CN1282092C - Safety chip information processing apparatus and starting method based on chip - Google Patents
Safety chip information processing apparatus and starting method based on chip Download PDFInfo
- Publication number
- CN1282092C CN1282092C CN 03153853 CN03153853A CN1282092C CN 1282092 C CN1282092 C CN 1282092C CN 03153853 CN03153853 CN 03153853 CN 03153853 A CN03153853 A CN 03153853A CN 1282092 C CN1282092 C CN 1282092C
- Authority
- CN
- China
- Prior art keywords
- bios
- safety chip
- module
- read
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Stored Programmes (AREA)
- Storage Device Security (AREA)
Abstract
The present invention provides a safety chip, an information processing appliance based on the safety chip and a starting method based on the chip. A storage for storing a BIOS is added in the original safety chip, and a main processor module in the safety chip is used for verifying operation for reading and writing the BIOS module. The main processor module integrally verifies a read BIOS code, and the identity of an operator for modifying the BIOS code is verified. Therefore, when the information processing appliance is started, the information processing appliance can successively integrally verify the BIOS, a bottom layer firmware, an operating system and an application module and can avoid the attack of the operating system and the application module. The present invention causes an attacker not to modify the BIOS code, and therefore, the attack of the BIOS is avoided.
Description
Technical field
The present invention relates to the computer security technique field, be meant that especially a kind of safety chip reaches messaging device and the startup method based on this chip.
Background technology
In the middle of reality, messaging device is widely used in the daily life.Messaging device mainly is meant PC (PC), notebook computer, palm PC, equipment such as mobile phone.For ease of the user messaging device is upgraded, Basic Input or Output System (BIOS) in the messaging device (BIOS:Basic Input Output System) is stored in this nonvolatile memory of flash memory (Flash) usually, and BIOS is usually by the object of virus, assault.Its attack pattern is to revise BIOS by run time version, thereby causes BIOS or operating system destroyed.Because BIOS is prior to operating system and virus detection software operation, it is very difficult therefore to remove the virus of checking among the BIOS by software mode.
The applicant is 03138380.7 at the application number that has proposed; denomination of invention is in a kind of safety chip and the patent application document based on the messaging device of this chip and method, and the method for a kind of safety chip and protection BIOS, bottom firmware, operating system and application module is provided.Described safety chip, comprise I/O interface module, main processor modules, memory module and cipher processor module, above-mentioned module interconnects by internal bus, wherein, the I/O interface module links to each other with external unit, the I/O interface module is controlled the instruction that receives external unit by main processor modules, and the operation result of external demand is returned to external unit; Main processor modules, at least comprise CPU and peripheral circuit, it is controlled the cipher processor module according to the instruction of receiving from the I/O interface module, result after handling is kept in the memory module, or according to instruction after will handling the result and memory module in the secret information preserved compare, and send the execution result that instructs to the I/O interface module; Perhaps, directly from memory module, take out secret information, send the I/O interface module to; The cipher processor module generates key under main processor modules control, and the information that the I/O interface module receives is carried out encryption and decryption handle, and the result after will handling returns to main processor modules; Memory module, the secret information that the secret information of storage security chip self, the secret information of external unit application module and cipher processor module generate.
Described guard method is: a, safety chip is set on mainboard; When b, log-on message treatment facility, verify the integrality of current bottom firmware, as correctly then finishing execution in step c behind the normal system initialization, otherwise stop to start this messaging device by safety chip; C, by the integrality of bottom firmware validation current operation system, as correct then normal operation system, otherwise stop loading of operating system.Above-mentioned is by in the start-up course of messaging device BIOS, bottom firmware, operating system being carried out integrity verification successively, thereby the clean boot of guarantee information treatment facility, afterwards, utilize various keys in built-in encrypting module generation of safety chip and the management system, application modules is carried out encryption and decryption, with the safety of application module in the information equipments such as assurance computing machine.
