CN217404863U - Extended password server based on cplie bus - Google Patents
Extended password server based on cplie bus Download PDFInfo
- Publication number
- CN217404863U CN217404863U CN202221544525.8U CN202221544525U CN217404863U CN 217404863 U CN217404863 U CN 217404863U CN 202221544525 U CN202221544525 U CN 202221544525U CN 217404863 U CN217404863 U CN 217404863U
- Authority
- CN
- China
- Prior art keywords
- cpu
- board
- bus
- password
- chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The utility model discloses an expandable password server based on a cppie bus, which comprises a plurality of expansion boards and a system board which are arranged in a single machine frame, wherein a physical CPCI-e bus is adopted between each expansion board and the system board for communication; the system board is provided with a first CPU which is used for carrying out bus arbitration and password information management on the expansion board and an SATA interface which is connected with the output end of the first CPU and supports hot plugging; the expansion board is provided with a second CPU which is used for being responsible for the safe storage of the secret key, the processing of the password service interface and the processing of the password protocol, an algorithm chip which is used for being responsible for the logic realization of the password algorithm and a physical noise source chip which is used for being responsible for the generation of a physical noise source, and the input ends of the algorithm chip and the physical noise source chip are respectively connected with the output end of the second CPU. The utility model discloses not only support cryptographic module hot plug function, still support the physics of equipment management and password business to keep apart and support multiple password business's physics to keep apart.
Description
Technical Field
The utility model relates to a data encryption technique technical field, concretely relates to extensible password server based on cplie bus.
Background
CPCI-e is a bus specification which is designed by a PICMG organization based on a PCI-e bus standard and is suitable for the field of industrial control, and the bus specification has the advantages of hot plug, easy expansion, corrosion resistance, high fixation, good shock resistance and the like.
In the technical field of commercial passwords in China, a password server usually adopts a technical architecture of a computer mainboard and a PCI-e password module, a CPU of the computer mainboard provides application protocol processing, and the PCI-e password module provides key safe storage and password algorithm logic processing.
However, the above technical architecture does not support the hot plug function of the cryptographic module, does not support the physical isolation between the device management and the cryptographic service, and does not support the physical isolation of various cryptographic services. Therefore, it is an urgent need to solve the problem in the prior art to provide a cryptographic server that supports a hot plug function of a cryptographic module, supports physical isolation of device management and cryptographic services, and supports physical isolation of multiple cryptographic services.
SUMMERY OF THE UTILITY MODEL
The utility model discloses the technical problem that needs to solve provides an extensible password server based on cplie bus, not only supports cryptographic module hot plug function, still supports the physics of equipment management and password business to keep apart and support multiple password business's physics to keep apart.
In order to solve the technical problem, the utility model adopts the following technical proposal.
An extensible password server based on a cppie bus comprises a plurality of extension boards and a system board which are arranged in a single machine frame, wherein each extension board and the system board are communicated by adopting a physical CPCI-e bus; the system board is provided with a first CPU which is used for carrying out bus arbitration and password information management on the expansion board and an SATA interface which is connected with the output end of the first CPU and supports hot plugging; the expansion board is provided with a second CPU which is used for being responsible for the safe storage of the secret key, the processing of the password service interface and the processing of the password protocol, an algorithm chip which is used for being responsible for the logic realization of the password algorithm and a physical noise source chip which is used for being responsible for the generation of a physical noise source, and the input ends of the algorithm chip and the physical noise source chip are respectively connected with the output end of the second CPU.
Preferably, the system board and the expansion board are correspondingly provided with memories for temporarily storing operation data in the first CPU or the second CPU, and input ends of the memories are connected with output ends of the first CPU or the second CPU.
Preferably, the system board and the expansion board are respectively provided with a network service interface suitable for a twisted pair connector, and an input end of the network service interface is connected with an output end of the first CPU or the second CPU.
Preferably, the system board and the expansion board are respectively provided with a USB interface, and an input end of the USB interface is connected with an output end of the first CPU or the second CPU.
Preferably, the system board is provided with a video display interface, and an input end of the video display interface is connected with an output end of the first CPU.
Preferably, a memory chip is arranged on the expansion board, and an input end of the memory chip is connected with an output end of the second CPU.
Preferably, the expansion board is provided with a light emitting diode for displaying the working state of the board card and a system button for restarting the board card after the board card fails.
Due to the adoption of the technical scheme, the utility model has the following technical progress.
The utility model can realize dynamic management of password service by means of hot plugging of the expansion board through the expansion board and the system board without newly increasing the space of the network cabinet; the expansion board and the system board are communicated by adopting a physical CPCI-e bus, the CPCIE adopts a point-to-point interconnection mode, each expansion board shares a channel bandwidth independently, the cipher service boards in the roles of the expansion boards are isolated from each other, no communication circuit connection exists, and meanwhile, the expansion board and the system board are provided with independent CPUs (central processing units), so that the physical isolation of equipment management and cipher services and the physical isolation of various cipher services can be supported.
