CN204374963U - A kind of server for encrypting module based on TCM chip - Google Patents
A kind of server for encrypting module based on TCM chip Download PDFInfo
- Publication number
- CN204374963U CN204374963U CN201520050151.8U CN201520050151U CN204374963U CN 204374963 U CN204374963 U CN 204374963U CN 201520050151 U CN201520050151 U CN 201520050151U CN 204374963 U CN204374963 U CN 204374963U
- Authority
- CN
- China
- Prior art keywords
- server
- module
- bus
- chip
- tcm chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Abstract
The utility model provides a kind of server for encrypting module based on TCM chip, belong to field of computer technology, comprise server master board and TCM chip, server master board connects FPGA data transmission module by lpc bus, FPGA data transmission module connects TCM chip by PCIE bus, TCM chip connects USART module by spi bus, USART model calling storage chip, and USART module connects hardware smart card by I2C bus.Based on the server for encrypting module of TCM chip mainly by management and control server master board BIOS data, the authentication based on 7816 agreements should be provided, and be communicated with mainboard by Standard PC IE interface, the monitoring of achievement unit divided data and encryption function.
Description
Technical field
The utility model relates to field of computer technology, specifically a kind of server for encrypting module based on TCM chip.
Background technology
TCM safety chip, TCM standard, i.e. the TCM(Trusted Cryptography Module of China's research and development, credible password module) standard.TCM safety chip is released by some IT enterprises in the United Nations of national Password Management office, and it is a kind of safety chip, and energy available protecting PC, prevents disabled user from accessing computer.Along with the develop rapidly of informatization, information security issue becomes increasingly conspicuous, and in networked information era, network attack, the problem of information leakage emerges in an endless stream, and does not have the information security technology of core, and we just will face severe information security situation.Particularly at the server industries being medium with large data.
Summary of the invention
Technical assignment of the present utility model solves the deficiencies in the prior art, there is provided a kind of general, be convenient to install the encrypting module based on domestic service end TCM chip, this module is mainly by management and control server master board BIOS data, authentication based on 7816 agreements is provided, and communicated with mainboard by Standard PC IE interface, the monitoring of achievement unit divided data and encryption function.
The technical solution of the utility model realizes in the following manner, should based on the server for encrypting module of TCM chip, comprise server master board and TCM chip, server master board connects FPGA data transmission module by lpc bus, FPGA data transmission module connects TCM chip by PCIE bus, TCM chip connects USART module by spi bus, USART model calling storage chip, and USART module connects hardware smart card by I2C bus.
USART module adopts STM32 USART module.
Storage chip adopts FLASH storage chip.
Hardware smart card adopts 7816 smart cards.
PCIE bus communicates with server master board, and TCM chip is realized and PCIE bus communication by the conversion of FPGA data transmission module data, realizes carrying out monitoring to server master board interface data transmission and encrypting.
The beneficial effect that the utility model is compared with prior art produced is:
Based on the server for encrypting module of TCM chip mainly by management and control server master board BIOS data, the authentication based on 7816 agreements should be provided, and be communicated with mainboard by Standard PC IE interface, the monitoring of achievement unit divided data and encryption function.
Management and control BIOS data should be had based on the server for encrypting module of TCM chip, the authentication based on 7816 agreements was provided, and by PCIE bus, the data after mainboard startup be monitored and encryption function.
Should based on server for encrypting module of TCM chip be a kind of general, be convenient to the encrypting module based on domestic service end TCM chip installed, this module is mainly by management and control server master board BIOS data, authentication based on 7816 agreements is provided, and communicated with mainboard by Standard PC IE interface, the monitoring of achievement unit divided data and encryption function.
Should simple, safe and reliable, easy to use based on server for encrypting reasonable module design of TCM chip, structure, be easy to safeguard, have good value for applications.
Accompanying drawing explanation
Accompanying drawing 1 is structural representation of the present utility model;
Accompanying drawing 2 is work block diagrams of the present utility model.
Mark in accompanying drawing represents respectively:
1, server master board, 2, lpc bus, 3, FPGA data transmission module, 4, PCIE bus, 5, TCM chip, 6, spi bus, 7, USART module, 8, storage chip, 9, I2C bus, 10, hardware smart card.
Embodiment
Below in conjunction with accompanying drawing, a kind of server for encrypting module based on TCM chip of the present utility model is described in detail below.
As shown in drawings, a kind of server for encrypting module based on TCM chip of the present utility model, comprise server master board and TCM chip, server master board 1 connects FPGA data transmission module 3 by lpc bus 2, FPGA data transmission module 3 connects TCM chip 5 by PCIE bus 4, TCM chip 5 connects USART module 7, USART module 7 by spi bus 6 and connects storage chip 8, USART module 7 and connect hardware smart card 10 by I2C bus 9.USART module 7 adopts STM32 USART module.Storage chip 8 adopts FLASH storage chip.Hardware smart card 10 adopts 7816 smart cards.PCIE bus 4 communicates with server master board 1, and TCM chip 5 realizes communicating with PCIE bus 4 by the conversion of FPGA data transmission module 3 data, realizes carrying out monitoring to server master board 1 interface data transmission and encrypting.
Should mainly comprise certain service end TCM encryption chip domestic based on the server for encrypting modular design of TCM chip, the functions such as crypto-operation service software interface, SPI interface, 7816 interface drivers were provided; Based on firmware and the hardware intelligent card interface of STM32F10X USART peripheral module, FPGA selects the model of Xilinx to be XC6SLX45 series, and the Nandflash storage chip of Toshiba, model is TC58NVG4D2HTAOO.
Equip after this server master board based on the server for encrypting module of TCM chip powers on, first system can check BIOS data, therewith the comparison of module Backup Data errorless after, if comparison is unsuccessful, system display error message also points out the BIOS data backed up when whether recovering to shut down for the last time, when user selects recover data and perform next step, system performs the smartcard identification system based on 7816 agreements, user uses authenticated smart card by after authentication, system starts, and start simultaneously the transmission of the data of server section interface is carried out monitor and encrypted.
First, after server system starts, module control CPU is in reset mode, FPGA is by lpc bus reading system BIOS data, with module stores comparing, after comparison information is errorless, start authentication: output error message after comparison mistake also points out whether recover BIOS information.User can select recover BIOS and start, and also can select to continue start up system.
Secondly, this module is by I2C bus and 7816 smart card communications, and after system starts authentication, insert after verifying smart card, identify and successfully then cancel cpu reset, system starts.
Finally, after system starts, this module is communicated with server master board by PCIE bus, and TCM chip is realized and PCIE bus communication by the conversion of FPGA data, thus realizes carrying out monitoring to server section interface data transmission and encrypting.
Application, based in the multi-unit server project of Loongson processor, through checking, can realize server master board encryption function, and monitor server section interface data transmission and encrypt.Therefore module adopts Standard PC IE interface, can promote the use of in other many moneys servers, have good generalization.
FPGA(Field-Programmable Gate Array), i.e. field programmable gate array, it is the product further developed on the basis of the programming devices such as PAL, GAL, CPLD.It occurs as a kind of semi-custom circuit in special IC (ASIC) field, has both solved the deficiency of custom circuit, overcomes again the shortcoming that original programming device gate circuit number is limited.
Spi bus: SPI (Serial Peripheral Interface--Serial Peripheral Interface (SPI)) bus system is a kind of synchronous serial Peripheral Interface, and it can make MCU and various peripherals carry out in a serial fashion communicating to exchange information.
USART:(Universal Synchronous/Asynchronous Receiver/Transmitter) universal synchronous/asynchronous serial reception/transmitter.USART is a full duplex universal synchronous/asynchronous serial transceiver module, and this interface is the serial communication device of a high flexible.
LPC(Low Pin Count): be the 33 MHz 4 bit parallel bus protocol based on Intel standard, the ISA bus protocol before replacing, both performances are similar.Lpc bus, it is that INTEL is originally in order to replace the bus standard that the backward X-BUS of low speed releases.Be generally used for the communication of mainboard South Bridge chip.
