CN114253576B - Method, device, storage medium and equipment for dual BIOS mirror image refreshing verification - Google Patents
Method, device, storage medium and equipment for dual BIOS mirror image refreshing verification Download PDFInfo
- Publication number
- CN114253576B CN114253576B CN202111517806.4A CN202111517806A CN114253576B CN 114253576 B CN114253576 B CN 114253576B CN 202111517806 A CN202111517806 A CN 202111517806A CN 114253576 B CN114253576 B CN 114253576B
- Authority
- CN
- China
- Prior art keywords
- bios
- verification
- rom1
- domain
- refreshed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012795 verification Methods 0.000 title claims abstract description 75
- 238000000034 method Methods 0.000 title claims abstract description 50
- 230000009977 dual effect Effects 0.000 title claims description 20
- 101001106432 Homo sapiens Rod outer segment membrane protein 1 Proteins 0.000 claims abstract description 22
- 102100021424 Rod outer segment membrane protein 1 Human genes 0.000 claims abstract description 22
- 101150065817 ROM2 gene Proteins 0.000 claims abstract description 17
- 230000006870 function Effects 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 8
- 238000012544 monitoring process Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 7
- 230000001360 synchronised effect Effects 0.000 description 3
- 230000014509 gene expression Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- JBWKIWSBJXDJDT-UHFFFAOYSA-N triphenylmethyl chloride Chemical compound C=1C=CC=CC=1C(C=1C=CC=CC=1)(Cl)C1=CC=CC=C1 JBWKIWSBJXDJDT-UHFFFAOYSA-N 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides a method, a device, a storage medium and equipment for refreshing and verifying double BIOS images, wherein the method comprises the steps of adding a verification module into the double BIOS images, wherein the verification module contains contents to be verified, when the system is started for the first time, one of the unrefreshed BIOS ROM1 verifies the verification module in the other refreshed BIOS ROM2, and if the system is correct, the system is started normally; if an error occurs, the BIOS ROM1 that is not refreshed is started. The invention adds the verification module, so that the unrefreshed BIOS ROM1 verifies the verification module in the other refreshed BIOS ROM2, and the two are verified alternately, thereby effectively improving the reliability.
Description
Technical Field
The present invention relates to the field of server technologies, and in particular, to a method, an apparatus, a storage medium, and a device for dual BIOS image refresh verification.
Background
With the development of computer science, computer security is more emphasized, and computer security concerns gradually change from software domain to hardware domain, wherein firmware security starts to move toward the field of view of engineers and developers. The dual-BIOS mirror server aims at enhancing the reliability of the firmware by the redundancy of the firmware, and on the dual-BIOS mirror server, the firmware refreshing has uncertain potential safety hazards, and most solutions for the potential hazards adopt a mode of introducing third-party hardware such as TPCM or checking independently, so that the steps are complex and meanwhile, the loopholes on the operation flow are unavoidable.
Therefore, providing a method for automatically improving the reliability and security of the BIOS refresh by the server is one of the problems to be solved at present.
Disclosure of Invention
Therefore, the present invention aims to provide a dual-BIOS image refreshing method, apparatus, storage medium and device, by adding a verification module, the non-refreshed BIOS ROM1 verifies the verification module in the other refreshed BIOS ROM2 alternately, thereby effectively improving reliability.
Based on the above objective, the present invention provides a method for refreshing and verifying dual BIOS images, in which a verification module is added into the dual BIOS images, the verification module contains the content to be verified, when the device is started for the first time, one of the unrefreshed BIOS ROMs 1 verifies the verification module in the other refreshed BIOS ROM2, and if the device is correct, the device is started normally; if an error occurs, the BIOS ROM1 that is not refreshed is started.
In some embodiments, the method further comprises:
the alternate verification is specifically that more than two sections of verification domains are added into the double BIOS images; one section of verification domain randomly distributes the verification domains in the BIOS ROM according to the sequence generated by the random generator, and the other section of verification domain writes the verification domains in the BIOS code into the fixed position of the BIOS ROM; and alternate verification is performed by the two BIOS ROMs.
In some embodiments, the method further comprises:
the BIOS adds a time stamp in compiling, connects the result of the security server, and submits information to the BMC log for storage.
In some embodiments, the method further comprises:
the verification domain is specifically a section of encrypted storage, which comprises signature information and a verification domain distribution sequence in another redundant BIOS ROM, and becomes VDS (Validation Domain Sequence, verification domain distribution sequence).
In some embodiments, the method further comprises:
the two BIOS ROMs alternately verify, when the startup is executed for the first time, the BIOS ROM1 authenticates the other BIOS ROM2 on the main board, the startup is restarted, then the BIOS ROM2 authenticates the BIOS ROM1, when the authentication is finished, the register locks the verification domain and the VDS, and the distribution sequence of the verification domains of the two BIOS ROMs is determined.
In some embodiments, the method further comprises:
also included is a BIOS SETUP for setting option functions.
In some embodiments, the method further comprises,
and submitting the information to the BMC, wherein the content of the submitted information comprises an error type error prompt.
In another aspect of the present invention, a dual BIOS image refresh verification apparatus is provided, including a verification module, where the verification module is configured to enable an unrefreshed BIOS ROM1 to find a refreshed BIOS ROM2 verification domain distribution sequence through VDS, and determine whether to be modified.
In yet another aspect of the present invention, there is also provided a computer readable storage medium storing computer program instructions which, when executed, implement any of the methods described above.
In yet another aspect of the present invention, there is also provided a computer device comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, performs any of the methods described above.
The invention has at least the following beneficial technical effects:
according to the invention, by adding the verification module, the verification module is added into the dual BIOS mirror image, the verification module contains the content to be verified, when the dual BIOS mirror image is started for the first time, one of the non-refreshed BIOS ROM1 verifies the verification module in the other refreshed BIOS ROM2, and if the non-refreshed BIOS ROM1 is correct, the dual BIOS mirror image is started normally; if an error occurs, the BIOS ROM1 which is not refreshed is started, so that the reliability of refresh verification is effectively improved.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are necessary for the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention and that other embodiments may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a dual BIOS image refresh verification method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a VD structure according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a BIOS mutual authentication method according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of BIOS SETUP according to an embodiment of the present invention;
FIG. 5 is a flowchart illustrating a dual BIOS image refresh verification method according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of a computer-readable storage medium implementing a resource monitoring method according to an embodiment of the present invention;
fig. 7 is a schematic hardware structure of a computer device for performing a resource monitoring method according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the following embodiments of the present invention will be described in further detail with reference to the accompanying drawings.
It should be noted that, in the embodiments of the present invention, all the expressions "first" and "second" are used to distinguish two non-identical entities with the same name or non-identical parameters, and it is noted that the "first" and "second" are only used for convenience of expression, and should not be construed as limiting the embodiments of the present invention. Furthermore, the terms "comprise" and "have," and any variations thereof, are intended to cover a non-exclusive inclusion, such as a process, method, system, article, or other step or unit that comprises a list of steps or units.
Based on the above objects, in a first aspect of the embodiments of the present invention, an embodiment of a dual BIOS image refresh verification method is provided. Fig. 1 is a schematic diagram of an embodiment of a dual BIOS image verification refresh method provided by the present invention. As shown in fig. 1 and 4, the embodiment of the invention includes the following steps:
s10, adding a verification module into the dual BIOS image, wherein the verification module comprises contents to be verified;
s20, when the computer is started for the first time, one of the unrefreshed BIOS ROM1 verifies the verification module in the other refreshed BIOS ROM2,
s30, if the power is correct, normally starting the machine;
s40, if an error occurs, starting the BIOS ROM1 which is not refreshed.
It will be appreciated that the above steps are merely exemplary of steps of a particular embodiment of the method of the present invention and are not intended to represent that the method must be performed in the order of the above steps, nor is it intended to be limiting of the order of the steps of the method of the present application.
In the embodiment of the invention, BIOS is a set of programs solidified on a ROM chip on a main board in a computer, which stores the most important programs of basic input and output, self-checking programs after starting up and system self-starting programs of the computer, and can read and write specific information of system settings from CMOS. Its main function is to provide the lowest, most direct hardware setup and control for the computer. In addition, the BIOS provides some system parameters to the operating system. The system hardware changes are hidden by the BIOS and the program uses the BIOS functions rather than directly controlling the hardware. Modern operating systems ignore the abstraction layer provided by the BIOS and directly control the hardware components.
In this embodiment, the verification module includes content to be verified, where the content includes more than two segments of verification domains; adding more than two sections of verification domains into the double BIOS mirror images; one section of verification domain randomly distributes the verification domain in the BIOS ROM1 according to the sequence generated by the random generator; the other verification field is written in the BIOS code in a fixed position in the BIOS ROM 2.
The method for alternately verifying the two BIOS ROMs as shown in FIG. 3 specifically comprises the following steps:
when the startup is executed for the first time, the unrefreshed BIOS ROM1 authenticates another refreshed BIOS ROM2 on the main board;
after restarting, the refreshed BIOS ROM2 is in turn authenticated to the unrefreshed BIOS ROM1;
and then the authentication is finished, the register locks the verification domain and the VDS, and the distribution sequence of the verification domains of the two BIOS ROMs is determined.
There are three current means of protecting BIOS ROM refresh: the VDS and sign signature information implies whether a correct VDS of the other party is known between the two BIOS. Therefore, the two BIOS ROMs are mutually keys and mutually locks, so that the reliability of the BIOS ROMs is ensured.
As shown in fig. 2, the verification domain is specifically an encrypted or unencrypted optional storage, and the content includes: the method comprises the steps that signature information is included, and a domain distribution sequence VDS (Validation Domain Sequence) is verified in another BIOS ROM with double BIOS redundancy;
optionally, the method further comprises: the BIOS compiling date and time stamp, the authentication content obtained by connecting the custom instruction with the BIOS manufacturer security server, the encryption algorithm and the like.
In this embodiment, the BIOS adds a time stamp during compiling, connects the result of the secure server, and submits information to the BMC log for saving.
In this embodiment, the information is submitted to the BMC, where the information content may include an error type and an error hint, and may further include signature information, where the verification domain distribution sequence VDS is in another BIOS ROM with dual BIOS redundancy; optionally, the method further comprises: the BIOS compiling date and time stamp, the authentication content obtained by connecting the custom instruction with the BIOS manufacturer security server, the encryption algorithm and the like.
In one embodiment, the information content of the error message is displayed on the BMC WEB interface.
In this embodiment, as shown in fig. 5, the BIOS SETUP is included for setting the option function. The BIOS SETUP refers to BIOS SETUP, which is a set of programs solidified on a ROM chip on a motherboard in a computer, which stores the most important basic input and output programs of the computer, the self-checking programs after startup and the system self-starting programs, and which can read and write specific information of the system SETUP from the CMOS.
Its function can be set up custom, for example: setting encryption algorithms, dual Image Independence, authentication fields, etc.
In another aspect of the present invention, the verification module is configured to enable the unrefreshed BIOS ROM1 to find the refreshed BIOS ROM2 verification domain distribution sequence through the VDS to determine whether to be modified.
In a third aspect of the embodiment of the present invention, a computer readable storage medium is further provided, and fig. 6 is a schematic diagram of a computer readable storage medium for implementing a resource monitoring method according to an embodiment of the present invention. As shown in fig. 6, the computer-readable storage medium 3 stores computer program instructions 31, which computer program instructions 31 are executable by a processor. The computer program instructions 31 when executed implement the method of any of the embodiments described above.
It should be understood that all of the embodiments, features and advantages set forth above for the resource monitoring method according to the invention equally apply to the resource monitoring system and storage medium according to the invention, without conflicting therewith.
In a fourth aspect of the embodiments of the present invention, there is also provided a computer device comprising a memory 402 and a processor 401, the memory storing a computer program which, when executed by the processor, implements the method of any of the embodiments described above.
Fig. 7 is a schematic hardware structure of an embodiment of a computer device for performing the resource monitoring method according to the present invention. Taking the example of a computer device as shown in fig. 7, a processor 401 and a memory 402 are included in the computer device, and may further include: an input device 403 and an output device 404. The processor 401, memory 402, input device 403, and output device 404 may be connected by a bus or otherwise, and in one or more embodiments of the present application are described in relation to example bus connections. The input device 403 may receive entered numeric or character information and generate key signal inputs related to user settings and function control of the resource monitoring system. The output 404 may include a display device such as a display screen.
The memory 402 is used as a non-volatile computer readable storage medium, and may be used to store non-volatile software programs, non-volatile computer executable programs, and modules, such as program instructions/modules corresponding to the resource monitoring method in the embodiments of the present application. Memory 402 may include a storage program area that may store an operating system, at least one application program required for functionality, and a storage data area; the storage data area may store data created by use of the resource monitoring method, and the like. In addition, memory 402 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some embodiments, memory 402 may optionally include memory located remotely from processor 401, which may be connected to the local module via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The processor 401 executes various functional applications of the server and data processing, i.e., implements the resource monitoring method of the above-described method embodiment, by running nonvolatile software programs, instructions, and modules stored in the memory 402.
Finally, it should be noted that the computer-readable storage media (e.g., memory) herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of example, and not limitation, nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which acts as external cache memory. By way of example, and not limitation, RAM may be available in a variety of forms such as synchronous RAM (DRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The storage devices of the disclosed aspects are intended to comprise, without being limited to, these and other suitable types of memory.
Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as software or hardware depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
The various illustrative logical blocks, modules, and circuits described in connection with the disclosure herein may be implemented or performed with the following components designed to perform the functions herein: a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof. A general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP and/or any other such configuration.
The foregoing is an exemplary embodiment of the present disclosure, but it should be noted that various changes and modifications could be made herein without departing from the scope of the disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosed embodiments may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
It should be understood that as used herein, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items. The foregoing embodiment of the present invention has been disclosed with reference to the number of embodiments for the purpose of description only, and does not represent the advantages or disadvantages of the embodiments.
Those of ordinary skill in the art will appreciate that: the above discussion of any embodiment is merely exemplary and is not intended to imply that the scope of the disclosure of embodiments of the invention, including the claims, is limited to such examples; combinations of features of the above embodiments or in different embodiments are also possible within the idea of an embodiment of the invention, and many other variations of the different aspects of the embodiments of the invention as described above exist, which are not provided in detail for the sake of brevity. Therefore, any omission, modification, equivalent replacement, improvement, etc. of the embodiments should be included in the protection scope of the embodiments of the present invention.
Claims (9)
1. A method for refreshing and verifying double BIOS images is characterized in that a verification module is added into the double BIOS images, wherein the verification module contains contents to be verified, when the system is started for the first time, one of the unrefreshed BIOS ROMs 1 verifies the verification module in the other refreshed BIOS ROM2, and if the system is correct, the system is started normally; if an error occurs, starting the BIOS ROM1 which is not refreshed; the content to be verified comprises more than two sections of verification domains, wherein the first verification domain is a random sequence randomly distributed in the BIOS ROM1; the second verification domain is a verification domain distribution sequence of the first verification domain written in a fixed position of the BIOS ROM 2.
2. The method of claim 1, wherein the BIOS adds a time stamp at compile time, connects the result of the secure server and submits the information to the BMC log for saving.
3. The method of dual BIOS image refresh verification according to claim 2, wherein the verification field is embodied as an encrypted piece of storage comprising signature information and a redundant distribution sequence of the verification field in another BIOS ROM.
4. The method of dual BIOS image refresh verification according to claim 2, wherein two BIOS ROMs alternate verification, at the first time of performing a boot-up, BIOS ROM1 authenticates another BIOS ROM2 on the motherboard, reboots, then BIOS ROM2 authenticates BIOS ROM1, and when authentication is completed, registers lock the verification domain and the verification domain distribution sequence, and determines the verification domain distribution sequences of the two BIOS ROMs.
5. The method of dual BIOS image refresh verification of claim 1, further comprising a BIOS SETUP for setting option functions.
6. The method of dual BIOS image refresh authentication of claim 3, wherein the contents of the commit message comprise an error type and an error hint.
7. The device for refreshing and verifying double BIOS images is characterized by comprising a verification module, wherein the verification module is used for enabling an unrefreshed BIOS ROM1 to find a refreshed BIOS ROM2 verification domain through a verification domain distribution sequence and determining whether the refreshed BIOS ROM2 verification domain is modified or not.
8. A computer readable storage medium, characterized in that computer program instructions are stored, which when executed implement the method of any of claims 1-6.
9. A computer device comprising a memory and a processor, wherein the memory has stored therein a computer program which, when executed by the processor, performs the method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111517806.4A CN114253576B (en) | 2021-12-13 | 2021-12-13 | Method, device, storage medium and equipment for dual BIOS mirror image refreshing verification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111517806.4A CN114253576B (en) | 2021-12-13 | 2021-12-13 | Method, device, storage medium and equipment for dual BIOS mirror image refreshing verification |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114253576A CN114253576A (en) | 2022-03-29 |
| CN114253576B true CN114253576B (en) | 2024-01-09 |
Family
ID=80792003
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111517806.4A Active CN114253576B (en) | 2021-12-13 | 2021-12-13 | Method, device, storage medium and equipment for dual BIOS mirror image refreshing verification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114253576B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104915591A (en) * | 2014-03-10 | 2015-09-16 | 联想(北京)有限公司 | Data processing method and electronic equipment |
| CN106960155A (en) * | 2017-03-28 | 2017-07-18 | 联想(北京)有限公司 | The update method and device of a kind of basic input output system |
| CN108196858A (en) * | 2017-12-22 | 2018-06-22 | 天津麒麟信息技术有限公司 | A kind of double BIOS systems and its implementation based on platform of soaring |
| WO2021212735A1 (en) * | 2020-04-23 | 2021-10-28 | 苏州浪潮智能科技有限公司 | Method, apparatus, and device for starting server securely, and medium |
-
2021
- 2021-12-13 CN CN202111517806.4A patent/CN114253576B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104915591A (en) * | 2014-03-10 | 2015-09-16 | 联想(北京)有限公司 | Data processing method and electronic equipment |
| CN106960155A (en) * | 2017-03-28 | 2017-07-18 | 联想(北京)有限公司 | The update method and device of a kind of basic input output system |
| CN108196858A (en) * | 2017-12-22 | 2018-06-22 | 天津麒麟信息技术有限公司 | A kind of double BIOS systems and its implementation based on platform of soaring |
| WO2021212735A1 (en) * | 2020-04-23 | 2021-10-28 | 苏州浪潮智能科技有限公司 | Method, apparatus, and device for starting server securely, and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114253576A (en) | 2022-03-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11843705B2 (en) | Dynamic certificate management as part of a distributed authentication system | |
| JP6373888B2 (en) | Information processing apparatus and control method | |
| JP6371919B2 (en) | Secure software authentication and verification | |
| US11829479B2 (en) | Firmware security verification method and device | |
| CN110990084B (en) | Chip secure starting method and device, storage medium and terminal | |
| US20100169750A1 (en) | Firmware verification using system memory error check logic | |
| WO2009107349A1 (en) | Information processing device | |
| US8250630B2 (en) | Detecting unauthorized computer access | |
| JPH10171648A (en) | Application authenticating device | |
| WO2017133559A1 (en) | Secure boot method and device | |
| US20200159512A1 (en) | Software installation method | |
| CN110555309A (en) | Starting method, starting device, terminal and computer readable storage medium | |
| KR101954439B1 (en) | Soc having double security features, and double security method for soc | |
| WO2019059148A1 (en) | Bios management device, bios management system, bios management method, and bios management program-stored recording medium | |
| CN114253576B (en) | Method, device, storage medium and equipment for dual BIOS mirror image refreshing verification | |
| US11269986B2 (en) | Method for authenticating a program and corresponding integrated circuit | |
| JP5759827B2 (en) | MEMORY SYSTEM, INFORMATION PROCESSING DEVICE, MEMORY DEVICE, AND MEMORY SYSTEM OPERATION METHOD | |
| JP6622360B2 (en) | Information processing device | |
| CN115964721A (en) | Program verification method and electronic equipment | |
| US20230010319A1 (en) | Deriving independent symmetric encryption keys based upon a type of secure boot using a security processor | |
| US20230015519A1 (en) | Automatically evicting an owner of a security processor | |
| US20240126886A1 (en) | Trusted Computing for Digital Devices | |
| US11816252B2 (en) | Managing control of a security processor in a supply chain | |
| US11977639B2 (en) | Indicating a type of secure boot to endpoint devices by a security processor | |
| US11256811B2 (en) | Secure boot at shutdown |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |