JP7176084B1 - Information processing device and control method - Google Patents

Abstract

An object of the present invention is to appropriately control unauthorized access in password authentication. An information processing apparatus includes a CPU (Central Processing Unit) that executes a BIOS program and an EC (Embedded Controller) that executes at least a program for controlling startup. By executing the BIOS program, the CPU performs authentication processing for performing password authentication by password input, and when predetermined conditions regarding password authentication failure by authentication processing are satisfied, according to the type of password that failed password authentication Then, an instruction regarding start-up control after shutdown is transmitted to the EC, and a stop control process for instructing shutdown is performed. The EC performs activation control processing for controlling the activation of the BIOS based on the instruction regarding activation control acquired from the CPU. [Selection drawing] Fig. 5

Description

The present invention relates to an information processing apparatus and control method.

As one method of preventing unauthorized access to a computer, it is common practice to protect login to a system and access to a disk drive with a password (for example, Patent Document 1). For example, BIOS (Basic Input Output System) supports a plurality of passwords with different protection targets, such as a power-on password, a supervisor password, and a hard disk password, as system boot requirements.

JP 2013-033557 A

For example, if password authentication fails more than a certain number of times, the system is shut down to prevent unauthorized access. In this case, it is generally possible to enter the password by restarting the system, but there is a demand for restricting the system startup with passwords for highly important protection targets in order to further improve security. On the other hand, there is also a demand that it is more convenient to be able to repeatedly input passwords that are not of relatively high importance after a certain period of time.

SUMMARY OF THE INVENTION It is an object of the present invention to provide an information processing apparatus and a control method for performing appropriate control against unauthorized access in password authentication.

The present invention has been made to solve the above problems, and an information processing apparatus according to a first aspect of the present invention includes a first memory that stores a BIOS (Basic Input Output System) program; A CPU (Central Processing Unit) that executes a program stored in one memory, a second memory that stores at least a program that controls the power supply, and an EC that executes the program stored in the second memory ( The CPU executes the BIOS program stored in the first memory to perform authentication processing for performing password authentication by entering a password, and password authentication by the authentication processing. a stop control process of sending an instruction regarding startup control after shutdown to the EC and instructing the shutdown according to the type of the password for which the password authentication fails when a predetermined condition regarding failure is satisfied; and the EC executes a program stored in the second memory to perform boot control processing for controlling booting of the BIOS based on the boot control instruction acquired from the CPU. conduct.

In the above information processing apparatus, the start-up control includes first start-up control that permits start-up of the BIOS but does not accept the password input for a certain period of time, and the EC instructs the first start-up control from the CPU. is obtained, time measurement processing is performed to start measuring time, and when a trigger for starting the BIOS is detected, in the start control processing, an instruction to start the BIOS and time measurement by the time measurement processing are performed. The CPU is notified of the elapsed time since the start, and the CPU, in response to obtaining an instruction to start the BIOS from the EC, performs a start process to start the BIOS, and from the EC Based on the acquired elapsed time, it may be controlled not to accept the input of the password for which the password authentication failed in the authentication process for a certain period of time.

In the above information processing apparatus, the boot control includes a second boot control that prohibits booting of the BIOS for a certain period of time, and the EC receives an instruction for the second boot control from the CPU. A timing process for starting measurement may be performed, and activation of the BIOS may be prohibited until an elapsed time from the start of time measurement by the timing process reaches a preset time.

In the above information processing apparatus, the boot control includes a third boot control that prohibits booting of the BIOS, and the EC activates the BIOS when receiving an instruction for the third boot control from the CPU. may be prohibited.

In the information processing device, the CPU, in the stop control process, performs the first activation control, the Either the second activation control or the third activation control may be selected.

In the information processing device, which one of the first activation control, the second activation control, and the third activation control is selected is set in advance according to the type of the password for which the password authentication fails. may be

In the above information processing apparatus, the user sets which of the first activation control, the second activation control, and the third activation control is selected according to the type of the password for which the password authentication fails. It may be possible.

In the above information processing apparatus, the EC may notify the CPU of the number of times the BIOS activation trigger is detected during the certain period of time in the activation control process.

Further, it comprises a CPU (Central Processing Unit) that executes a BIOS (Basic Input Output System) program and an EC (Embedded Controller) that executes at least a program for controlling startup according to the second aspect of the present invention. A control method in an information processing apparatus comprises the step of performing password authentication by the CPU by inputting a password; a step of sending an instruction regarding start-up control after shutdown to the EC and instructing the shutdown; and the EC performing control regarding start-up of the BIOS based on the instruction regarding the start-up control acquired from the CPU. and a step.

According to the above aspect of the present invention, it is possible to provide an information processing apparatus that performs appropriate control against unauthorized access in password authentication.

1 is a perspective view showing the appearance of an information processing apparatus according to an embodiment; FIG. 1 is a block diagram showing an example of a hardware configuration of an information processing apparatus according to an embodiment; FIG. 4A and 4B are diagrams showing examples of lock modes according to the embodiment; FIG. FIG. 4 is a diagram showing an example of correspondence between lock modes and password types according to the embodiment; FIG. 2 is a block diagram showing an example of a functional configuration for restricting unauthorized access according to the embodiment; 4 is a flowchart showing an example of unauthorized access restriction processing on the BIOS side according to the embodiment; 4 is a flowchart showing an example of unauthorized access restriction processing on the EC side according to the embodiment;

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
[Overview of information processing device]
FIG. 1 is a perspective view showing the appearance of an information processing apparatus according to this embodiment.
The illustrated information processing apparatus 10 is a clamshell notebook PC (Personal Computer). The information processing apparatus 10 includes a display housing 101 in which a display unit 14 (display) is mounted, a device housing 102 in which a keyboard 32 is mounted, and a hinge mechanism 103 . The display housing 101 and the device housing 102 are substantially rectangular plate-shaped (for example, flat plate-shaped) housings.