I2C(Inter-Integrated Circuit) bus is the twin wire universal serial bus developed by PHILIPS company, for connecting microcontroller and peripherals thereof.It is a kind of bus standard that microelectronics Control on Communication field extensively adopts.It is a kind of special shape of synchronous communication, has interface line few, and control mode is simple, and device package form is little, and traffic rate is advantages of higher comparatively.I2C bus supports any IC production run (CMOS, bipolarity).Transmission of information between the device of bus is being connected to by serial data (SDA) line and serial clock (SCL) line.Each device has a unique Address Recognition (no matter be microcontroller---MCU, LCD driver, storer or keyboard interface), and can as a transmitter or receiver (being determined by the function of device).LCD driver can only as receiver, and storer then both can receive and can send data.Except transmitter and receiver, device also can be counted as main frame or from machine when performing data transmission.Main frame is that the data of initialization bus are transmitted and produce the device of the clock signal allowing transmission.Now, any addressed device is all considered to from machine.Feature: only require two bus lines: a serial data line SDA, a serial time clock line SCL; , each device being connected to bus can be software set address by unique address and the simple main frame existed/from office always, main frame can as main frame transmitter or host receiver; It is real many host buses, if the initialization simultaneously of two or more main frames, data transmission can be destroyed by collision detection and arbitration prevent data; 8 bidirectional data transfers bit rate of serial can reach 100kbit/s under mode standard, can reach 400kbit/s, can reach 3.4Mbit/s under fast mode under quick mode; The maximum capacitor 400pF that the IC quantity being connected to same bus is only subject to bus limits.
ISO7816 defines the related specifications of contact intelligent card, comprises physical characteristics, interface specification, host-host protocol, command exchange format.
Claims (5)
1. the server for encrypting module based on TCM chip, comprise server master board and TCM chip, it is characterized in that: server master board connects FPGA data transmission module by lpc bus, FPGA data transmission module connects TCM chip by PCIE bus, TCM chip connects USART module by spi bus, USART model calling storage chip, USART module connects hardware smart card by I2C bus.
2. a kind of server for encrypting module based on TCM chip according to claim 1, is characterized in that USART module adopts STM32 USART module.
3. a kind of server for encrypting module based on TCM chip according to claim 1, is characterized in that storage chip adopts FLASH storage chip.
4. a kind of server for encrypting module based on TCM chip according to claim 1, is characterized in that hardware smart card adopts 7816 smart cards.
5. a kind of server for encrypting module based on TCM chip according to claim 1, it is characterized in that PCIE bus communicates with server master board, TCM chip is realized and PCIE bus communication by the conversion of FPGA data transmission module data, realizes carrying out monitoring to server master board interface data transmission and encrypting.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201520050151.8U CN204374963U (en) | 2015-01-26 | 2015-01-26 | A kind of server for encrypting module based on TCM chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201520050151.8U CN204374963U (en) | 2015-01-26 | 2015-01-26 | A kind of server for encrypting module based on TCM chip |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN204374963U true CN204374963U (en) | 2015-06-03 |
Family
ID=53331164
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201520050151.8U Expired - Fee Related CN204374963U (en) | 2015-01-26 | 2015-01-26 | A kind of server for encrypting module based on TCM chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN204374963U (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105718410A (en) * | 2016-01-19 | 2016-06-29 | 山东超越数控电子有限公司 | Adaptor for converting LPC (Low Pin Count) into SPI (Serial Peripheral Interface) and I2C based on FPGA (Field-Programmable Gate Array) and realizing method of adaptor |
| CN106971110A (en) * | 2017-03-31 | 2017-07-21 | 山东超越数控电子有限公司 | A kind of computer motherboard framework and operation method based on domestic safe processor |
| CN108108637A (en) * | 2016-12-31 | 2018-06-01 | 广州中大微电子有限公司 | A kind of three-in-one Table top type reader |
| CN108491724A (en) * | 2018-03-13 | 2018-09-04 | 山东超越数控电子股份有限公司 | A kind of hardware based computer interface encryption device and method |
| CN109542469A (en) * | 2018-11-26 | 2019-03-29 | 中国兵器装备集团自动化研究所 | A kind of BIOS chip replacement circuit implementation method |
| CN110298183A (en) * | 2019-06-26 | 2019-10-01 | 浪潮金融信息技术有限公司 | A kind of method of cascade protection data safety |
| CN111262703A (en) * | 2020-01-13 | 2020-06-09 | 浪潮金融信息技术有限公司 | Safe and credible Ethernet interface system and implementation method |
-
2015
- 2015-01-26 CN CN201520050151.8U patent/CN204374963U/en not_active Expired - Fee Related
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105718410A (en) * | 2016-01-19 | 2016-06-29 | 山东超越数控电子有限公司 | Adaptor for converting LPC (Low Pin Count) into SPI (Serial Peripheral Interface) and I2C based on FPGA (Field-Programmable Gate Array) and realizing method of adaptor |
| CN105718410B (en) * | 2016-01-19 | 2018-05-18 | 山东超越数控电子有限公司 | A kind of LPC based on FPGA and SPI and I2C conversion adapters and its implementation |
| CN108108637A (en) * | 2016-12-31 | 2018-06-01 | 广州中大微电子有限公司 | A kind of three-in-one Table top type reader |
| CN106971110A (en) * | 2017-03-31 | 2017-07-21 | 山东超越数控电子有限公司 | A kind of computer motherboard framework and operation method based on domestic safe processor |
| CN108491724A (en) * | 2018-03-13 | 2018-09-04 | 山东超越数控电子股份有限公司 | A kind of hardware based computer interface encryption device and method |
| CN109542469A (en) * | 2018-11-26 | 2019-03-29 | 中国兵器装备集团自动化研究所 | A kind of BIOS chip replacement circuit implementation method |
| CN109542469B (en) * | 2018-11-26 | 2022-07-01 | 中国兵器装备集团自动化研究所有限公司 | BIOS chip substitution circuit implementation method |
| CN110298183A (en) * | 2019-06-26 | 2019-10-01 | 浪潮金融信息技术有限公司 | A kind of method of cascade protection data safety |
| CN110298183B (en) * | 2019-06-26 | 2021-07-20 | 浪潮金融信息技术有限公司 | Method for protecting data security in grading manner |
| CN111262703A (en) * | 2020-01-13 | 2020-06-09 | 浪潮金融信息技术有限公司 | Safe and credible Ethernet interface system and implementation method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN204374963U (en) | A kind of server for encrypting module based on TCM chip | |
| US9575552B2 (en) | Device, method and system for operation of a low power PHY with a PCIe protocol stack | |
| EP2587385B1 (en) | Usb key device and method for realizing intelligent card communication using usb interface | |
| CN110687993B (en) | Controlling power delivery by tunneling messages over USB | |
| US9645954B2 (en) | Embedded microcontroller and buses | |
| CN101266590A (en) | Method and system for dynamically switching equipment arrangement | |
| CN101208682B (en) | Slave device with latched request for service | |
| CN107194257A (en) | A kind of trusted system based on domestic TCM chips | |
| CN101232556A (en) | Semiconductor integrated circuit and data processing system | |
| CN101923505A (en) | Test system and method of peripheral component interconnection rapid slot | |
| CN102455946B (en) | Detection and recovery circuit for exceptions of USB device, and method thereof | |
| CN212112457U (en) | Bus controller | |
| CN206075195U (en) | Based on 411 processor of Shen prestige and the CPCI industrial control computer mainboards of Shen Wei nest plates | |
| CN112116054A (en) | Multi-chip integrated card | |
| CN104102870B (en) | Electron underwriting authentication expansion equipment and information processing method | |
| CN104102869B (en) | Electron underwriting authentication expansion equipment and information processing method | |
| US20230418703A1 (en) | Autonomic troubleshooting of a system of devices | |
| CN103152464A (en) | Equipment, method and system of obtaining fixed phone calling information through wireless way | |
| CN206684724U (en) | A kind of server module management control system | |
| CN102938034B (en) | Working method for conversion device | |
| CN101697148B (en) | A kind of method and system improving interface rate of computer memory cards | |
| CN206193919U (en) | Staple commodities order repurchase system based on PCI E encrypts card | |
| CN111158441A (en) | ARM mainboard with encryption and anti-disassembly functions | |
| CN214122825U (en) | Industrial control mainboard based on TengRui D2000 treater | |
| CN206209731U (en) | A kind of computer and its mainboard |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150603 Termination date: 20180126 |