Drawings
Fig. 1 is a block diagram of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and specific embodiments.
An extensible password server based on a cppie bus is shown in fig. 1 and comprises a plurality of extension boards and a system board, wherein the system board is responsible for bus arbitration of the extension boards and password information management of the extension boards; the expansion board is responsible for safe storage of the key, logic realization of a cryptographic algorithm, generation of a physical noise source, interface processing of a cryptographic service and processing of a cryptographic protocol. The expansion board and the system board are communicated by adopting a physical CPCI-e bus, the expansion board and the system board are arranged in a single machine frame, dynamic management of the password service module can be realized by a hot plug mode of the expansion board, and a newly-added network cabinet space is not required.
The system board is provided with a first CPCIe interface, a first CPU and an SATA interface, wherein the first CPU is used for taking charge of bus arbitration and password information management of the expansion board; the first CPCIe interface is used for realizing the communication between the system board and the expansion board, the input end of the first CPCIe interface is connected with a first PCI expansion bridging chip, and the input end of the first PCI expansion bridging chip is connected with the output end of the first CPU; the SATA interface supports hot plug, and the SATA interface is provided with four, and the input of SATA interface is connected with serial hardware drive controller, and serial hardware drive controller's input is connected with first CPU's output.
The system board is provided with a first PCI-e exchange chip, a second PCI-e exchange chip, a network service interface, a video display interface (VGA) and a USB interface, wherein the input end of the first PCI-e exchange chip is connected with the output end of the first CPU, and two output ends of the first PCI-e exchange chip are respectively connected with a first network control chip; the network service interfaces are two RJ45 suitable for a twisted pair connector, and the input ends of the two RJ45 are connected with the output ends of the two first network control chips in a one-to-one correspondence mode.
The input end of the second PCI-e exchange chip is connected with the output end of the first CPU, and the output end of the second PCI-e exchange chip is connected with a serial bus controller chip; the number of the USB interfaces is two, the USB interfaces are both USB3.0, and the input ends of the USB3.0 are respectively connected with the output end of the serial bus controller chip; the input end of the video display interface is connected with the output end of the second PCI-e exchange chip.
The expansion board is provided with a second CPCIe interface, a second CPU, a storage chip, a physical noise source chip and an algorithm chip, wherein the second CPU is used for being responsible for safe storage of a secret key, password service interface processing and password protocol processing, the output end of the second CPU is connected with a fourth PCI-e exchange chip, and the output end of the fourth PCI-e exchange chip is connected with a programmable chip; the input ends of the physical noise source chip and the algorithm chip are respectively connected with the output end of the programmable chip, the physical noise source chip is responsible for generating a physical noise source, and the algorithm chip is responsible for realizing the logic of the cryptographic algorithm.
The memory chip is embedded with software to realize multifunction and high performance, and support multiple protocols, multiple hardware and different applications.
The input end of the second CPCIe interface is connected with the output end of the first CPCIe interface to realize the communication of the CPCI-e bus between the expansion board and the system board, the output end of the second CPCIe interface is connected with a second PCI expansion bridging chip, the output end of the second PCI expansion bridging chip is connected with a second network control chip, the second network control chip is bidirectionally connected with another second network control chip, the input end of the other second network control chip is connected with a third PCI-e switching chip, and the input end of the third PCI-e switching chip is connected with the output end of the second CPU.
The expansion board is provided with two network service interfaces and a USB interface, wherein the two network service interfaces are RJ45 suitable for a twisted-pair connector, the input ends of the two RJ45 are respectively connected with a first network control chip, and the input end of the first network control chip is connected with the output end of a third PCI-e switching chip; the USB interface is one, is USB2.0, and USB 2.0's input is connected with the safety controller, and the safety controller is connected with programmable chip's both way.
The expansion board is provided with a Light Emitting Diode (LED) and a system button, wherein the LED is used for displaying the working state of the board card; the system button is used for restarting and resetting after the board card fails.
The system board and the expansion board are both provided with two memories and a power supply chip, wherein the memories are used for temporarily storing operation data in the first CPU or the second CPU, and the input ends of the memories are connected with the output ends of the first CPU or the second CPU; the power supply chip is used for controlling conversion, distribution, detection and the like of electric energy required on the system board or the expansion board.
When the utility model is used, the dynamic management of the password service can be realized by the hot plug expansion board without newly increasing the space of the network cabinet; the expansion board and the system board are communicated by a physical CPCI-e bus, the CPCIE adopts a point-to-point interconnection mode, each expansion board shares a channel bandwidth independently, the cipher service boards in the role of the expansion board are isolated from each other, no communication circuit connection exists, and meanwhile, the expansion board and the system board are provided with respective independent CPUs (central processing units), so that the physical isolation of equipment management and cipher services and the physical isolation of various cipher services can be supported.
