CN112784275B - Electronic device, boot image cloud deployment system and method - Google Patents

Electronic device, boot image cloud deployment system and method Download PDF

Info

Publication number
CN112784275B
CN112784275B CN201911060258.XA CN201911060258A CN112784275B CN 112784275 B CN112784275 B CN 112784275B CN 201911060258 A CN201911060258 A CN 201911060258A CN 112784275 B CN112784275 B CN 112784275B
Authority
CN
China
Prior art keywords
electronic device
boot image
boot
images
target files
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911060258.XA
Other languages
Chinese (zh)
Other versions
CN112784275A (en
Inventor
曾则达
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Realtek Semiconductor Corp
Original Assignee
Realtek Semiconductor Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Realtek Semiconductor Corp filed Critical Realtek Semiconductor Corp
Priority to CN201911060258.XA priority Critical patent/CN112784275B/en
Publication of CN112784275A publication Critical patent/CN112784275A/en
Application granted granted Critical
Publication of CN112784275B publication Critical patent/CN112784275B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

一种开机映像的云端部署系统及方法,该系统包括电子装置及伺服器。伺服器包括储存媒体及控制电路。电子装置用于发出请求指令。储存媒体用于储存多个开机映像,各个开机映像包括多个目的档,各个开机映像的目的档的组合顺序相异于其他开机映像的目的档的组合顺序。控制电路用于依据请求指令以将开机映像之一回传给电子装置,电子装置执行接收到的开机映像。

A cloud deployment system and method for a boot image, the system comprising an electronic device and a server. The server comprises a storage medium and a control circuit. The electronic device is used to issue a request instruction. The storage medium is used to store a plurality of boot images, each of which comprises a plurality of destination files, and the combination sequence of the destination files of each boot image is different from the combination sequence of the destination files of other boot images. The control circuit is used to transmit one of the boot images back to the electronic device according to the request instruction, and the electronic device executes the received boot image.

Description

电子装置、开机映像的云端部署系统及其方法Electronic device, boot image cloud deployment system and method

技术领域Technical Field

本案是关于云端开机领域,特别是一种云端部署开机映像的电子装置、开机映像的云端部署系统及其方法。This case relates to the field of cloud booting, and more particularly to an electronic device for cloud-deployment of a boot image, a cloud-deployment system for a boot image, and a method thereof.

背景技术Background Art

现今日常使用的电子装置在开机程序需要执行开机映像以启动电子装置的作业系统及程式,并且开机映像普遍在出厂时就搭载在电子装置中。但是制造厂商并不会为了单一电子装置个别订制开机映像,反而同一机型、甚至同一类型的电子装置通常搭载相同的开机映像以方便管理及维护。然而,具备相同开机映像的电子装置,由于搭载相同的程式码而可能成为骇客的攻击管道。Electronic devices commonly used today need to execute a boot image during the boot process to start the operating system and programs of the electronic device, and the boot image is generally installed in the electronic device when it leaves the factory. However, manufacturers do not customize the boot image for a single electronic device. Instead, the same model or even the same type of electronic devices usually carry the same boot image for easy management and maintenance. However, electronic devices with the same boot image may become a channel for hackers to attack because they carry the same program code.

当不同的电子装置具有相同的开机映像时,藉由分析其中一个电子装置中的开机映像,并且找出开机映像中的缺陷,骇客就可以依据这些缺陷去对其他的电子装置进行攻击。而且在某些情形,骇客甚至不需植入恶意程式码进电子装置中,而是运用程式码重用攻击(code-reuse attack)对电子装置进行恶意攻击。具体而言,程式码重用攻击是一种劫持控制流程,运用电子装置中既有的程式码段,拼凑出恶意程式的攻击手法。When different electronic devices have the same boot image, by analyzing the boot image in one of the electronic devices and finding the defects in the boot image, hackers can attack other electronic devices based on these defects. In some cases, hackers do not even need to implant malicious code into the electronic device, but use code reuse attacks to maliciously attack the electronic device. Specifically, code reuse attacks are a method of hijacking the control process and using existing code segments in the electronic device to piece together a malicious program.

因此,当面临到骇客使用程式码重用攻击时,搭载相同开机映像的电子装置很容易受到攻击,或者可说是毫不设防,而对于资安议题日趋重要的今日,具有这样缺陷的电子装置是需要改进的。Therefore, when faced with code reuse attacks by hackers, electronic devices equipped with the same boot image are vulnerable to attacks, or can be said to be completely defenseless. As information security issues become increasingly important today, electronic devices with such defects need to be improved.

发明内容Summary of the invention

有鉴于此,本案提出一种云端部署开机映像的电子装置、开机映像的云端部署系统及其方法。In view of this, the present invention proposes an electronic device for cloud-based deployment of a boot image, a cloud-based deployment system for a boot image, and a method thereof.

依据一些实施例,一种开机映像的云端部署系统包括电子装置及伺服器。伺服器包括储存媒体及控制电路。电子装置用于发出请求指令。储存媒体用于储存多个开机映像,各个开机映像包括多个目的档,各个开机映像的目的档的组合顺序相异于其他开机映像的目的档的组合顺序。控制电路用于依据请求指令以将开机映像之一回传给电子装置,电子装置执行接收到的开机映像。According to some embodiments, a cloud deployment system for a boot image includes an electronic device and a server. The server includes a storage medium and a control circuit. The electronic device is used to issue a request instruction. The storage medium is used to store a plurality of boot images, each of which includes a plurality of destination files, and the combination order of the destination files of each boot image is different from the combination order of the destination files of other boot images. The control circuit is used to return one of the boot images to the electronic device according to the request instruction, and the electronic device executes the received boot image.

依据一些实施例,电子装置包括通讯元件及控制器。控制器用于执行输入输出程式以初始化通讯元件。并于通讯元件初始化后,控制器发出请求指令。According to some embodiments, the electronic device includes a communication element and a controller. The controller is used to execute an input/output program to initialize the communication element. After the communication element is initialized, the controller issues a request instruction.