Figure 1 shows that the safety chip of prior art and the synoptic diagram between the mainboard.The CPU101 of messaging device links to each other with north bridge 102 on the mainboard, north bridge 102 directly links to each other respectively with static memory (SRAM) 104 with south bridge 103, south bridge 103 directly links to each other by LPC (Low Pin Count Bus) bus with super IO interface (SuperIO) 105, BIOS module 106 and safety chip 107 respectively, simultaneously, the CPU101 of messaging device directly links to each other with BIOS module 207a in the safety chip 207 by read-write control line.Whether safety chip 107 checks the BIOS module 106 on the mainboard to be illegally modified by completeness check.
Though said method can be verified the integrality of BIOS, but only avoided the destruction of the virus among the BIOS to operating system, safety chip can not prevent that BIOS itself is modified, can only be after finding that BIOS is modified, stop to start computing machine, thereby this method is the possible attack of passive reply.
Summary of the invention
In view of this, the object of the present invention is to provide a kind of startup method of messaging device, make the assailant not only can't attack operating system and application module in the messaging device, and can't attack the BIOS in the messaging device.
For achieving the above object, technical scheme of the present invention is achieved in that
A kind of startup method of messaging device, this method is based on a kind of safety chip, this safety chip comprises main processor modules, encrypting module, interface module and memory module at least, above-mentioned module interconnects by internal bus, further comprise in the memory module of this chip: the BIOS module of storage Basic Input or Output System (BIOS), wherein
Described BIOS module, at least comprise read-write control interface and internal bus interface, read-write control interface in the BIOS module links to each other with the CPU of this safety chip place equipment, receive the read-write that it sends, internal bus interface in the BIOS module links to each other with the main processor modules of safety chip inside, by main processor modules the operation of read-write BIOS module is verified;
Described main processor modules when powering in system, is carried out initialization to safety chip inside, and the read-write operation process of BIOS module is verified;
Described interface module links to each other with safety chip place equipment, under the control of main processor modules, makes safety chip and external unit carry out information interaction;
This method may further comprise the steps:
A, in advance described safety chip is set on mainboard;
When b, log-on message treatment facility, after safety chip carried out initialization to self, the signal that receives according to the read-write control interface of BIOS module was judged the BIOS module of its inside is carried out read operation or write operation, if read operation, execution in step c then is if write operation, then execution in step d;
C, the bios code of being read is carried out integrity verification, after checking is passed through, moves this bios code, again bottom firmware and operating system are carried out integrity verification after, normally start this messaging device;
D, the user who sends write signal is carried out authentication, after authentication is passed through, the bios code of safety chip inside is upgraded, again bottom firmware and operating system are carried out integrity verification after, normally start this messaging device.
Preferably, describedly the bios code of being read is carried out integrity verification may further comprise the steps:
C1, safety chip read bios code, and the bios code of being read are carried out integrality calculate;
C2, judge whether the completeness check code of the BIOS of preservation is consistent in advance in the completeness check code calculate and the safety chip, if, then move the bios code that is read, otherwise forbid moving the bios code that this is read, and send the prompting that has been illegally modified of this bios code to the CPU of messaging device.
Preferably, described steps d may further comprise the steps:
D1, safety chip require the user that the authentication password is provided;
D2, judge whether being used to of preserving in advance in authentication password that the user provides and the safety chip changed the authentication password of bios code consistent, if, then carry out bios code and upgrade operation, and after being stored in the code that upgrades in the safety chip, execution in step d3, otherwise execution in step d4;
D3, new bios code carried out integrality calculate, replace original integrity verification sign indicating number in the safety chip with the new integrity verification sign indicating number that obtains, simultaneously, new bios code replaced original bios code after, finish the renewal operation of bios code;
D4, forbid the code of BIOS is upgraded operation, and to the CPU of messaging device send this modification BIOS be operating as illegal operation after, finish the renewal operation of bios code.
Preferably, the authentication mode of described authentication password is a digital signature, or the symmetric cryptography form.