One of the side surfaces of the display housing 101 and one of the side surfaces of the device housing 102 are coupled (connected) via a hinge mechanism 103, and the display housing 101 and the device housing are arranged around the rotation axis formed by the hinge mechanism 103. The body 102 is relatively rotatable. A state in which the opening angle θ about the rotation axis between the display housing 101 and the device housing 102 is approximately 0° is a state in which the display housing 101 and the device housing 102 are overlapped and closed (referred to as a “closed state”). ). A state in which the display housing 101 and the device housing 102 are opened with respect to the closed state is referred to as an “open state”. The open state is a state in which the display housing 101 and the device housing 102 are relatively rotated until the opening angle θ becomes larger than a preset threshold value (for example, 10°). The appearance of the information processing apparatus 10 shown in FIG. 1 shows an example of the open state.

Here, the surface on which the display unit 14 of the display housing 101 is provided is referred to as a display surface 101a, and the surface opposite to the display surface 101a is referred to as a top surface 101b. The surface of the device housing 102 on which the keyboard 32 is provided is called a keyboard surface 102a, and the surface opposite to the keyboard surface 102a is called a bottom surface 102b. In the closed state, the display surface 101a and the keyboard surface 102a are surfaces facing each other. In the illustrated example, the keyboard 32 is a physical keyboard on which a plurality of keys (an example of manipulators) for accepting user operations are arranged. In addition to the keyboard 32, a touch pad or the like may be provided on the keyboard surface 102a. A power button 35 is provided on the side surface of the device housing 102 .

In the closed state, the display surface 101a of the display housing 101 and the keyboard surface 102a of the device housing 102 face each other and overlap each other. On the other hand, in the open state, the display unit 14 is visible and the keyboard can be operated.

[Hardware Configuration of Information Processing Device 10]
FIG. 2 is a block diagram showing an example of the main hardware configuration of the information processing apparatus 10 according to this embodiment. As shown in FIG. 2, the information processing apparatus 10 includes a CPU 11, a main memory 12, a video subsystem 13, a display section 14, a chipset 21, an RTC power supply 25, a BIOS memory 22, and an embedded controller 31. , a keyboard 32 , a power circuit 33 , a reset switch 34 , a power button 35 and a battery 60 . In addition, in FIG. 2, the same reference numerals are assigned to the configurations corresponding to the respective parts in FIG. 1, and the description thereof will be omitted as appropriate.

The CPU 11 executes various arithmetic processes under program control and controls the entire information processing apparatus 10 . For example, the CPU 11 executes processing based on programs such as an OS (Operating System) and a BIOS (Basic Input Output System).

The main memory 12 is a writable memory used as a read area for the execution program of the CPU 11 or as a work area for writing processing data of the execution program. The main memory 12 is composed of, for example, a plurality of DRAM (Dynamic Random Access Memory) chips. The execution program includes an OS, various drivers for hardware operation of peripheral devices, various services/utilities, application programs, and the like.

The video subsystem 13 is a subsystem for realizing functions related to image display, and includes a video controller. The video controller processes drawing commands from the CPU 11, writes the processed drawing information to the video memory, reads the drawing information from the video memory, and outputs it to the display unit 14 as drawing data (display data).

The display unit 14 is, for example, a liquid crystal display or an organic EL display, and displays a display screen based on drawing data (display data) output from the video subsystem 13 .

The chipset 21 supports USB (Universal Serial Bus), serial ATA (AT Attachment), SPI (Serial Peripheral Interface) bus, PCI (Peripheral Component Interconnect) bus, PCI-Express bus, and LPC (Low Pin Count) bus. It has a controller and multiple devices are connected. In FIG. 2, a BIOS memory 22, an embedded controller 31, and a storage device 40 are connected to the chipset 21 as examples of multiple devices. Also, the chipset 21 includes an RTC 211 . The RTC 211 (Real Time Clock) operates by power supply from the RTC power supply 25 (for example, coin battery).

The BIOS memory 22 is, for example, a non-volatile memory such as an SPI (Serial Peripheral Interface) flash memory or an EEPROM (Electrically Erasable Programmable Read Only Memory). The BIOS memory 22 stores system firmware such as BIOS programs and programs for controlling the embedded controller 31 . The BIOS memory 22 also stores BIOS data and codes, data related to control of the embedded controller 31, and the like.

The storage device 40 includes an SSD (Solid State Drive), an HDD (Hard Disk Drive), and the like. For example, the storage device 40 stores an OS, various drivers, various services/utilities, application programs, and various data. The information processing device 10 uses data stored in the SSD 40 to perform various information processing.

An embedded controller (EC) 31 is a processor provided separately from the CPU 11 that executes OS and BIOS processing. For example, the embedded controller 31 includes memories such as a CPU, ROM, RAM, flash memory, and EEPROM (not shown), A/D input terminals for multiple channels, D/A output terminals, timers, digital input/output terminals, and the like. It is a One-Chip Microcomputer. For example, a keyboard 32, a power supply circuit 33, a reset switch 34, a power button 35, and the like are connected to the embedded controller 31 via respective input terminals. The embedded controller 31 also exchanges data with the CPU 11 via the chipset 21 connected via a bus.

For example, the embedded controller 31 receives an operation signal corresponding to a user's operation of the power button 35, and controls the power supply circuit 33 and instructs system startup. The embedded controller 31 also receives an operation signal corresponding to the user's operation on the keyboard 32 or the reset switch 34, and performs processing according to the operation signal.

The keyboard 32 is an input device in which a plurality of keys (an example of manipulators) for accepting user operations are arranged. The keyboard 32 is provided on the keyboard surface 102a of the device housing 102, as shown in FIG. The keyboard 32 outputs an operation signal to the embedded controller 31 according to the user's operation. As an input device other than the keyboard 32, an arbitrary input device such as a pointing device or a touch pad may be provided at an arbitrary location.