依据一些实施例,储存媒体更储存有对应电子装置的多个原始程式码。控制电路用以编译及组译原始程式码为目的档、随机排列目的档案、及建立对应目的档的连结地址,以及获得开机映像之一。According to some embodiments, the storage medium further stores a plurality of source codes corresponding to the electronic device. The control circuit is used to compile and assemble the source codes into a target file, randomly arrange the target file, establish a link address corresponding to the target file, and obtain one of the boot images.

依据一些实施例,储存媒体更储存有对应电子装置的多个原始程式码。伺服器具有一私钥,电子装置具有对应私钥的公钥。控制电路用以编译及组译原始程式码为目的档、随机排列目的档案、建立对应目的档的连结地址、及以私钥加密,以获得开机映像之一。电子装置以公钥解密并执行接收到的开机映像。According to some embodiments, the storage medium further stores a plurality of source codes corresponding to the electronic device. The server has a private key, and the electronic device has a public key corresponding to the private key. The control circuit is used to compile and assemble the source code into a target file, randomly arrange the target file, establish a link address corresponding to the target file, and encrypt with the private key to obtain one of the boot images. The electronic device decrypts and executes the received boot image with the public key.

依据一些实施例,一种云端部署开机映像的电子装置,包括通讯元件及控制器。控制器用于执行输入输出程式以初始化通讯元件。并于通讯元件初始化后,控制器发出请求指令,以及执行接收到的开机映像。According to some embodiments, an electronic device for deploying a boot image in the cloud includes a communication element and a controller. The controller is used to execute an input and output program to initialize the communication element. After the communication element is initialized, the controller issues a request instruction and executes the received boot image.

依据一些实施例,云端部署开机映像的电子装置更具有公钥。云端部署开机映像的电子装置以公钥解密并执行接收到的开机映像。According to some embodiments, the electronic device that deploys the boot image in the cloud further has a public key, and the electronic device that deploys the boot image in the cloud uses the public key to decrypt and execute the received boot image.

依据一些实施例,一种开机映像的云端部署方法,适于电子装置及伺服器。开机映像的云端部署方法包括:电子装置发出请求指令;伺服器储存多个开机映像,各个开机映像包括多个目的档,各个开机映像的目的档的组合顺序相异于其他开机映像的目的档的组合顺序;伺服器依据请求指令以将开机映像之一回传给电子装置;以及电子装置执行接收到的开机映像。According to some embodiments, a method for cloud deployment of a boot image is suitable for an electronic device and a server. The method for cloud deployment of a boot image includes: the electronic device sends a request instruction; the server stores a plurality of boot images, each boot image includes a plurality of target files, and the combination order of the target files of each boot image is different from the combination order of the target files of other boot images; the server returns one of the boot images to the electronic device according to the request instruction; and the electronic device executes the received boot image.

依据一些实施例,电子装置发出该请求指令之前,该开机映像的云端部署方法包括:电子装置执行输入输出程式以初始化电子装置的通讯元件;以及,于通讯元件初始化后,电子装置发出请求指令。According to some embodiments, before the electronic device issues the request command, the cloud deployment method of the boot image includes: the electronic device executes an input/output program to initialize a communication element of the electronic device; and, after the communication element is initialized, the electronic device issues a request command.

依据一些实施例,开机映像的云端部署方法更包括开机映像获得方法。开机映像获得方法包括:编译及组译电子装置对应的多个原始程式码为目的档;随机排列目的档案;建立对应目的档的连结地址;以及,获得开机映像之一。According to some embodiments, the cloud deployment method of the boot image further includes a boot image acquisition method. The boot image acquisition method includes: compiling and assembling multiple source codes corresponding to the electronic device into a target file; randomly arranging the target files; establishing a link address corresponding to the target file; and obtaining one of the boot images.

依据一些实施例,开机映像的云端部署方法更包括开机映像获得及验证方法。开机映像获得及验证方法包括:编译及组译电子装置对应的多个原始程式码为目的档;随机排列目的档案;建立对应目的档的连结地址;利用私钥加密以获得开机映像之一;以及,利用公钥解密并执行接收到的开机映像,其中公钥对应私钥。According to some embodiments, the cloud deployment method of the boot image further includes a boot image acquisition and verification method. The boot image acquisition and verification method includes: compiling and assembling multiple source codes corresponding to the electronic device into a target file; randomly arranging the target files; establishing a link address corresponding to the target file; encrypting with a private key to obtain one of the boot images; and decrypting and executing the received boot image with a public key, wherein the public key corresponds to the private key.

综上所述,本案一些实施例提出的开机映像的云端部署系统及其方法,能够在伺服器部署多个不同的开机映像,伺服器再依据电子装置的请求指令以提供其中一个开机映像给电子装置做执行。由于伺服器部署的开机映像是藉由随机组合排列目的档所获得的,所以每一个开机映像都在目的档的组合顺序都不相同,并且伺服器是随机提供任一个开机映像至电子装置,因此电子装置能获得不同的开机映像。由于电子装置在每一次开机执行的开机映像档可能都不相同,因此能避免被骇客进行攻击。In summary, the cloud deployment system and method of the boot image proposed in some embodiments of the present case can deploy multiple different boot images on the server, and the server then provides one of the boot images to the electronic device for execution based on the request instruction of the electronic device. Since the boot image deployed by the server is obtained by randomly combining and arranging the target file, each boot image has a different combination order in the target file, and the server randomly provides any boot image to the electronic device, so the electronic device can obtain a different boot image. Since the boot image file executed by the electronic device each time it is turned on may be different, it can avoid being attacked by hackers.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

图1绘示本案一些实施例的开机映像的云端部署系统的示意图。FIG. 1 is a schematic diagram of a cloud deployment system for a boot image according to some embodiments of the present invention.

图2绘示本案一些实施例的开机映像的示意图。FIG. 2 is a schematic diagram of a boot image according to some embodiments of the present invention.