Claims (7)
1. An extensible password server based on a cpcie bus is characterized in that: the system comprises a plurality of expansion boards and a system board which are arranged in a single machine frame, wherein each expansion board and the system board are communicated by adopting a physical CPCI-e bus; the system board is provided with a first CPU which is used for carrying out bus arbitration and password information management on the expansion board and an SATA interface which is connected with the output end of the first CPU and supports hot plugging; the expansion board is provided with a second CPU responsible for the safe storage of the secret key, the processing of a password service interface and the processing of a password protocol, an algorithm chip responsible for the logic realization of a password algorithm and a physical noise source chip responsible for the generation of a physical noise source, wherein the input ends of the algorithm chip and the physical noise source chip are respectively connected with the output end of the second CPU.
2. The cppie bus-based extensible cryptographic server of claim 1, wherein: and the system board and the expansion board are correspondingly provided with memories for temporarily storing operation data in the first CPU or the second CPU, and the input ends of the memories are connected with the output ends of the first CPU or the second CPU.
3. The cppie bus-based extensible cryptographic server of claim 1, wherein: and the system board and the expansion board are respectively provided with a network service interface suitable for a twisted-pair connector, and the input end of the network service interface is connected with the output end of the first CPU or the second CPU.
4. The cppie bus-based extensible cryptographic server of claim 1, wherein: and the system board and the expansion board are respectively provided with a USB interface, and the input end of the USB interface is connected with the output end of the first CPU or the second CPU.
5. The cppie bus-based extensible cryptographic server of claim 1, wherein: and a video display interface is arranged on the system board, and the input end of the video display interface is connected with the output end of the first CPU.
6. The cppie bus-based extensible cryptographic server of claim 1, wherein: and the expansion board is provided with a storage chip, and the input end of the storage chip is connected with the output end of the second CPU.
7. The cppie bus-based extensible cryptographic server of claim 1, wherein: and the expansion board is provided with a light-emitting diode for displaying the working state of the board card and a system button for restarting after the board card fails.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202221544525.8U CN217404863U (en) | 2022-06-20 | 2022-06-20 | Extended password server based on cplie bus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202221544525.8U CN217404863U (en) | 2022-06-20 | 2022-06-20 | Extended password server based on cplie bus |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN217404863U true CN217404863U (en) | 2022-09-09 |
Family
ID=83148853
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202221544525.8U Active CN217404863U (en) | 2022-06-20 | 2022-06-20 | Extended password server based on cplie bus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN217404863U (en) |
-
2022
- 2022-06-20 CN CN202221544525.8U patent/CN217404863U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107111588A (en) | The data transfer of PCIe protocol is used via USB port | |
| MX2012014354A (en) | Systems and methods for dynamic multi-link compilation partitioning. | |
| CN105119849A (en) | Switch architecture and data management method applied to same | |
| CN101557379B (en) | Link reconfiguration method for PCIE interface and device thereof | |
| CN204374963U (en) | A kind of server for encrypting module based on TCM chip | |
| CN208188815U (en) | BMC module system | |
| CN104021809A (en) | Universal serial bus (USB) storage | |
| CN209248436U (en) | A kind of expansion board clamping and server | |
| CN106961323B (en) | Key decryption board card, device, system and processing method | |
| CN217404863U (en) | Extended password server based on cplie bus | |
| CN112636932A (en) | Dynamic adjustment method and system for equipment power consumption | |
| CN107491408B (en) | Computing server node | |
| CN103457880A (en) | Switch system and method of operating a switch | |
| CN113032321B (en) | Address extension circuit, communication interface chip and communication system | |
| CN204189089U (en) | A kind of server | |
| CN210629540U (en) | Safety isolation control computer system | |
| CN103838696B (en) | Signal multiplex device and method between a kind of plate management and plate | |
| CN102946339B (en) | Main frame and the communication system from machine | |
| TWI398066B (en) | Distributed power management devices | |
| TWI564728B (en) | Microserver | |
| CN219122688U (en) | Double-blind-insertion device | |
| CN220305792U (en) | Switching structure and verification system | |
| TW201007466A (en) | Main board and interface control method for memory slot thereof | |
| CN216817425U (en) | USB key device | |
| CN112256603B (en) | Server and expansion equipment based on OCP |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP02 | Change in the address of a patent holder |
Address after: Room 405, Floor 4, 101, Building 11, Zone 16, No. 188, South Fourth Ring West Road, Fengtai District, Beijing, 100085 Patentee after: Beijing Gemi Technology Co.,Ltd. Address before: Room 02B-104, Block B (2nd Floor), No. 28, Information Road, Haidian District, Beijing 100085 Patentee before: Beijing Gemi Technology Co.,Ltd. |
|
| CP02 | Change in the address of a patent holder |