The power supply circuit 33 includes, for example, a DC/DC converter, a charging/discharging unit, and the like. The DC/DC converter converts the voltage of DC power supplied from an AC adapter (external power supply) or battery 60 into a voltage required by each part. Electric power whose voltage is converted by the DC/DC converter is supplied to each part via each power supply system. For example, the power supply unit 400 supplies power to each unit through each power supply system based on control by the embedded controller 31 .

[Unauthorized access restriction function]
Next, the function of restricting unauthorized access in the information processing apparatus 10 according to this embodiment will be described. In the present embodiment, "unauthorized access" means an act of an unauthorized user impersonating an authorized user to log in to the system, an act of accessing data, an act of stealing data, or an act of falsifying data. It means an illegal act on the device 10 or the like. In this embodiment, an example of restricting unauthorized access in password authentication using a password will be described. Even if it is not actually unauthorized access by an unauthorized user, similar actions (for example, even if an authorized user continuously enters the wrong password) are also judged as unauthorized access. be.

For example, BIOS supports a plurality of passwords with different protection targets, such as a power-on password, a supervisor password, and a hard disk password, as system boot requirements. The information processing apparatus 10 prevents repeated unauthorized access by shutting down the system when password authentication fails more than a certain number of times in succession. An operation mode in which the system is shut down when password authentication fails more than a certain number of times in succession is hereinafter referred to as a “lock mode”.

Here, after shutdown, depending on the type of password (that is, the type of password-protected target), you may want to protect the system more strongly by prohibiting password entry, or restart (that is, power reset) to restart the system. There are cases where you want to allow password entry. Therefore, a plurality of lock modes are prepared, and the information processing apparatus 10 makes a transition to a lock mode according to the type of password, thereby differentiating the control related to startup after shutdown.

FIG. 3 is a diagram showing an example of the lock mode according to this embodiment. This figure shows examples of three types of lock modes. The lock type is information for identifying the type of lock mode. The control content is the control content regarding activation of each lock mode. The control contents of the lock mode of lock type "#1" (hereinafter referred to as "first lock mode") are control to permit activation but not to accept password input for a certain period of time. The control content of the lock mode of lock type “#2” (hereinafter referred to as “second lock mode”) is control to prohibit activation for a certain period of time. The control content of the lock mode of lock type "#3" (hereinafter referred to as "third lock mode") is control to prohibit activation (that is, not permit power-on itself).

Here, the certain period of time during which password input is not accepted in the first lock mode and the certain period of time during which activation is not permitted in the second lock mode are hereinafter referred to as "lock time". The lock time is set in advance to, for example, 6 hours, 12 hours, 24 hours, or the like. Note that the lock time may be arbitrarily set or changed by the user.

Note that the first lock mode and the second lock mode are operations capable of measuring the elapsed time from shutdown even in the S5 state while maintaining only the minimum power required to keep the embedded controller 31 awake. mode. The third lock mode is a mode in which the embedded controller 31 prevents the power from being turned on at the time of activation from the S5 state and the power failure state, thereby prohibiting activation.

FIG. 4 is a diagram showing an example of correspondence between lock modes and password types according to the present embodiment. In this figure, lock types are associated with password types. For example, the information processing apparatus 10 transitions to the first lock mode when supervisor password authentication fails more than a certain number of times in succession. The supervisor password protects access destinations with administrator privileges. protected by

Further, for example, the information processing apparatus 10 transitions to the second lock mode when power-on password authentication fails more than a certain number of times in succession. Since the power-on password is intended to protect the use of the system by the user, it is protected from use for a certain period of time by, for example, not permitting activation for a certain period of time. Further, for example, the information processing apparatus 10 transitions to the third lock mode when hard disk password authentication fails more than a certain number of times in succession. Since the hard disk password protects the data stored in the information processing device 10 from being stolen or tampered with, it can be protected more strongly by, for example, prohibiting startup (that is, not permitting power-on itself). be done.

[Functional Configuration of Information Processing Device 10]
Next, a functional configuration for restricting unauthorized access in the information processing device 10 will be described. When the information processing apparatus 10 detects unauthorized access under the control of the BIOS, the BIOS instructs the embedded controller 31 of the lock type according to the type of password, and the information processing apparatus 10 transitions to the lock mode.

The embedded controller 31 counts the elapsed time after shutdown. For example, there is a method of measuring the elapsed time during shutdown using the RTC 211, but if the RTC power supply 25 is removed, the RTC power supply will be lost and the elapsed time cannot be measured. Therefore, in the information processing apparatus 10 according to the present embodiment, the embedded controller 31 measures the elapsed time during shutdown so that the elapsed time can be measured even if the RTC power source is lost.

FIG. 5 is a block diagram showing an example of a functional configuration for restricting unauthorized access in the information processing apparatus 10 according to this embodiment. In this figure, the BIOS 110 is shown as a functional configuration realized by the CPU 11 executing the BIOS program.

The BIOS 110 includes an authentication processing section 120 , a detection section 121 and a mode control section 122 . The authentication processing unit 120 performs authentication processing for authenticating whether or not to permit access to the protected object. For example, the authentication processing unit 120 performs password authentication to check whether the password input to the keyboard 32 is correct. Specifically, the authentication processing unit 120 executes authentication processing for the power-on password input to the keyboard 32 at the time of authentication at system startup. In addition, the authentication processing unit 120 performs authentication processing for the supervisor password input to the keyboard 32 when authenticating an access destination with administrator authority. In addition, the authentication processing unit 120 executes authentication processing for the hard disk password input to the keyboard 32 when authenticating a password-protected hard disk.

The input of the password is not limited to the keyboard 32, and may be input to the software keyboard displayed on the display unit 14, or may be input by voice. Further, in place of or in addition to password authentication, fingerprint authentication, face authentication, authentication using a smart card, authentication using location information, or the like may be performed.