图3绘示本案一些实施例的开机映像的云端部署方法的流程图。FIG. 3 is a flow chart of a method for cloud deployment of a boot image according to some embodiments of the present invention.

图4绘示本案一些实施例的开机映像的云端部署方法的流程图。FIG. 4 is a flow chart of a method for cloud deployment of a boot image according to some embodiments of the present invention.

符号说明Explanation of symbols

10 开机映像的云端部署系统10 Cloud deployment system for boot images

100 电子装置100 Electronic devices

120 控制器120 Controller

140 通讯元件140 Communication components

160 唯读储存元件160 Read-only storage element

180 随机储存元件180 Random Access Memory Components

R 请求指令R Request command

200 伺服器200 Server

220 控制电路220 Control circuit

222 编译器222 Compiler

224 组译器224 assembler

226 连结器226 Connector

240 储存媒体240 Storage Media

BI 开机映像BI Boot Image

LIB 函式库LIB library

DRV 驱动程式DRV Driver

OS 作业系统核心OS operating system core

OBJ 目的档OBJ destination file

SC 原始程式码SC Source Code

S100-S140 步骤S100-S140 Steps

S110’ 步骤S110’ Steps

具体实施方式DETAILED DESCRIPTION

在本案中,可能使用了「耦接」一词以及其衍生字词。在一些实施例中,「耦接」可用以表示二个或多个元件彼此直接地物理接触或电性接触,或者还可能意味者二或多个元件彼此间接地电性接触。「耦接」一词仍可用以表示二或多个元件彼此协作或互动。In this case, the word "coupled" and its derivatives may be used. In some embodiments, "coupled" may be used to indicate that two or more elements are in direct physical or electrical contact with each other, or it may also mean that two or more elements are in indirect electrical contact with each other. The word "coupled" may also be used to indicate that two or more elements cooperate or interact with each other.

图1绘示本案一些实施例的开机映像的云端部署系统10的示意图。开机映像的云端部署系统10包括电子装置100及伺服器200。电子装置100包括控制器120、通讯元件140、唯读储存元件160及随机储存元件180。伺服器200包括控制电路220及储存媒体240。电子装置100用于发出请求指令R,以及执行接收到的开机映像BI。伺服器200的储存媒体240用于储存多个开机映像BI。伺服器200的控制电路220用于依据请求指令R以将开机映像BI之一回传给电子装置100。其中,电子装置100及伺服器200之间透过网路进行讯号或档案的传输,并且不限于以有线网路或是无线网路的传输方式。在电子装置100中,控制器120耦接于通讯元件140、唯读储存元件160及随机储存元件180。在伺服器200中,控制电路220耦接于储存媒体240。FIG1 is a schematic diagram of a cloud deployment system 10 for boot images of some embodiments of the present invention. The cloud deployment system 10 for boot images includes an electronic device 100 and a server 200. The electronic device 100 includes a controller 120, a communication element 140, a read-only storage element 160, and a random access storage element 180. The server 200 includes a control circuit 220 and a storage medium 240. The electronic device 100 is used to issue a request instruction R and execute a received boot image BI. The storage medium 240 of the server 200 is used to store a plurality of boot images BI. The control circuit 220 of the server 200 is used to return one of the boot images BI to the electronic device 100 according to the request instruction R. Among them, the electronic device 100 and the server 200 transmit signals or files through the network, and are not limited to the transmission method of the wired network or the wireless network. In the electronic device 100, the controller 120 is coupled to the communication element 140, the read-only storage element 160, and the random access storage element 180. In the server 200 , the control circuit 220 is coupled to the storage medium 240 .

图2绘示本案一些实施例的开机映像BI的示意图。请同时参照图1及图2,在一些实施例中,各个开机映像BI包括多个目的档OBJ,各个开机映像BI的目的档OBJ的组合顺序相异于其他开机映像BI的目的档OBJ的组合顺序。也就是,这些目的档OBJ在各个开机映像BI之中组合顺序的并不相同。因此,每一次伺服器200将这些开机映像BI之一回传给电子装置100时,电子装置100收到的开机映像BI的目的档OBJ的组合顺序都不尽相同。依据一些实施例,当伺服器200是随机挑选开机映像BI给电子装置100,因此电子装置100几乎不会收到目的档OBJ的组合顺序相同的开机映像BI。FIG2 is a schematic diagram of a boot image BI of some embodiments of the present case. Please refer to FIG1 and FIG2 simultaneously. In some embodiments, each boot image BI includes multiple target files OBJ, and the combination order of the target file OBJ of each boot image BI is different from the combination order of the target file OBJ of other boot image BI. That is, the combination order of these target files OBJ is not the same in each boot image BI. Therefore, each time the server 200 returns one of these boot images BI to the electronic device 100, the combination order of the target file OBJ of the boot image BI received by the electronic device 100 is not exactly the same. According to some embodiments, when the server 200 randomly selects a boot image BI for the electronic device 100, the electronic device 100 will hardly receive a boot image BI with the same combination order of the target file OBJ.