Use the present invention, increase the storer of storage BIOS in the inside of original safety chip, by the main processor modules in the safety chip operation of read-write BIOS module is verified, promptly the bios code of being read is carried out integrity verification, the operator who revises bios code is carried out authentication, thereby make messaging device when starting, not only can be to BIOS, the bottom firmware, operating system and application module carry out integrity verification successively, avoided attack to operating system and application module, and make the assailant can't revise bios code, thereby avoided attack to BIOS.
Description of drawings
Figure 1 shows that the safety chip of prior art and the synoptic diagram between the mainboard;
Fig. 2 a is depicted as and uses between safety chip of the present invention and the mainboard one and be connected the embodiment synoptic diagram;
Fig. 2 b is depicted as and uses that another is connected the embodiment synoptic diagram between safety chip of the present invention and the mainboard;
Figure 3 shows that and use connection diagram between inner each module of safety chip of the present invention;
Figure 4 shows that and use the process flow diagram that terminal of the present invention starts;
Figure 5 shows that and use the process flow diagram of reading bios code and verifying its integrality of the present invention;
Figure 6 shows that and use the process flow diagram that bios code is upgraded of the present invention.
Embodiment
For making purpose of the present invention, technical scheme and advantage clearer, below with reference to the accompanying drawing embodiment that develops simultaneously, the present invention is described in further details.
In the present invention, safety chip in the messaging device and the annexation between the mainboard are shown in Fig. 2 a or Fig. 2 b.The CPU101 of messaging device links to each other with north bridge 102 on the mainboard, north bridge 102 directly links to each other respectively with static memory (SRAM) 104 with south bridge 103, south bridge 103 directly links to each other by lpc bus with the safety chip 207 of super IO interface (SuperIO) 105 and embedded BIOS respectively, wherein, BIOS module 207a in the safety chip 207 of embedded BIOS can link to each other with south bridge 103 by different lpc bus interfaces respectively with existing safety chip module 207b, shown in Fig. 2 a, also can link to each other with south bridge 103, shown in Fig. 2 b by a lpc bus interface.Simultaneously, the CPU101 of messaging device directly links to each other with BIOS module 207a in the safety chip 207 by read-write control line.The interface that directly links to each other with safety chip place equipment among the BIOS module 207a is lpc bus interface, pci bus interface, USB interface, 1394 serial bus interfaces or general purpose I/O interface (GPIO).
In the present invention, the annexation between inner each module of safety chip as shown in Figure 3.At least comprise main processor modules 301, encrypting module 302, interface module 303 and memory module 304 in this safety chip, wherein, at least comprise CPU nuclear in the main processor modules 301, comprise RAM module 304a, chip operating system (COS) module 304b and BIOS module 304c in the memory module 304 again, contain control bios code interface that reads or writes and the internal bus interface that links to each other with main processor modules 301 among the BIOS module 304c at least.The storage medium of BIOS module 304c is FLASH, or erasable read-only memory (EEPROM); Interface module 303 links to each other with mainboard by lpc bus, pci bus, USB (Universal Serial Bus) bus, 1394 serial bus or general purpose I/O bus interface (GPIO).
When the messaging device that this safety chip is housed powered on, the chip operating system among the COS module 304b in the main processor modules 301 operation memory modules 304 to finish the initialization of chip internal, was verified the read-write operation process of BIOS module afterwards; Read-write control interface among the BIOS module 304c links to each other with the CPU of this safety chip place equipment, receive the read-write that it sends, internal bus interface among the BIOS module 304c links to each other with the main processor modules 301 of safety chip inside, is verified by the operation of 301 pairs of read-writes of main processor modules BIOS module 304c; Described interface module 303 links to each other with safety chip place equipment, under the control of main processor modules 301, makes safety chip and external unit carry out information interaction.
Be example with the terminal below, specify implementation procedure of the present invention:
Above-mentioned safety chip is set on the mainboard of terminal, under the environment of guaranteeing terminal safety, as: on the production line, or the user generates the integrity verification sign indicating number of BIOS and bottom firmware when using for the first time, is stored in it in safety chip respectively; The integrity verification sign indicating number of operating system is stored in bottom firmware or the safety chip; The integrity check sign indicating number of application module to be protected is stored in operating system or the safety chip.
Figure 4 shows that and use the process flow diagram that terminal of the present invention starts.
After step 404, safety chip verify the integrality of bottom firmware, execution in step 405;
After step 405, safety chip verify the integrality of operating system to be loaded, execution in step 406;
Figure 5 shows that and use the process flow diagram of reading bios code and verifying its integrality of the present invention.
Figure 6 shows that and use the process flow diagram that bios code is upgraded of the present invention.
Step 604 reads in advance the authentication password of preserving from memory unit, and judges whether the authentication password that this authentication password and user provide is consistent, if then execution in step 605, otherwise execution in step 609;
Step 605 is upgraded bios code, and the code that upgrades is stored in the memory unit;
Step 606 is carried out integrality to new bios code and is calculated, and obtains the integrity verification sign indicating number of new BIOS;
Step 607 is replaced the integrity verification sign indicating number of new BIOS the integrity verification sign indicating number of original BIOS;
Step 609 forbids bios code is upgraded, and point out this modification BIOS be operating as illegal operation after, finish to upgrade the flow process of bios code.
Use the present invention,, promptly the user who carries out write operation is carried out authentication, to guarantee the safety of BIOS as long as BIOS is carried out write operation.
The present invention is equally applicable to out of Memory treatment facilities such as palm PC or mobile phone.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being made, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (4)
1, a kind of startup method of messaging device, it is characterized in that, this method is based on a kind of safety chip, this safety chip comprises main processor modules, encrypting module, interface module and memory module at least, above-mentioned module interconnects by internal bus, further comprise in the memory module of this chip: the BIOS module of storage Basic Input or Output System (BIOS), wherein
Described BIOS module, at least comprise read-write control interface and internal bus interface, read-write control interface in the BIOS module links to each other with the CPU of this safety chip place equipment, receive the read-write that it sends, internal bus interface in the BIOS module links to each other with the main processor modules of safety chip inside, by main processor modules the operation of read-write BIOS module is verified;
Described main processor modules when powering in system, is carried out initialization to safety chip inside, and the read-write operation process of BIOS module is verified;
Described interface module links to each other with safety chip place equipment, under the control of main processor modules, makes safety chip and external unit carry out information interaction;
This method may further comprise the steps:
A, in advance described safety chip is set on mainboard;
When b, log-on message treatment facility, after safety chip carries out initialization to self, the signal that receives according to the read-write control interface of BIOS module, judgement is carried out read operation or write operation to the BIOS module of its inside, if read operation, execution in step c then is if write operation, then execution in step d;
C, the bios code of being read is carried out integrity verification, after checking is passed through, moves this bios code, again bottom firmware and operating system are carried out integrity verification after, normally start this messaging device;
D, the user who sends write signal is carried out authentication, after authentication is passed through, the bios code of safety chip inside is upgraded, again bottom firmware and operating system are carried out integrity verification after, normally start this messaging device.
2, method according to claim 1 is characterized in that, describedly the bios code of being read is carried out integrity verification may further comprise the steps:
C1, safety chip read bios code, and the bios code of being read are carried out integrality calculate;
C2, judge whether the completeness check code of the BIOS of preservation is consistent in advance in the completeness check code calculate and the safety chip, if, then move the bios code that is read, otherwise forbid moving the bios code that this is read, and send the prompting that has been illegally modified of this bios code to the CPU of messaging device.
3, method according to claim 1 is characterized in that, described steps d may further comprise the steps:
D1, safety chip require the user that the authentication password is provided;
D2, judge whether being used to of preserving in advance in authentication password that the user provides and the safety chip changed the authentication password of bios code consistent, if, then carry out bios code and upgrade operation, and after being stored in the code that upgrades in the safety chip, execution in step d3, otherwise execution in step d4;
D3, new bios code carried out integrality calculate, replace original integrity verification sign indicating number in the safety chip with the new integrity verification sign indicating number that obtains, simultaneously, new bios code replaced original bios code after, finish the renewal operation of bios code;
D4, forbid the code of BIOS is upgraded operation, and to the CPU of messaging device send this modification BIOS be operating as illegal operation after, finish the renewal operation of bios code.
4, method according to claim 3 is characterized in that, the authentication mode of described authentication password is a digital signature, or the symmetric cryptography form.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 03153853 CN1282092C (en) | 2003-08-25 | 2003-08-25 | Safety chip information processing apparatus and starting method based on chip |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 03153853 CN1282092C (en) | 2003-08-25 | 2003-08-25 | Safety chip information processing apparatus and starting method based on chip |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1591362A CN1591362A (en) | 2005-03-09 |
CN1282092C true CN1282092C (en) | 2006-10-25 |
Family
ID=34597888
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 03153853 Expired - Fee Related CN1282092C (en) | 2003-08-25 | 2003-08-25 | Safety chip information processing apparatus and starting method based on chip |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN1282092C (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101226572B (en) * | 2007-01-16 | 2010-05-19 | 瑞达信息安全产业股份有限公司 | Information safety computer for protecting basic input/output system safety |
CN102053874B (en) * | 2009-10-27 | 2013-01-02 | 英业达股份有限公司 | Method for protecting standby data |
CN109656606A (en) * | 2018-12-15 | 2019-04-19 | 深圳市捷诚技术服务有限公司 | POS terminal program more new control method, device, storage medium and terminal |
Families Citing this family (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101259706B1 (en) | 2002-10-22 | 2013-05-06 | 제이슨 에이. 설리반 | Non-peripherals processing control module having improved heat dissipating properties |
JP2006512691A (en) | 2002-10-22 | 2006-04-13 | アイシス テクノロジーズ | Non-peripheral processing control module with improved heat dissipation characteristics |
BR0315624A (en) | 2002-10-22 | 2005-08-23 | Jason A Sullivan | Rugged Customizable Computer Processing System |
CN1331017C (en) * | 2005-03-23 | 2007-08-08 | 联想(北京)有限公司 | Safety chip |
JP4769608B2 (en) * | 2006-03-22 | 2011-09-07 | 富士通株式会社 | Information processing apparatus having start verification function |
CN101247449B (en) * | 2007-02-14 | 2011-09-14 | 上海瑞达安全集成电路有限公司 | Information processing and conversion equipment with information security system |
CN102207910A (en) * | 2010-03-29 | 2011-10-05 | 联想(北京)有限公司 | Read-only memory, data safety protection system, data safety protection method and computer |
CN103069357A (en) * | 2010-06-07 | 2013-04-24 | 杰森·A·苏利万 | Systems and methods form providing a dynamically modular processing unit |
CN103186434A (en) * | 2011-12-31 | 2013-07-03 | 国民技术股份有限公司 | Method and system for recovering basic input/output system |
CN103514411A (en) * | 2012-06-25 | 2014-01-15 | 联想(北京)有限公司 | Method for starting electronic equipment and electronic equipment safety system |
CN103235921B (en) * | 2013-04-24 | 2016-03-30 | 华为技术有限公司 | A kind of computer system |
TWI520001B (en) * | 2013-11-13 | 2016-02-01 | 威盛電子股份有限公司 | Apparatus and method for securing bios |
CN104915591A (en) * | 2014-03-10 | 2015-09-16 | 联想(北京)有限公司 | Data processing method and electronic equipment |
CN105446751B (en) * | 2014-06-27 | 2019-04-23 | 联想(北京)有限公司 | A kind of information processing method and electronic equipment |
CN104881345B (en) * | 2015-05-25 | 2018-10-23 | 上海兆芯集成电路有限公司 | The method of central processing unit and computer booting self-test |
CN107491698A (en) * | 2016-06-12 | 2017-12-19 | 联想(上海)信息技术有限公司 | HDD encrypted firmwares update method, device and electronic equipment |
CN107590390A (en) * | 2016-07-06 | 2018-01-16 | 鸿富锦精密工业(武汉)有限公司 | Chip updates system and method |
CN107169378B (en) * | 2017-05-05 | 2020-08-04 | 天津市英贝特航天科技有限公司 | Method and equipment for encrypting computer during startup |
CN107358087B (en) * | 2017-07-07 | 2018-09-14 | 北京海泰方圆科技股份有限公司 | The information storage means and device of Bluetooth chip for Bluetooth identities authentication device |
CN108416217A (en) * | 2018-03-05 | 2018-08-17 | 山东超越数控电子股份有限公司 | A kind of SCM Based computer motherboard BIOS authentication system and method |
CN110659498A (en) * | 2018-06-29 | 2020-01-07 | 国民技术股份有限公司 | Trusted computing measurement method, system thereof and computer readable storage medium |
CN109542518B (en) * | 2018-10-09 | 2020-12-22 | 华为技术有限公司 | Chip and method for starting chip |
CN109992933A (en) * | 2019-04-03 | 2019-07-09 | 中电科技(北京)有限公司 | The firmware of PIN-based code authorization starts method |
CN111209560A (en) * | 2020-01-06 | 2020-05-29 | 杭州涂鸦信息技术有限公司 | Firmware protection method and device and electronic equipment |
-
2003
- 2003-08-25 CN CN 03153853 patent/CN1282092C/en not_active Expired - Fee Related
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101226572B (en) * | 2007-01-16 | 2010-05-19 | 瑞达信息安全产业股份有限公司 | Information safety computer for protecting basic input/output system safety |
CN102053874B (en) * | 2009-10-27 | 2013-01-02 | 英业达股份有限公司 | Method for protecting standby data |
CN109656606A (en) * | 2018-12-15 | 2019-04-19 | 深圳市捷诚技术服务有限公司 | POS terminal program more new control method, device, storage medium and terminal |
Also Published As
Publication number | Publication date |
---|---|
CN1591362A (en) | 2005-03-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1282092C (en) | Safety chip information processing apparatus and starting method based on chip | |
US10509734B2 (en) | Cryptographic pointer address encoding | |
CN1182678C (en) | Secure boot | |
CN101770386B (en) | Safe startup method for Linux embedded system | |
CN102063591B (en) | Methods for updating PCR (Platform Configuration Register) reference values based on trusted platform | |
CN1156785C (en) | Electronic data management system | |
JP4994903B2 (en) | Encryption key recovery method, information processing apparatus, and encryption key recovery program | |
CN111984962B (en) | Firmware security verification method and device | |
CN1302382C (en) | Verification method based on storage medium private space of USB flash memory disc | |
US7392404B2 (en) | Enhancing data integrity and security in a processor-based system | |
CN1853162A (en) | BIOS protection device | |
US20110093693A1 (en) | Binding a cryptographic module to a platform | |
JP5346608B2 (en) | Information processing apparatus and file verification system | |
CN101295262A (en) | System and method for securely updating firmware in devices by using a hypervisor | |
CN1702593A (en) | Safety chip | |
CN1786916A (en) | Secure booting apparatus and method | |
WO2006054128A1 (en) | Method and device for verifying the integrity of platform software of an electronic device | |
CN1647443A (en) | Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function | |
US11157181B2 (en) | Card activation device and methods for authenticating and activating a data storage device by using a card activation device | |
CN1716199A (en) | System and method for protected operating system boot using state validation | |
JP6930884B2 (en) | BIOS management device, BIOS management system, BIOS management method, and BIOS management program | |
CN104951701A (en) | Method for guiding terminal equipment operation system based on USB controller | |
CN112181513B (en) | Trusted measurement method based on control host system guidance of hardware board card | |
CN110874467A (en) | Information processing method, device, system, processor and storage medium | |
CN103823692A (en) | Computer operating system starting method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20061025 Termination date: 20200825 |
|
CF01 | Termination of patent right due to non-payment of annual fee |