The detection unit 121 performs detection processing for detecting unauthorized access to the information processing device 10 . For example, the detection unit 121 detects unauthorized access in password authentication by the authentication processing unit 120 . Specifically, unauthorized access in password authentication is detected by determining whether or not a predetermined condition regarding password authentication is satisfied. When the detection unit 121 determines that the predetermined condition is satisfied, the detection unit 121 detects unauthorized access.

The predetermined condition regarding password authentication is a preset condition for determining unauthorized access, for example, a condition regarding failure of password authentication. For example, the predetermined condition is that password authentication fails a predetermined number of times (for example, three times) or more in succession. The detection unit 121 detects unauthorized access when, for example, an incorrect password is consecutively input a predetermined number of times (for example, three times). Note that the predetermined conditions exemplified here are only examples, and are not limited to these.

The mode control unit 122 controls system startup and shutdown, and instructs transition to lock mode. For example, when the detection unit 121 detects unauthorized access, the mode control unit 122 transmits an instruction regarding start-up control after shutdown (an instruction to transition to the lock mode) to the embedded controller 31 and instructs shutdown.

Specifically, as illustrated in FIGS. 3 and 4, when the detection unit 121 detects unauthorized access in password authentication, the mode control unit 122 switches to the lock mode according to the type of password. An instruction (lock request) is sent to the embedded controller 31 . For example, when unauthorized access to the supervisor password is detected, the mode control unit 122 transmits a lock request including the lock type “#1” and the lock time to the embedded controller 31 . Also, when unauthorized access with the power-on password is detected, the mode control unit 122 transmits a lock request including the lock type “#2” and the lock time to the embedded controller 31 . Also, when unauthorized access is detected in the hard disk password, the mode control unit 122 transmits a lock request including the lock type “#3” to the embedded controller 31 .

In this way, the lock request transmitted from the BIOS 110 to the embedded controller 31 contains a lock indicating to which of the first lock mode, the second lock mode, and the third lock mode the lock request is to be made. type is included. Further, the lock request for transitioning to the first lock mode includes a lock time indicating a time during which password input is not accepted. Also, the lock request for transitioning to the second lock mode includes a lock time indicating a time during which activation is not permitted.

Furthermore, after transmitting the lock request, the mode control unit 122 issues a shutdown instruction to shut down the system. Note that the mode control unit 122 may transmit a shutdown instruction (shutdown request) to the embedded controller 31 and shut down the system according to the shutdown instruction from the embedded controller 31 .

Also, in the shutdown state, the mode control unit 122 executes and starts up the BIOS program in response to receiving a start-up instruction from the embedded controller 31 . Further, when the mode control unit 122 transmits a lock request for transitioning to the first lock mode, the mode control unit 122 executes and starts the BIOS program in response to receiving an activation instruction from the embedded controller 31 in the shutdown state. is controlled so that input of the supervisor password is not accepted until the elapsed time after shutdown reaches the lock time.

The embedded controller 31 includes a mode transition section 311 , a timer section 312 , and an activation control section 313 as functional configurations realized by executing a program for controlling the embedded controller 31 .

Upon receiving a lock request transmitted from the BIOS 110, the mode transition unit 311 transitions to the lock mode indicated by the lock type included in the lock request. For example, when the lock type included in the lock request transmitted from the BIOS 110 is "#1", the mode transition unit 311 transitions to the first lock mode. Also, when the lock type included in the lock request sent from the BIOS 110 is “#2”, the mode transition unit 311 transitions to the second lock mode. Also, when the lock type included in the lock request transmitted from the BIOS 110 is “#3”, the mode transition unit 311 transitions to the third lock mode.

The clock unit 312 starts measuring time when the mode transition unit 311 transitions to the first lock mode or the second lock mode. For example, the timer 312 measures time until at least the lock time included in the lock request is reached. In addition, the timer 312 causes the non-volatile memory inside the embedded controller 31 to store the measured elapsed time at any time (for example, each time it is counted) while measuring the time. The elapsed time after the timer 312 starts measuring time corresponds to the elapsed time after shutdown (elapsed time during shutdown).

The activation control unit 313 controls activation according to each lock mode. For example, in the first lock mode, when the activation control unit 313 detects a system activation trigger (for example, operation of the power button 35), it transmits an instruction to activate the BIOS to the CPU 11 . In addition, the activation control unit 313 transmits to the CPU 11 (the BIOS 110 after activation) the elapsed time since the timing unit 312 started measuring. Note that the startup control unit 313 may transmit the measured elapsed time to the CPU 11 at any time (for example, each time it is counted), or when the elapsed time reaches the lock time, the CPU 11 (the BIOS 110 after startup) can be sent to

In the second lock mode, the activation control unit 313 prohibits activation of the system until the elapsed time from the start of time measurement by the clock unit 312 reaches the lock time. For example, the activation control unit 313 does not instruct the CPU 11 to activate the BIOS (does not activate the BIOS) until the lock time is reached, even if a system activation trigger (for example, operation of the power button 35) is detected. ). On the other hand, the activation control unit 313 releases the prohibition of system activation after the lock time is reached. In other words, after the elapsed time from the start of time measurement by the timing unit 312 reaches the lock time, the activation control unit 313 instructs the CPU 11 to activate the BIOS when detecting a system activation trigger. conduct.

Also, in the third lock mode, the startup control unit 313 prohibits system startup. For example, even if the activation control unit 313 detects a system activation trigger (for example, operation of the power button 35), it does not instruct the CPU 11 to activate the BIOS (does not activate the system).

[Unauthorized access restriction processing]
Next, the operation of unauthorized access restriction processing for restricting unauthorized access in password authentication performed by the information processing apparatus 10 according to the present embodiment will be described. First, referring to FIG. 6, the operation of processing on the BIOS side will be described.

FIG. 6 is a flowchart showing an example of unauthorized access restriction processing on the BIOS side according to this embodiment.

(Step S101) The BIOS 110 determines whether unauthorized access has been detected in password authentication. For example, the BIOS 110 detects unauthorized access as a detection when a predetermined condition regarding password authentication failures (for example, a predetermined number of consecutive authentication failures) is satisfied. If the BIOS 110 determines that unauthorized access in password authentication is not detected (predetermined condition is not satisfied) (NO), it repeats the determination process of step S101 at a predetermined cycle. On the other hand, when the BIOS 110 determines that unauthorized access has been detected in password authentication (predetermined condition is satisfied) (YES), the process proceeds to step S103.

(Step S103) When unauthorized access is detected in password authentication in step S101, the BIOS 110 sends a lock request of a lock type corresponding to the password type to the embedded controller 31, thereby instructing boot control after shutdown. I do. For example, when the BIOS 110 detects unauthorized access to the supervisor password, the BIOS 110 sends a lock request including lock type “#1” and lock time to the embedded controller 31 . Also, when the BIOS 110 detects unauthorized access to the power-on password, the BIOS 110 transmits a lock request including the lock type “#2” and the lock time to the embedded controller 31 . Also, when the BIOS 110 detects unauthorized access to the hard disk password, the BIOS 110 transmits a lock request including the lock type “#3” to the embedded controller 31 . The BIOS 110 also causes the BIOS memory 22 (nonvolatile memory) to store information indicating that the lock request has been sent and the lock type. Then, the process proceeds to step S105.

(Step S<b>105 ) The BIOS 110 transmits a shutdown request to the embedded controller 31 . Then, the process proceeds to step S107.

(Step S107) The BIOS 110 performs shutdown processing to shut down the system. Here, the BIOS 110 may perform the shutdown process by itself without performing the process of step S105. Moreover, the BIOS 110 may shut down the system according to a shutdown instruction from the embedded controller 31 when the process of step S105 is performed.

(Step S109) When the CPU 11 receives an activation instruction from the embedded controller 31 (YES), it executes BIOS activation processing (step S111), and proceeds to the processing of step S113. On the other hand, if the CPU 11 does not receive an activation instruction from the embedded controller 31 (NO), it continues the shutdown state.

(Step S113) When the BIOS 110 is activated, the BIOS 110 refers to the lock type stored in the BIOS memory 22 (nonvolatile memory) in step S103 to determine whether the activation is from the first lock mode or from the second lock mode. determine whether When the BIOS 110 determines that the start-up is from the second lock mode, the second lock mode is terminated because the start-up is after a certain period of time and there is no restriction on the input of the password. Then, the BIOS 110 instructs to load and start the OS, and returns to the process of step S101.

On the other hand, when the BIOS 110 determines that the activation is from the first lock mode, the BIOS 110 instructs to load and activate the OS, but continues the first lock mode and does not accept input of the supervisor password for a certain period of time. , the process proceeds to step S115.

(Step S115) The BIOS 110 prohibits acceptance of input of the supervisor password. For example, the BIOS 110 prohibits the access without displaying the supervisor password input screen even if there is access to an access destination with administrator authority. Then, the process proceeds to step S117.

(Step S<b>117 ) The BIOS 110 acquires the elapsed time transmitted from the embedded controller 31 . Then, the process proceeds to step S119.

(Step S119) The BIOS 110 determines whether or not a certain period of time has passed since the shutdown. For example, the embedded controller 31 compares the elapsed time acquired in step S117 with the lock time, and determines whether a certain period of time has elapsed since the shutdown based on whether the elapsed time has reached the lock time. . If the BIOS 110 determines that the predetermined time has not elapsed (NO), the process returns to step S117. On the other hand, when the BIOS 110 determines that the predetermined time has passed (YES), the process proceeds to step S121.

(Step S121) The BIOS 110 cancels the prohibition of accepting the input of the supervisor password. That is, the BIOS 110 permits acceptance of input of the supervisor password. The BIOS 110 then ends the first lock mode and returns to the process of step S101.
In addition, in the case of the third lock mode, the third lock mode is continued because the activation instruction is not obtained from the embedded controller 31 in step S109.

Next, the operation of unauthorized access restriction processing on the embedded controller 31 (EC) side will be described with reference to FIG.
FIG. 7 is a flowchart showing an example of unauthorized access restriction processing on the EC side according to this embodiment.

(Step S<b>201 ) The embedded controller 31 determines whether or not a lock request has been received from the BIOS 110 . If the embedded controller 31 determines that it has not acquired a lock request (NO), it continues the process of step S201. On the other hand, when the embedded controller 31 determines that the lock request has been obtained (YES), the process proceeds to step S203.

(Step S203) When the embedded controller 31 determines that the lock request has been obtained in step S201, the embedded controller 31 determines the lock type. When the embedded controller 31 determines that the lock type included in the lock request is "#1", the process proceeds to step S211. If the embedded controller 31 determines that the lock type included in the lock request is "#2", the process proceeds to step S221. If the embedded controller 31 determines that the lock type included in the lock request is "#3", the process proceeds to step S231.

(Step S211) When the embedded controller 31 determines that the lock type is "#1" in step S203, it transitions to the first lock mode. Also, at this time, the embedded controller 31 causes the non-volatile memory inside the embedded controller 31 to store information indicating that the transition to the first lock mode has been made.

(Step S212) After transitioning to the first lock mode, the embedded controller 31 permits activation of the system. Therefore, the embedded controller 31 transmits an activation instruction to the CPU 11 when detecting a system activation trigger (for example, operation of the power button 35 ).

(Step S213) Further, when transitioning to the first lock mode, the embedded controller 31 starts measuring time. Thereby, the embedded controller 31 measures the elapsed time after shutdown (the elapsed time during shutdown). In addition, the embedded controller 31 stores the measured elapsed time in the non-volatile memory inside the B embedded controller 31 at any time (for example, each time it is counted). Note that the processing of step S212 and the processing of step S213 may be switched in order or may be performed simultaneously. Then, the process proceeds to step S214.

(Step S214) The embedded controller 31 determines whether or not a system activation trigger (for example, operation of the power button 35) has been detected. If the embedded controller 31 determines that the system activation trigger has not been detected (NO), it repeats the determination process of step S214. On the other hand, when the embedded controller 31 determines that the trigger for starting the system is detected (YES), the process proceeds to step S215.

(Step S<b>215 ) The embedded controller 31 transmits an instruction to boot the BIOS to the CPU 11 . Then, the process proceeds to step S216.

(Step S216) The embedded controller 31 starts notification of the measured elapsed time. For example, the embedded controller 31 notifies the BIOS 110 of the measured elapsed time at any time (for example, each time it is counted). If the elapsed time has not reached the lock time when the embedded controller 31 transmits the BIOS activation instruction to the CPU 11, the embedded controller 31 notifies the BIOS 110 of the elapsed time when the elapsed time reaches the lock time. You may Then, the process proceeds to step S217.

(Step S217) The embedded controller 31 determines whether or not a certain period of time has passed since the shutdown. For example, the embedded controller 31 determines whether or not a certain period of time has elapsed since the shutdown, depending on whether or not the elapsed time from the start of clocking in step S213 has reached (or has already reached) the lock time. judge. If the embedded controller 31 determines that the predetermined time has not elapsed since the shutdown (NO), it performs the process of step S217 again. On the other hand, when the embedded controller 31 determines that the predetermined time has passed since the shutdown (YES), the process proceeds to step S218.

(Step S<b>218 ) The embedded controller 31 ends the notification of the elapsed time to the BIOS 110 . Then, the process proceeds to step S217.

(Step S219) The embedded controller 31 finishes measuring the elapsed time and resets the timer. Also, at this time, the embedded controller 31 clears the information indicating the transition to the first lock mode stored in the non-volatile memory inside the embedded controller 31 in step S211.

(Step S221) Further, when the embedded controller 31 determines that the lock type is "#2" in step S203, the embedded controller 31 makes a transition to the second lock mode. Also, at this time, the embedded controller 31 causes the non-volatile memory inside the embedded controller 31 to store information indicating that the transition to the second lock mode has been made.

(Step S222) After transitioning to the second lock mode, the embedded controller 31 prohibits system startup. Therefore, even if the embedded controller 31 detects a system activation trigger (for example, an operation on the power button 35), it does not transmit an activation instruction to the CPU 11. FIG.

(Step S223) Also, when transitioning to the second lock mode, the embedded controller 31 starts measuring time. Thereby, the embedded controller 31 measures the elapsed time after shutdown (the elapsed time during shutdown). Note that the processing of step S222 and the processing of step S223 may be switched in order or may be performed at the same time.

(Step S224) The embedded controller 31 determines whether or not a certain period of time has passed since the shutdown. For example, the embedded controller 31 determines whether or not a certain period of time has elapsed since the shutdown, based on whether or not the elapsed time from the start of clocking in step S223 has reached the lock time. If the embedded controller 31 determines that the predetermined time has not elapsed since the shutdown (NO), it performs the process of step S224 again. On the other hand, when the embedded controller 31 determines that the predetermined time has passed since the shutdown (YES), the process proceeds to step S225.

(Step S225) The embedded controller 31 cancels the prohibition of starting the system. At this time, the embedded controller 31 also clears the information indicating the transition to the second lock mode stored in the non-volatile memory inside the embedded controller 31 in step S221.

When the prohibition of system activation is released, for example, when the embedded controller 31 detects a system activation trigger (for example, operation of the power button 35), it transmits an activation instruction to the CPU 11. FIG.

(Step S226) Also, the embedded controller 31 finishes measuring the elapsed time and resets the timer. Note that the processing of step S225 and the processing of step S226 may be switched in order or may be performed at the same time.

(Step S231) Further, when the embedded controller 31 determines that the lock type is "#3" in step S203, it makes a transition to the third lock mode. Also, at this time, the embedded controller 31 causes the non-volatile memory inside the embedded controller 31 to store information indicating that the transition to the third lock mode has been made.

(Step S232) After transitioning to the third lock mode, the embedded controller 31 prohibits system startup. Therefore, even if the embedded controller 31 detects a system activation trigger (for example, operation of the power button 35), the embedded controller 31 performs power control and does not turn on the system power.

[Summary of embodiment]
As described above, the information processing apparatus 10 according to this embodiment includes the BIOS memory 22 (nonvolatile memory), the CPU 11, and the embedded controller 31 (EC). The BIOS memory 22 (an example of a first memory and a second memory) stores a BIOS program and at least a program of the embedded controller 31 that controls startup. The CPU 11 executes the BIOS program stored in the BIOS memory 22 . The embedded controller 31 executes the embedded controller 31 program stored in the BIOS memory 22 . Note that the BIOS program and the embedded controller 31 program may be stored in different memories.

Then, the CPU 11 (BIOS 110) executes a BIOS program to perform authentication processing for performing password authentication by entering a password, and fails password authentication when a predetermined condition regarding failure of password authentication by the authentication processing is satisfied. In accordance with the type of password entered, an instruction (for example, lock request) regarding activation control (for example, lock mode) after shutdown is transmitted to the embedded controller 31, and a stop control process for instructing shutdown is performed. In addition, the embedded controller 31 executes a program of the embedded controller 31 to perform boot control processing for controlling booting of the system (BIOS) based on the lock request obtained from the CPU 11 .

As a result, when unauthorized access due to password authentication failure is detected, the information processing apparatus 10 shuts down and controls startup according to the type of password. can be controlled. For example, the information processing apparatus 10 prohibits activation against unauthorized access to a protected object of high importance, and requires password input after a certain period of time against unauthorized access to a protected object of relatively low importance. Therefore, it is possible to perform appropriate control with both safety and convenience against unauthorized access in password authentication.

For example, the lock mode includes a first lock mode (first startup control) that permits system (BIOS) startup but does not accept password input for a certain period of time. When the embedded controller 31 acquires a lock request (instruction) of the first lock mode from the CPU 11 (BIOS 110), it performs time measurement processing to start measuring time, and when it detects a trigger for booting the BIOS, it performs the boot control. In the process, the CPU 11 is notified of an instruction to start the BIOS and the elapsed time since the measurement of the time was started by the time measuring process. When the CPU 11 receives an instruction to start up the BIOS from the embedded controller 31, the CPU 11 performs start-up processing to start up the BIOS. Also, based on the elapsed time obtained from the embedded controller 31, the CPU 11 performs control such that the input of a password (for example, supervisor password) whose password authentication has failed in the authentication process is not accepted for a certain period of time.

As a result, the information processing apparatus 10 can appropriately control unauthorized access in password authentication with both safety and convenience according to the type of password. For example, when unauthorized access is detected in the authentication of the supervisor password, the information processing apparatus 10 protects the access destination of the administrator authority, so that the password can be used by the user, for example. It is possible to protect access destinations with administrator privileges from being inaccessible for a certain period of time after permitting activation.

In addition, the lock mode includes a second lock mode (second start-up control) that prohibits starting the system (BIOS) for a certain period of time. When the embedded controller 31 acquires a lock request (instruction) for the second lock mode from the CPU 11 (BIOS 110), the embedded controller 31 performs time measurement processing for starting time measurement, and measures the elapsed time since time measurement is started by the time measurement processing. System (BIOS) startup is prohibited until the time reaches the lock time (preset time).

As a result, the information processing apparatus 10 can appropriately control unauthorized access in password authentication according to the type of password. For example, when unauthorized access is detected in authentication of the power-on password, the information processing apparatus 10 does not permit activation for a certain period of time because the password protects the use of the system by the user (i.e. , cannot be used for a certain period of time).

The lock modes also include a third lock mode (third startup control) that prohibits startup of the system (BIOS). When the embedded controller 31 receives a lock request (instruction) for the third lock mode from the CPU 11 (BIOS 110), it prohibits the system (BIOS) from starting.

As a result, the information processing apparatus 10 can appropriately control unauthorized access in password authentication according to the type of password. For example, when unauthorized access is detected in authentication of the hard disk password, the information processing apparatus 10 does not start up because the password protects the data stored in the information processing apparatus 10 from being stolen or falsified. By prohibiting (that is, not permitting power-on itself), stronger protection can be achieved.

When transmitting a lock request to the embedded controller 31 in the stop control process, the CPU 11 (BIOS 110) selects the first lock mode, the second lock mode, and the third lock mode based on the type of password for which password authentication failed. Choose one of the modes.

As a result, the information processing apparatus 10 can transition to an appropriate lock mode based on the type of password for which password authentication has failed, and perform appropriate control that combines safety and convenience according to the type of password. can.

Which of the first lock mode, the second lock mode, and the third lock mode is selected is set in advance according to the type of password for which password authentication has failed.

As a result, when unauthorized access is detected in password authentication, the information processing apparatus 10 transitions to a preset appropriate lock mode, thereby providing an appropriate lock mode that combines safety and convenience according to the type of password. control can be performed.

The user can set which of the first lock mode, the second lock mode, and the third lock mode is to be selected according to the type of password for which password authentication has failed.

As a result, when unauthorized access is detected in password authentication, the information processing apparatus 10 allows the user to transition to any lock mode according to the type of password. It can be carried out.

In the activation control process, the embedded controller 31 may notify the CPU 11 of the number of times a system (BIOS) activation trigger has been detected during a certain period of time until activation is permitted in the second lock mode.

As a result, when the number (frequency) of unauthorized accesses is high, the information processing apparatus 10 can extend the time until activation is permitted, or perform control with higher safety, such as prohibiting activation. can be done.

Further, the control method in the information processing apparatus 10 includes steps in which the CPU 11 (BIOS 110) performs password authentication by inputting a password; In response, a step of transmitting an instruction (e.g., lock request) regarding start-up control (e.g., lock mode) after shutdown to the embedded controller 31 and instructing shutdown; and controlling system (BIOS) startup based on the received lock request.

As a result, when unauthorized access due to password authentication failure is detected, the information processing apparatus 10 shuts down and controls startup according to the type of password. can be controlled. For example, the information processing apparatus 10 prohibits activation against unauthorized access to a protected object of high importance, and requires password input after a certain period of time against unauthorized access to a protected object of relatively low importance. Therefore, it is possible to perform appropriate control with both safety and convenience against unauthorized access in password authentication.

Although each embodiment of the present invention has been described in detail above with reference to the drawings, the specific configuration is not limited to the above-described embodiments, and includes design within the scope of the present invention. . For example, the configurations described in the above embodiments can be combined arbitrarily.

In addition to the type of password, the lock type or lock time may be changed according to the number of authentication failures. For example, the greater the number of authentication failures when determining unauthorized access, the better the lock type for stronger protection, and the longer the lock time may be.

In addition, in the above-described embodiment, the condition for password authentication was exemplified as the predetermined condition for determining unauthorized access, but the condition is not limited to this. For example, the authentication is not limited to password authentication, and may be fingerprint authentication, face authentication, authentication using a smart card, authentication using location information, or the like. For example, even in fingerprint authentication, face authentication, authentication using a smart card, authentication using location information, etc., the predetermined number of authentication failures (for example, 3 times) or more in succession is defined as above. It may be a condition (a condition for judging unauthorized access). Further, the predetermined condition may be that the back cover of the bottom surface 102b of the information processing device 10 is opened.

The information processing apparatus 10 described above has a computer system inside. Then, a program for realizing the function of each configuration included in the information processing apparatus 10 described above is recorded in a computer-readable recording medium, and the program recorded in the recording medium is read and executed by a computer system. , the processing in each configuration included in the information processing apparatus 10 described above may be performed. Here, "loading and executing the program recorded on the recording medium into the computer system" includes installing the program in the computer system. The "computer system" here includes hardware such as an OS and peripheral devices. A "computer system" may also include a plurality of computer devices connected via a network including communication lines such as the Internet, WAN, LAN, and dedicated lines. The term "computer-readable recording medium" refers to portable media such as flexible discs, magneto-optical discs, ROMs and CD-ROMs, and storage devices such as hard discs incorporated in computer systems. Thus, the recording medium storing the program may be a non-transitory recording medium such as a CD-ROM.

Recording media also include internal or external recording media accessible from the distribution server for distributing the program. Note that the program may be divided into a plurality of parts, downloaded at different timings, and then integrated in each structure of the information processing apparatus 10, or the distribution servers that distribute the divided programs may be different. In addition, "computer-readable recording medium" is a volatile memory (RAM) inside a computer system that acts as a server or client when the program is transmitted via a network, and retains the program for a certain period of time. It shall also include things. Further, the program may be for realizing part of the functions described above. Further, it may be a so-called difference file (difference program) that can realize the above functions by combining with a program already recorded in the computer system.

Also, part or all of the functions of the information processing apparatus 10 in the above-described embodiment may be implemented as an integrated circuit such as an LSI (Large Scale Integration). Each function may be individually processorized, or part or all may be integrated and processorized. Also, the method of circuit integration is not limited to LSI, but may be realized by a dedicated circuit or a general-purpose processor. In addition, when an integration circuit technology that replaces LSI appears due to advances in semiconductor technology, an integrated circuit based on this technology may be used.

10 information processing device 101 display housing 101a display surface 101b top surface 102 device housing 102a keyboard surface 102b bottom surface 103 hinge mechanism 11 CPU 12 main memory 13 video subsystem 14 display unit , 21 chipset, 22 BIOS memory, 25 RTC power supply, 31 embedded controller, 32 keyboard, 33 power supply circuit, 34 reset switch, 35 power button, 40 storage device, 60 battery, 110 BIOS, 120 authentication processing unit, 121 detection unit , 122 mode control unit, 311 mode transition unit, 312 timer unit, 313 activation control unit

Claims (9)

a first memory that stores a BIOS (Basic Input Output System) program;
a CPU (Central Processing Unit) that executes the program stored in the first memory;
a second memory storing at least a program for controlling the power supply;
an EC (Embedded Controller) that executes a program stored in the second memory;
with
The CPU
By executing the BIOS program stored in the first memory,
Authentication processing for performing password authentication by entering a password;
When a predetermined condition regarding the failure of password authentication by the authentication process is satisfied, according to the type of password for which the password authentication failed, an instruction regarding start-up control after shutdown is sent to the EC, and the shutdown is performed. a stop control process for instructing;
and
The EC is
By executing the program stored in the second memory,
A start-up control process for controlling the start-up of the BIOS based on the start-up control instruction obtained from the CPU;
Information processing device that performs The boot control includes a first boot control that permits booting of the BIOS but does not accept input of the password for a certain period of time,
The EC is
When an instruction for the first activation control is obtained from the CPU, a timing process for starting time measurement is performed, and when a trigger for activation of the BIOS is detected, an instruction to activate the BIOS in the activation control process. and the elapsed time from the start of time measurement by the timekeeping process to the CPU,
The CPU
In response to obtaining an instruction to start the BIOS from the EC, a start process for starting the BIOS is performed, and the password authentication fails in the authentication process based on the elapsed time obtained from the EC. Control not to accept password input for a certain period of time,
The information processing device according to claim 1 . The start-up control includes a second start-up control that prohibits booting of the BIOS for a certain period of time,
The EC is
When an instruction for the second startup control is obtained from the CPU, a time measurement process is performed to start measuring time, and the elapsed time after the start of time measurement by the time measurement process reaches a preset time. Until the BIOS is prohibited from starting,
The information processing apparatus according to claim 2. The startup control includes a third startup control that prohibits startup of the BIOS,
The EC is
Prohibiting activation of the BIOS when an instruction for the third activation control is obtained from the CPU;
The information processing apparatus according to claim 3. The CPU
In the stop control process, the first activation control, the second activation control, and the third activation are performed based on the type of the password for which the password authentication fails when the instruction regarding the activation control is transmitted to the EC. select one of the controls,
The information processing apparatus according to claim 4. Which of the first activation control, the second activation control, and the third activation control is selected is set in advance according to the type of the password for which the password authentication has failed,
The information processing device according to claim 5 . A user can set which of the first activation control, the second activation control, and the third activation control is selected according to the type of the password that failed the password authentication.
The information processing device according to claim 5 . The EC is
In the startup control process, notifying the CPU of the number of times the BIOS startup trigger is detected during the predetermined time period;
The information processing apparatus according to claim 2 . A control method in an information processing apparatus comprising a CPU (Central Processing Unit) that executes a BIOS (Basic Input Output System) program and an EC (Embedded Controller) that executes at least a program for controlling startup,
the CPU performing password authentication by inputting a password; and, if a predetermined condition regarding password authentication failure is satisfied, issuing an instruction regarding start-up control after shutdown according to the type of the password for which the password authentication failed. a step of transmitting to the EC and instructing the shutdown;
a step in which the EC performs control regarding activation of the BIOS based on the instruction regarding the activation control obtained from the CPU;
Control method including.

Images