请续参照图1,在一些实施例中,开机映像的云端部署系统10用于使电子装置100从伺服器200获得开机映像BI以执行开机程序。其中,电子装置100发出请求指令R至伺服器200,伺服器200依据请求指令R回传开机映像BI至电子装置100。具体而言,伺服器200储存有多个开机映像BI,而伺服器200依据请求指令R回传开机映像BI之中的任一个开机映像BI至电子装置100。需特别说明的是,依据一些实施例,这些储存在伺服器200中的各个开机映像BI虽然同样都能让电子装置100执行,但是这些开机映像BI是经过随机化处理获得的,因此这些开机映像BI其实不尽相同。由于伺服器200随机提供不同的开机映像BI给电子装置100,每一次电子装置100发出请求指令R时,电子装置100对应获得的开机映像BI都可能不相同,因此电子装置100能不用每次都执行相同的开机映像BI以进行开机程序。Please continue to refer to Figure 1. In some embodiments, the cloud deployment system 10 of the boot image is used to enable the electronic device 100 to obtain the boot image BI from the server 200 to execute the boot program. Among them, the electronic device 100 sends a request command R to the server 200, and the server 200 returns the boot image BI to the electronic device 100 according to the request command R. Specifically, the server 200 stores a plurality of boot images BI, and the server 200 returns any one of the boot images BI to the electronic device 100 according to the request command R. It should be particularly noted that according to some embodiments, although each of the boot images BI stored in the server 200 can be executed by the electronic device 100, these boot images BI are obtained through random processing, so these boot images BI are actually not the same. Since the server 200 randomly provides different boot images BI to the electronic device 100, each time the electronic device 100 issues a request command R, the corresponding boot image BI obtained by the electronic device 100 may be different. Therefore, the electronic device 100 does not need to execute the same boot image BI every time to perform the boot process.

在一些实施例中,开机映像BI储存于储存媒体240,控制电路220用于接收请求指令R,并且依据请求指令R在储存媒体240随机挑选一个开机映像BI回传给电子装置100。依据一些实施例,控制电路220依据乱数产生程式随机挑选开机映像BI。例如,乱数产生程式分别输出不重复的乱数给储存媒体240中的开机映像BI,每个开机映像BI各自具有一个对应的乱数,控制电路220挑选具有最大乱数的开机映像BI给电子装置100。In some embodiments, the boot image BI is stored in the storage medium 240, and the control circuit 220 is used to receive the request command R, and randomly select a boot image BI from the storage medium 240 according to the request command R and return it to the electronic device 100. According to some embodiments, the control circuit 220 randomly selects the boot image BI according to the random number generation program. For example, the random number generation program outputs non-repeating random numbers to the boot image BI in the storage medium 240, and each boot image BI has a corresponding random number. The control circuit 220 selects the boot image BI with the largest random number to the electronic device 100.

需特别说明的是,在一些实施例,电子装置100不限于本身是否有搭载开机映像BI。在电子装置100本身未搭载开机映像BI的情况,电子装置100在每次进行开机程序时都会发出请求指令R以获得开机映像BI。在一些实施例中,电子装置100并不是在开机时发出请求指令R,而是依据电子装置100的更新需求而发出请求指令R,例如原本执行的开机映像BI已使用超过特定使用期限或特定使用次数时。It should be noted that in some embodiments, the electronic device 100 is not limited to whether it is equipped with a boot image BI. In the case where the electronic device 100 is not equipped with a boot image BI, the electronic device 100 will issue a request command R to obtain the boot image BI each time the boot process is performed. In some embodiments, the electronic device 100 does not issue the request command R when booting, but issues the request command R based on the update requirements of the electronic device 100, such as when the originally executed boot image BI has been used for more than a specific period of time or a specific number of times.

在一些实施例,电子装置100实施开机的过程,电子装置100会先执行基本输入输出程式(BIOS,Basic Input/Output System),使得通讯元件140初始化完成之后才会发出请求指令R。具体而言,控制器120用于执行输入输出程式以初始化通讯元件140,并且在通讯元件140初始化后发出请求指令R。具体而言,通讯元件140的初始化代表启动通讯元件140的通讯功能,并且不限于将通讯元件140启动至正常通讯功能或是仅启动部分通讯功能(例如,仅开启部分通讯频宽、通讯速度、或通讯方式)。通讯元件140例如但不限于无线通讯电路、有线通讯电路或同时具备无线通讯及有线通讯的电路。在一些实施例中,请求指令R包括电子装置100的识别(ID,Identification)资讯,识别资讯例如但不限于电子装置100的型号、序号、或能转换成型号或/及序号的相关资讯。依据一些实施例,唯读储存元件160用于储存输入输出程式。控制器120从唯读储存元件160获得储存输入输出程式以执行初始化。唯读储存元件160例如唯读记忆体(Read-Only Memory,ROM)。In some embodiments, when the electronic device 100 performs a boot process, the electronic device 100 first executes a basic input/output program (BIOS) so that the request command R is issued only after the communication element 140 is initialized. Specifically, the controller 120 is used to execute the input/output program to initialize the communication element 140, and issue the request command R after the communication element 140 is initialized. Specifically, the initialization of the communication element 140 represents the activation of the communication function of the communication element 140, and is not limited to activating the communication element 140 to a normal communication function or only activating part of the communication function (for example, only opening part of the communication bandwidth, communication speed, or communication mode). The communication element 140 is, for example, but not limited to, a wireless communication circuit, a wired communication circuit, or a circuit that has both wireless communication and wired communication. In some embodiments, the request command R includes identification (ID) information of the electronic device 100, and the identification information is, for example, but not limited to, the model, serial number, or related information that can be converted into a model and/or serial number of the electronic device 100. According to some embodiments, the read-only storage element 160 is used to store the input/output program. The controller 120 obtains the storage input/output program from the read-only storage element 160 to perform initialization. The read-only storage element 160 is, for example, a read-only memory (ROM).

请同时参照图1及图2,在一些实施例,电子装置100接收并运行开机映像BI以执行开机程序。具体而言,由于开机映像BI包括函式库LIB、驱动程式DRV及作业系统核心(OS,Operation System),其中函式库LIB包括输入输出、存取、数学运算等函式,因此控制器120执行开机程序能使电子装置100中的作业系统及程式开始运作。依据一些实施例,驱动程式DRV用于将通讯元件140启动至正常通讯功能。随机储存元件180用于储存接收的开机映像BI。随机储存元件180例如快闪记忆体(Random Access Memory,RAM)。Please refer to FIG. 1 and FIG. 2 simultaneously. In some embodiments, the electronic device 100 receives and runs the boot image BI to execute the boot program. Specifically, since the boot image BI includes a function library LIB, a driver DRV and an operating system kernel (OS, Operation System), wherein the function library LIB includes functions such as input and output, access, and mathematical operations, the controller 120 executes the boot program to enable the operating system and programs in the electronic device 100 to start operating. According to some embodiments, the driver DRV is used to activate the communication element 140 to normal communication function. The random access memory element 180 is used to store the received boot image BI. The random access memory element 180 is, for example, a flash memory (Random Access Memory, RAM).

在一些实施例,伺服器200的控制电路220包括编译器(Compiler)222、组译器(Assembly)224及连结器(Linker)226。伺服器200的储存媒体240用于储存开机映像BI及对应电子装置100的多个原始程式码SC。其中原始程式码SC就是作业系统及软体的程式码。控制电路220藉由转换原始程式码SC成多个目的档OBJ,再随机排列目的档OBJ的顺序,最后连结目的档OBJ以获得开机映像BI。其中,原始程式码SC转换为目的档OBJ的过程,是透过编译器222的编译及组译器224的组译以完成。而连结目的档OBJ为开机映像BI的过程,则是透过连结器226依据目的档OBJ的排列顺序连结各个目的档OBJ的地址以完成。依据一些实施例,连结器226例如GNU连接器,藉由GNU连接器中的连结器脚本档案(Linker Script)以连结目的档OBJ的地址。需特别说明的是,目的档OBJ的地址例如但不限于电子装置100中的实体位置或虚拟位置。并且目的档OBJ的地址的连结方式不限于透过各自独立的跳接器(Jumper),或是透过映射表查表。In some embodiments, the control circuit 220 of the server 200 includes a compiler 222, an assembly 224, and a linker 226. The storage medium 240 of the server 200 is used to store the boot image BI and a plurality of source codes SC corresponding to the electronic device 100. The source code SC is the code of the operating system and the software. The control circuit 220 converts the source code SC into a plurality of target files OBJ, randomly arranges the order of the target files OBJ, and finally links the target files OBJ to obtain the boot image BI. The process of converting the source code SC into the target file OBJ is completed through the compilation of the compiler 222 and the assembly of the assembly 224. The process of linking the target file OBJ to the boot image BI is completed by linking the address of each target file OBJ according to the arrangement order of the target file OBJ through the linker 226. According to some embodiments, the linker 226 is, for example, a GNU linker, and the address of the target file OBJ is linked by a linker script file in the GNU linker. It should be particularly noted that the address of the target file OBJ is, for example, but not limited to, a physical location or a virtual location in the electronic device 100. And the linking method of the address of the target file OBJ is not limited to using independent jumpers or looking up a mapping table.

在一些实施例中,储存媒体240储存的各个开机映像BI包括多个目的档OBJ。其中,任一个开机映像BI中的目的档OBJ的组合顺序不同于其他开机映像BI中的目的档OBJ的组合顺序,也就是在各个开机映像档BI之间的目的档OBJ的组合顺序皆不相同。具体而言,开机映像BI包括函式库LIB、驱动程式DRV及作业系统核心OS,而函式库LIB、驱动程式DRV及作业系统核心OS分别包括多个目的档OBJ。在前述控制电路220获得开机映像BI的过程中,控制电路220至少会在开机映像BI之中挑选函式库LIB、驱动程式DRV及作业系统核心OS的其中一个进行目的档OBJ随机排列。并且,开机映像BI也可以是函式库LIB、驱动程式DRV及作业系统核心OS之中的目的档OBJ都进行随机排列,或是在函式库LIB、驱动程式DRV及作业系统核心OS之中任选两个进行目的档OBJ的随机排列。In some embodiments, each boot image BI stored in the storage medium 240 includes a plurality of target files OBJ. Among them, the combination order of the target file OBJ in any boot image BI is different from the combination order of the target file OBJ in other boot images BI, that is, the combination order of the target file OBJ between each boot image file BI is different. Specifically, the boot image BI includes a library LIB, a driver DRV and an operating system core OS, and the library LIB, the driver DRV and the operating system core OS respectively include a plurality of target file OBJ. In the process of the control circuit 220 obtaining the boot image BI, the control circuit 220 at least selects one of the library LIB, the driver DRV and the operating system core OS in the boot image BI to randomly arrange the target file OBJ. In addition, the boot image BI can also be a library LIB, a driver DRV and an operating system core OS The target file OBJ is randomly arranged, or any two of the library LIB, the driver DRV and the operating system core OS are randomly arranged for the target file OBJ.

请续参照图1,在一些实施例中,伺服器200能预先产生一定数量的开机映像BI,并储存于储存媒体240中。在一些实施例中,伺服器200能依据开机映像BI剩余的数量(即,还未回传给电子装置100使用的开机映像BI的数量),来决定是否要再产生更多的开机映像BI以预作准备。在一些实施例中,当伺服器200接收到请求指令R时,即使储存媒体240并没有预先制作好的开机映像BI,控制电路220也能依据请求指令R制作开机映像BI以提供给电子装置100。Continuing with reference to FIG. 1 , in some embodiments, the server 200 can generate a certain number of boot images BI in advance and store them in the storage medium 240. In some embodiments, the server 200 can determine whether to generate more boot images BI for preparation based on the remaining number of boot images BI (i.e., the number of boot images BI that have not been sent back to the electronic device 100 for use). In some embodiments, when the server 200 receives the request command R, even if the storage medium 240 does not have a pre-made boot image BI, the control circuit 220 can also make a boot image BI according to the request command R to provide it to the electronic device 100.

在一些实施例中,电子装置100具有公钥(图未绘示),伺服器200具有私钥(图未绘示),其中公钥对应于私钥。伺服器200的控制电路220获得开机映像BI的过程需要经由私钥加密,电子装置100的控制器120再利用公钥解密接收的开机映像BI。具体而言,控制电路220利用私钥对开机映像BI进行加密以形成的数位签章,而加密后的开机映像BI即具有此数位签章做为验证。控制电路220再将加密后的开机映像BI储存于储存媒体240中,也就是储存媒体240储存的开机映像BI是经过加密的。当电子装置100获得经过加密的开机映像BI后,电子装置100利用公钥对开机映像BI进行解密,以验证数位签章是否正确。当数位签章是正确时,电子装置100即可执行此经过验证的开机映像BI以进行开机程序。反之,当数位签章是错误时,电子装置100能重新发出请求指令R给伺服器200以重新回传开机映像BI。在一些实施例中,当数位签章是正确时,电子装置100才将开机映像BI储存于随机储存元件180中。依据一些实施例,控制电路220并不在产生开机映像BI的过程中加密,而是在控制电路220从储存媒体240中挑选出回传给电子装置100的开机映像BI之后,控制电路220才藉由私钥对开机映像BI进行加密。In some embodiments, the electronic device 100 has a public key (not shown), and the server 200 has a private key (not shown), wherein the public key corresponds to the private key. The process of the control circuit 220 of the server 200 obtaining the boot image BI needs to be encrypted by the private key, and the controller 120 of the electronic device 100 then uses the public key to decrypt the received boot image BI. Specifically, the control circuit 220 uses the private key to encrypt the boot image BI to form a digital signature, and the encrypted boot image BI has this digital signature as verification. The control circuit 220 then stores the encrypted boot image BI in the storage medium 240, that is, the boot image BI stored in the storage medium 240 is encrypted. When the electronic device 100 obtains the encrypted boot image BI, the electronic device 100 uses the public key to decrypt the boot image BI to verify whether the digital signature is correct. When the digital signature is correct, the electronic device 100 can execute this verified boot image BI to perform the boot procedure. On the contrary, when the digital signature is wrong, the electronic device 100 can re-issue the request command R to the server 200 to re-send the boot image BI. In some embodiments, when the digital signature is correct, the electronic device 100 stores the boot image BI in the random access memory element 180. According to some embodiments, the control circuit 220 does not encrypt the boot image BI during the process of generating the boot image BI, but after the control circuit 220 selects the boot image BI to be sent back to the electronic device 100 from the storage medium 240, the control circuit 220 encrypts the boot image BI by the private key.

在一些实施例中,开机映像的云端部署系统10不限于只包括一个电子装置100。例如,开机映像的云端部署系统10能同时包括多个电子装置100,并且不限于单一频型的电子装置100。并且伺服器200依据各个电子装置100对应的原始程式码SC,分别产生电子装置100各自对应的开机映像BI。由于电子装置100发出的请求指令R具有识别资讯,因此伺服器200能依据不同的电子装置100提供对应的开机映像BI。依据一些实施例,开机映像的云端部署系统10之中相对应的公钥及私钥不限于一组,例如开机映像的云端部署系统10能依据不同频型的电子装置100以搭配不同组的公钥及私钥。又或着对于单一特定的电子装置100,开机映像的云端部署系统10能提供单独一组的公钥及私钥以区别其他的电子装置100。In some embodiments, the cloud deployment system 10 for boot images is not limited to only one electronic device 100. For example, the cloud deployment system 10 for boot images can include multiple electronic devices 100 at the same time, and is not limited to electronic devices 100 of a single frequency. And the server 200 generates the boot images BI corresponding to each electronic device 100 according to the source code SC corresponding to each electronic device 100. Since the request command R issued by the electronic device 100 has identification information, the server 200 can provide the corresponding boot images BI according to different electronic devices 100. According to some embodiments, the corresponding public key and private key in the cloud deployment system 10 for boot images are not limited to one group. For example, the cloud deployment system 10 for boot images can match different groups of public keys and private keys according to electronic devices 100 of different frequencies. Or for a single specific electronic device 100, the cloud deployment system 10 for boot images can provide a single group of public keys and private keys to distinguish other electronic devices 100.

图3绘示本案一些实施例的开机映像的云端部署方法的流程图。参照FIG3 is a flow chart of a method for cloud deployment of a boot image in some embodiments of the present invention.

图3,在一些实施例,开机映像的云端部署方法,适于电子装置100及伺服器200执行。开机映像的云端部署方法包括以下步骤:电子装置100发出请求指令R(步骤S110);伺服器200储存多个开机映像BI,各个开机映像BI包括多个目的档OBJ,各个开机映像BI的目的档OBJ的组合顺序相异于其他开机映像BI的目的档OBJ的组合顺序(步骤S120);伺服器200依据请求指令R以将开机映像BI之一回传给电子装置100(步骤S130);以及,电子装置100执行接收到的开机映像BI(步骤S140)。FIG3 , in some embodiments, a cloud deployment method of a boot image is suitable for execution by an electronic device 100 and a server 200. The cloud deployment method of a boot image includes the following steps: the electronic device 100 issues a request command R (step S110); the server 200 stores a plurality of boot images BI, each boot image BI includes a plurality of target files OBJ, and the combination sequence of the target files OBJ of each boot image BI is different from the combination sequence of the target files OBJ of other boot images BI (step S120); the server 200 returns one of the boot images BI to the electronic device 100 according to the request command R (step S130); and the electronic device 100 executes the received boot image BI (step S140).

图4绘示本案一些实施例的开机映像的云端部署方法的流程图。参照图4,在一些实施例,开机映像的云端部署方法,适于电子装置100及伺服器200执行。开机映像的云端部署方法包括以下步骤:电子装置100执行输入输出程式以初始化电子装置的通讯元件140(步骤S100);于通讯元件140初始化后,电子装置100发出请求指令R(步骤S110’);伺服器200储存多个开机映像BI,各个开机映像BI包括多个目的档OBJ,各个开机映像BI的目的档OBJ的组合顺序相异于其他开机映像BI的目的档OBJ的组合顺序(步骤S120);伺服器200依据请求指令R以将开机映像BI之一回传给电子装置100(步骤S130);以及,电子装置100执行接收到的开机映像BI(步骤S140)。FIG4 is a flow chart of a method for cloud deployment of a boot image in some embodiments of the present invention. Referring to FIG4 , in some embodiments, the method for cloud deployment of a boot image is suitable for execution by an electronic device 100 and a server 200. The method for cloud deployment of a boot image includes the following steps: the electronic device 100 executes an input/output program to initialize the communication element 140 of the electronic device (step S100); after the communication element 140 is initialized, the electronic device 100 issues a request instruction R (step S110′); the server 200 stores a plurality of boot images BI, each boot image BI includes a plurality of target files OBJ, and the combination order of the target files OBJ of each boot image BI is different from the combination order of the target files OBJ of other boot images BI (step S120); the server 200 transmits one of the boot images BI back to the electronic device 100 according to the request instruction R (step S130); and the electronic device 100 executes the received boot image BI (step S140).

综上所述,本案一些实施例提出的开机映像的云端部署系统及其方法,能够在伺服器部署多个不同的开机映像,伺服器再依据电子装置的请求指令以提供其中一个开机映像给电子装置做执行。由于伺服器部署的开机映像是藉由随机组合排列目的档所获得的,所以每一个开机映像都在目的档的组合顺序都不相同,并且伺服器是随机提供任一个开机映像至电子装置,因此电子装置能获得不同的开机映像。由于电子装置在每一次开机执行的开机映像档可能都不相同,因此能避免被骇客进行攻击。在一些实施例中,开机映像的云端部署系统及其方法,更包括一对相对应的公钥及私钥,藉由伺服器以私钥加密开机映像,电子装置再以公钥解密开机映像,因此电子装置还能认证伺服器提供的开机映像是否正确。In summary, the cloud deployment system and method of the boot image proposed in some embodiments of the present case can deploy multiple different boot images on the server, and the server then provides one of the boot images to the electronic device for execution based on the request instruction of the electronic device. Since the boot image deployed by the server is obtained by randomly combining and arranging the target file, each boot image has a different combination order in the target file, and the server randomly provides any boot image to the electronic device, so the electronic device can obtain different boot images. Since the boot image file executed by the electronic device each time it is turned on may be different, it can avoid being attacked by hackers. In some embodiments, the cloud deployment system and method of the boot image further include a pair of corresponding public keys and private keys. The server encrypts the boot image with a private key, and the electronic device decrypts the boot image with a public key. Therefore, the electronic device can also authenticate whether the boot image provided by the server is correct.

Claims (8)

1.一种开机映像的云端部署系统,包括:1. A cloud deployment system for a boot image, comprising: 一电子装置,用于依据一更新请求以发出一请求指令;及An electronic device, used to issue a request instruction according to an update request; and 一伺服器,包括:A server, comprising: 一储存媒体,用于储存多个开机映像,每一该开机映像包括多个目的档,每一该开机映像的该些目的档的组合顺序相异于其他的该些开机映像的该些目的档的组合顺序;及A storage medium for storing a plurality of boot images, each of the boot images comprising a plurality of destination files, the combination order of the destination files of each boot image being different from the combination order of the destination files of the other boot images; and 一控制电路,用于依据该请求指令以将该些开机映像之一回传给该电子装置,该电子装置执行接收到的该开机映像,a control circuit for returning one of the boot images to the electronic device according to the request instruction, and the electronic device executes the received boot image; 其中,该储存媒体更储存有对应该电子装置的多个原始程式码,该控制电路用以编译及组译该些原始程式码为该些目的档、随机排列该些目的档案、及建立对应该些目的档的连结地址,以获得该些开机映像之一。The storage medium further stores a plurality of source codes corresponding to the electronic device, and the control circuit is used to compile and assemble the source codes into the target files, randomly arrange the target files, and establish link addresses corresponding to the target files to obtain one of the boot images. 2.根据权利要求1所述的开机映像的云端部署系统,其中该电子装置包括:2. The cloud deployment system of the boot image according to claim 1, wherein the electronic device comprises: 一通讯元件;及a communication component; and 一控制器,用于执行一输入输出程式以初始化该通讯元件,并于该通讯元件初始化后,发出该请求指令。A controller is used for executing an input and output program to initialize the communication element, and after the communication element is initialized, issuing the request instruction. 3.根据权利要求1所述的开机映像的云端部署系统,其中该储存媒体更储存有对应该电子装置的多个原始程式码,该伺服器具有一私钥,该电子装置具有对应该私钥的一公钥,该控制电路用以编译及组译该些原始程式码为该些目的档、随机排列该些目的档案、建立对应该些目的档的连结地址、及以该私钥加密,以获得该些开机映像之一,该电子装置以该公钥解密并执行该接收到的该开机映像。3. According to the cloud deployment system of the boot image as described in claim 1, wherein the storage medium further stores multiple source code corresponding to the electronic device, the server has a private key, and the electronic device has a public key corresponding to the private key, the control circuit is used to compile and assemble the source code into the target files, randomly arrange the target files, establish link addresses corresponding to the target files, and encrypt with the private key to obtain one of the boot images, and the electronic device decrypts with the public key and executes the received boot image. 4.一种电子装置,该电子装置用于云端部署开机映像,该电子装置包括:4. An electronic device for deploying a boot image in the cloud, the electronic device comprising: 一通讯元件;及a communication component; and 一控制器,用于执行一输入输出程式以初始化该通讯元件,并于该通讯元件初始化后,依据一更新请求以发出一请求指令,以及执行接收到的一开机映像。A controller is used for executing an input and output program to initialize the communication element, and after the communication element is initialized, sends a request instruction according to an update request, and executes a received boot image. 5.根据权利要求4所述的电子装置,更具有一公钥,该云端部署开机映像的电子装置以该公钥解密并执行该接收到的该开机映像。5 . The electronic device according to claim 4 , further comprising a public key, and the electronic device that deploys the boot image in the cloud uses the public key to decrypt and execute the received boot image. 6.一种开机映像的云端部署方法,适于一电子装置及一伺服器,该开机映像的云端部署方法包括:6. A method for cloud deployment of a boot image, suitable for an electronic device and a server, the method for cloud deployment of a boot image comprising: 该电子装置,依据一更新请求以发出一请求指令;The electronic device issues a request instruction according to an update request; 该伺服器储存多个开机映像,每一该开机映像包括多个目的档,每一该开机映像的该些目的档的组合顺序相异于其他的该些开机映像的该些目的档的组合顺序;The server stores a plurality of boot images, each of which includes a plurality of target files, and a combination order of the target files of each boot image is different from a combination order of the target files of other boot images; 该伺服器依据该请求指令以将该些开机映像之一回传给该电子装置;及The server returns one of the boot images to the electronic device according to the request command; and 该电子装置执行接收到的该开机映像,The electronic device executes the received boot image, 其中,该方法还包括更包括一开机映像获得方法,包括:The method further includes a method for obtaining a boot image, including: 编译及组译该电子装置对应的多个原始程式码为该些目的档;Compiling and assembling a plurality of source codes corresponding to the electronic device into the target files; 随机排列该些目的档案;Randomly arrange the target files; 建立对应该些目的档的连结地址;和Create links to those destination files; and 获得该些开机映像之一。Obtain one of the boot images. 7.根据权利要求6所述的开机映像的云端部署方法,其中,在该电子装置发出该请求指令之前,该开机映像的云端部署方法包括:7. The method for cloud deployment of a boot image according to claim 6, wherein before the electronic device issues the request instruction, the method for cloud deployment of a boot image comprises: 该电子装置执行一输入输出程式以初始化该电子装置的一通讯元件;及The electronic device executes an input/output program to initialize a communication element of the electronic device; and 于该通讯元件初始化后,该电子装置发出该请求指令。After the communication element is initialized, the electronic device issues the request instruction. 8.根据权利要求6所述的开机映像的云端部署方法,更包括一开机映像获得及验证方法,包括:8. The cloud deployment method of the boot image according to claim 6 further comprises a boot image acquisition and verification method, comprising: 编译及组译该电子装置对应的多个原始程式码为该些目的档;Compiling and assembling a plurality of source codes corresponding to the electronic device into the target files; 随机排列该些目的档案;Randomly arrange the target files; 建立对应该些目的档的连结地址;Create link addresses corresponding to these target files; 利用一私钥加密以获得该些开机映像之一;及Encrypting using a private key to obtain one of the boot images; and 利用一公钥解密并执行该接收到的该开机映像,其中该公钥对应该私钥。The received boot image is decrypted and executed using a public key, wherein the public key corresponds to the private key.
CN201911060258.XA 2019-11-01 2019-11-01 Electronic device, boot image cloud deployment system and method Active CN112784275B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911060258.XA CN112784275B (en) 2019-11-01 2019-11-01 Electronic device, boot image cloud deployment system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911060258.XA CN112784275B (en) 2019-11-01 2019-11-01 Electronic device, boot image cloud deployment system and method

Publications (2)

Publication Number Publication Date
CN112784275A CN112784275A (en) 2021-05-11
CN112784275B true CN112784275B (en) 2024-09-03

Family

ID=75747204

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911060258.XA Active CN112784275B (en) 2019-11-01 2019-11-01 Electronic device, boot image cloud deployment system and method

Country Status (1)

Country Link
CN (1) CN112784275B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102939587A (en) * 2010-03-31 2013-02-20 埃德图加拿大公司 Method for linking and loading to protect applications
CN107958155A (en) * 2016-10-17 2018-04-24 深圳市中兴微电子技术有限公司 A kind of system initialization method and device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7478147B2 (en) * 2005-07-21 2009-01-13 International Business Machines Corporation Method and apparatus for a secure network install
US20150234775A1 (en) * 2014-02-14 2015-08-20 Western Digital Technologies, Inc. Enabling file oriented access on storage devices

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102939587A (en) * 2010-03-31 2013-02-20 埃德图加拿大公司 Method for linking and loading to protect applications
CN107958155A (en) * 2016-10-17 2018-04-24 深圳市中兴微电子技术有限公司 A kind of system initialization method and device

Also Published As

Publication number Publication date
CN112784275A (en) 2021-05-11

Similar Documents

Publication Publication Date Title
US12050692B2 (en) Secure and flexible boot firmware update for devices with a primary platform
TWI454935B (en) Safely start and configure a subsystem from a non-local storage
CN108475319B (en) Birth certificate of device
US8560820B2 (en) Single security model in booting a computing device
US7194619B2 (en) Remotely booting devices in a dense server environment without manually installing authentication parameters on the devices to be booted
EP2084848B1 (en) Method for programming on-chip non-volatile memory in a secure processor, and a device so programmed
CN106537407B (en) root of trust
US10878101B2 (en) Trusted booting by hardware root of trust (HRoT) device
US9979703B2 (en) Updating software on a secure element
TWI598814B (en) System and method for managing and diagnosing a computing device equipped with unified extensible firmware interface (uefi)-compliant firmware
US9135444B2 (en) Trusted platform module (TPM) assisted data center management
US10565380B2 (en) Apparatus and associated method for authenticating firmware
US20150095652A1 (en) Encryption and decryption processing method, apparatus, and device
WO2017095565A1 (en) Methods and apparatus to provide for efficient and secure software updates
TWI865575B (en) Multiple device programming system with system generation
TWI768255B (en) Cloud deployment boot image electronic device, boot image cloud deployment system and method thereof
CN108595198B (en) Safe firmware updating method
CN116724309A (en) Apparatus and communication method
CN109150834A (en) A kind of embedded device license authorization management method
CN116070217A (en) Safe starting system and method for chip module
CN109508529B (en) Method for realizing safety starting verification of payment terminal
US12034569B2 (en) Gateway for remote provisioning of software
CN112585608A (en) Embedded equipment, legality identification method, controller and encryption chip
CN112784275B (en) Electronic device, boot image cloud deployment system and method
KR20190118894A (en) A secure boot method for secure usb device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant