the main control chip calls TCM module to carry out integrality to the firmware of BIOS unit
Measurement.
Step 4: if measurement results are normal, equipment normal boot-strap;If measurement results are exception, prompt have exception.
Specifically, if measurement results be it is normal, by the power supply mode of active chip by pass through power supply interface power supply conversion
To be powered by solid-state memory data-interface, that is, the usual power supply mode in the prior art to main control chip is converted to, to set
It is standby to enter normal operating conditions.
It includes: to light indicator light, the alarm that pipes, printing interface prompt misprint letter that the prompt, which has abnormal mode,
Breath or shutdown.
The technical solution of the present embodiment can integrate TPCM module in main control chip to realize solid-state memory master control core
The multiplexing of piece realizes TPCM security measure function using main control chip, to reduce the cost of trusted computing hardware, is convenient for the later period
Product promotion.
Wherein, the data communication protocol that the data-interface is communicated include SATA, SAS, PCIe, NVMe, SD, PMC,
VPX, XMC, CF, CFAST, PXIe, SCPCIe, USB, PATA, mSATA, OCP or CAPI.
Embodiment two
Equipment in the present embodiment is server, in the server further includes baseboard management controller BMC, for managing and
Control server.
Wherein after judging that the flag bit in storage system is 1, while the BIOS/firmware and BMC of measurement server
The integrality of firmware just continues to execute normal starting procedure in the case where being only all normally when the measurement results of the two, no
Then server is not switched on.
Embodiment three
It uses UEFI replacement tradition BIOS to guide to equipment in the present embodiment, then integrality is being carried out to equipment
Need to measure the integrality of BIOS/firmware when measurement.
Preferably, when the equipment is server, it is also necessary to while the BIOS/firmware of server and BMC has been carried out
Whole property measurement, only just continues to execute the normal boot-strap process of server, otherwise not when the measurement results of the two are all normal
Booting.
Example IV
A kind of security measure method in equipment running process is present embodiments provided, it is solid to being specified in equipment when completing
After the metric operations of part, equipment is carried out during normally starting, operations described below, operation stream are optionally continued to execute
Journey figure is as described in Figure 3.
Step 1: integrity measurement and verification being carried out to operating system loader (OS LOADER), if measurement results are positive
Often, then it executes OS LOADER and continues to execute step 2;Otherwise prompt has exception;
Specifically, the metric operations call TCM to complete by the TPCM module in main control chip.
Step 2: to operating system nucleus (OS KERNEL) carry out measurement and verification operation, if measurement results be it is normal,
OS KERNEL and load document system are run, and enters step 3;Otherwise prompt has exception;
Specifically, the metric operations call TCM to complete by the TPCM module in main control chip.
Step 3: equipment enters operating system, and TPCM carries out real-time metrics to operating system, if measurement results are exception,
Prompt has exception.
Specifically, the metric operations call TCM to complete by the TPCM module in main control chip, at predetermined time intervals between
Every completion to the security metrics of operating system.
Preferably, after equipment enters normal operating condition, TPCM can be configured to select by configuration interface
To one or more carry out security metrics of above-mentioned measurement item.
Wherein, it includes: to light indicator light, the alarm that pipes, printing interface prompt printing that the prompt, which has abnormal mode,
Error message or shutdown.
The technical solution of the present embodiment can integrate TPCM module in main control chip to realize solid-state memory master control core
The multiplexing of piece realizes TPCM security measure function using main control chip, and the object of measurement includes the firmware of various chips, OS
LOADER, OS KERNEL and running operating system etc., to carry out comprehensive security measure to equipment.
In several embodiments provided by the present invention, it should be understood that disclosed method and terminal can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the module, only
Only a kind of logical function partition, there may be another division manner in actual implementation.
In addition, the technical solution in above-mentioned several embodiments can be combined with each other and replace in the case where not conflicting
It changes.
The module as illustrated by the separation member may or may not be physically separated, aobvious as module
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.Some or all of the modules therein can be selected to realize the mesh of this embodiment scheme according to the actual needs
's.
It, can also be in addition, each functional module in each embodiment of the present invention can integrate in one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of hardware adds software function module.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie
In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter
From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power
Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims
Variation is included in the present invention.Any attached associated diagram label in claim should not be considered as right involved in limitation to want
It asks.Furthermore, it is to be understood that one word of " comprising " does not exclude other units or steps, odd number is not excluded for plural number.It is stated in system claims
Multiple modules or device can also be implemented through software or hardware by a module or device.The first, the second equal words
It is used to indicate names, and does not indicate any particular order.
Finally it should be noted that the above examples are only used to illustrate the technical scheme of the present invention and are not limiting, although reference
Preferred embodiment describes the invention in detail, those skilled in the art should understand that, it can be to of the invention
Technical solution is modified or equivalent replacement, without departing from the spirit and scope of the technical solution of the present invention.
Claims (6)
1. a kind of security measure method in equipment running process, which comprises the steps of:
Step 1:TPCM carries out integrity measurement and verification to operating system loader OS LOADER, if measurement results be it is normal,
It then executes the OS LOADER and continues to execute step 2;Otherwise prompt has exception;
Step 2:TPCM to operating system nucleus OS KERNEL carry out measurement and verification operation, if measurement results be it is normal, transport
The row OS KERNEL and load document system, and enter step 3;Otherwise prompt has exception;
Step 3: equipment enters operating system, and TPCM carries out real-time metrics to operating system, if measurement results are exception, prompts
There is exception.
2. the method as described in claim 1, which is characterized in that further include:
The metric operations call TCM to complete by the TPCM module in main control chip.
3. method according to claim 2, which is characterized in that TPCM described in the step 3 carries out operating system real-time
Measurement are as follows:
The security metrics to operating system are completed at interval at predetermined time intervals.
4. method as claimed in claim 3, which is characterized in that further include:
Before the step 1, by TPCM to BIOS the and BMC firmware or PNOR and BMC firmware progress integrality in equipment
Verification measurement.
5. method as claimed in claim 4, which is characterized in that further include:
TPCM module is integrated in the main control chip of equipment firmware storage system, when equipment starting, TPCM module is preferentially powered on,
When integrity measurement and measurement results of the completion of TPCM module to BIOS and BMC firmware or PNOR and BMC firmware are normal, hold
Operation in row step 1.
6. the method as described in claim 1, which is characterized in that it includes: to light indicator light, ring that the prompt, which has abnormal mode,
Cry alarm, printing interface prompt print error message or shutdown.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810092539.2A CN110096882B (en) | 2018-01-31 | 2018-01-31 | Safety measurement method in equipment operation process |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810092539.2A CN110096882B (en) | 2018-01-31 | 2018-01-31 | Safety measurement method in equipment operation process |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110096882A true CN110096882A (en) | 2019-08-06 |
| CN110096882B CN110096882B (en) | 2021-04-20 |
Family
ID=67442012
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810092539.2A Active CN110096882B (en) | 2018-01-31 | 2018-01-31 | Safety measurement method in equipment operation process |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110096882B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110609536A (en) * | 2019-08-29 | 2019-12-24 | 青岛海尔科技有限公司 | Method and device for controlling module in household appliance to be powered on and household appliance |
| CN111045743A (en) * | 2019-12-12 | 2020-04-21 | 海光信息技术有限公司 | Safe starting method, management method, device and equipment of operating system |
| CN112631670A (en) * | 2020-12-31 | 2021-04-09 | 联想(北京)有限公司 | Control method and device and electronic equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102279914A (en) * | 2011-07-13 | 2011-12-14 | 中国人民解放军海军计算技术研究所 | Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same |
| CN104866459A (en) * | 2015-05-29 | 2015-08-26 | 上海新储集成电路有限公司 | Storage chip |
| US20160028546A1 (en) * | 2012-09-28 | 2016-01-28 | Intel Corporation | Methods, systems and apparatus to self authorize platform code |
-
2018
- 2018-01-31 CN CN201810092539.2A patent/CN110096882B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102279914A (en) * | 2011-07-13 | 2011-12-14 | 中国人民解放军海军计算技术研究所 | Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same |
| US20160028546A1 (en) * | 2012-09-28 | 2016-01-28 | Intel Corporation | Methods, systems and apparatus to self authorize platform code |
| CN104866459A (en) * | 2015-05-29 | 2015-08-26 | 上海新储集成电路有限公司 | Storage chip |
Non-Patent Citations (1)
| Title |
|---|
| 王冠 等: "基于UEFI的BIOS 信任链的研究", 《微计算机信息》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110609536A (en) * | 2019-08-29 | 2019-12-24 | 青岛海尔科技有限公司 | Method and device for controlling module in household appliance to be powered on and household appliance |
| CN111045743A (en) * | 2019-12-12 | 2020-04-21 | 海光信息技术有限公司 | Safe starting method, management method, device and equipment of operating system |
| CN111045743B (en) * | 2019-12-12 | 2024-02-13 | 海光信息技术股份有限公司 | Operating system safe starting method, management method, device and equipment |
| CN112631670A (en) * | 2020-12-31 | 2021-04-09 | 联想(北京)有限公司 | Control method and device and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110096882B (en) | 2021-04-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP3697178B2 (en) | Method, system and computer program product for managing hardware devices | |
| CN107526665A (en) | Cabinet management system and shelf management method | |
| US20120185726A1 (en) | Saving Power in Computing Systems with Redundant Service Processors | |
| CN105144074A (en) | Block storage using a hybrid memory device | |
| CN110096882A (en) | A kind of security measure method in equipment running process | |
| EP2875431A1 (en) | System and method for operating system agnostic hardware validation | |
| CN103699463A (en) | Memory test method and memory test system of server utilizing Xeon processor | |
| CN104850792A (en) | Establishment method and apparatus of trust chain of server | |
| CN110119623A (en) | A kind of credible main board implementation method for realizing that firmware is actively measured using TPCM | |
| CN110096393A (en) | A kind of credible measure of server | |
| US20190228157A1 (en) | Computing device having two trusted platform modules | |
| US10853213B2 (en) | Validation of installation of removeable computer hardware components | |
| US7266628B2 (en) | System and method of retiring events upon device replacement | |
| CN109614154A (en) | A kind of computer safety start method | |
| WO2024022212A1 (en) | Configuration information management method and apparatus, and server | |
| CN110096885A (en) | A kind of realization device and method of trust computing | |
| US11010250B2 (en) | Memory device failure recovery system | |
| US7454687B2 (en) | Method and infrastructure for recognition of the resources of a defective hardware unit | |
| CN110119625A (en) | A kind of trusted computing method | |
| CN110096884A (en) | A kind of security measure method | |
| CN110096883A (en) | A kind of credible measure | |
| CN110781517B (en) | Method for realizing data interaction by BIOS and BMC communication | |
| CN110119624A (en) | A kind of security measure method | |
| CN107656855B (en) | System and method for reminding user of misplacing CPU | |
| CN114706715B (en) | Control method, device, equipment and medium for distributed RAID based on BMC |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |