TW200910137A - Computer system and secure power-on method thereof - Google Patents

Abstract

A computer system and its secure power-on method thereof are disclosed. The computer system includes a power supply unit, a power-on unit, a secure card slot and a baseboard management controller (BMC). The power supply unit is used to supply a stand-by power and a system power to the computer system. The power-on unit is used to supply a first power-on signal. The secure card slot is used to insert a secure card having a first identified data. The BMC compares the first identified data with a second identified data to decide whether outputs a second power-on signal or not when the BMC receives the first power-on signal. The power supply unit decides whether supply the system power to the computer system or not in accordance with the second power-on signal.

Description

200910137 υ/υ^/υ.ι w ^4613twf.doc/n IX. Description of the invention: [Technical field of the invention] The present invention relates to a computer system, and in particular to a kind of use of a security card to boot (Power On) computer system and safe boot method. [Prior Art] In order to protect the internal data of the computer system, the general user will not use the user account of the Microsoft operating system to set the name and code to protect the computer system. However, this method must be in the second two: After entering the operating system, the operating system protects the computer system =, and the computer is powered on. However, the computer system has already been turned on (p〇wer〇n° users can still not enter the user). The operation of the operating system ^ 'Do the related settings' or steal the computer shaft I... 'Brain protection computer system is best to be able to - when booting, 22, therefore, the security confirmation action to achieve a true protection of the computer二二仃related [Summary of the invention] 目的, the purpose of death. The present invention provides a computer system, using the identification data on the security card and electricity _ ^ money. When the security system can be booted system security m system, only 1 The security card with the protective material can be turned on to open the computer system to use the computer system. The discriminative capital invention provides a method for applying the above two.] To compare the identification data disk on the security card itself: the safe booting party is the same as the protection computer The security of the system. 彳 Have the phase of 200910137 070270.TW 24613twf, doc / n Bureau to solve the above question Ke, do the invention to propose a power, unit, boot list , security card slot and substrate management: J bracket:: card, An Baoshi...: and the security card slot is used to insert security η 疋 no match, to determine whether to output the second boot letter _泸, a 'u after the power supply system. Top u decide whether to supply the system power to the computer r舆 computer system has the identification data; = to identify the brain system. In an embodiment of the invention, the method of comparing the identification on the security card to the machine's method is consistent with the material. If the security card is not included, the identification data of the identification information on the money does not match. Then it is not ambiguous: the above has a continuous _ state. The power supply should be used to make the computer system safe so that it can protect the computer system from opening the computer system. This computer system removes the 1,,, and method to open the computer system to allow users to have more complete use rights. 200910137 070270.TW 24613twf.doc/n Easy to change, to protect and protect the internal data of the computer system. Will be made by others User's Privacy In order to make the above features and preferred embodiments of the present invention, and the advantages of the accompanying drawings, the advantages of the embodiments can be more clearly understood, the following detailed description will be described in detail below: 1 ΩΟ Ί 不According to the computer system of the present invention, the power supply unit 11〇, the south bridge wafer 12〇

(Baseboard Manager Controller, BMC) 130 I4' Security Card I5. With the boot unit W. . Among them, the power supply unit / supply standby power supply, vSB and system power supply Vsys to the computer system. The first turtle source VSYS can supply the electrical energy required by each component inside computer system 1 (8). In this embodiment, the power supply unit 110 is controlled by the south bridge chip. When the south bridge wafer 12Q receives the signal from the substrate management controller, the south bridge W12G turns the power off signal to the power supply unit no'. The power supply unit 11G is enabled to supply the system power supply VSYS to the computer system. The substrate management control is connected to the south bridge chip 12〇, the security card slot 140曰 and the boot unit pair. _ Unit 16 () has a power button i6i: to provide the user to start the operating interface of the computer system. When the power button (6) is pressed by the user, the power-on unit 16 outputs a first power-on letter to the substrate controller 13〇. The security card slot 14 is connected to the baseboard management control state 130 by a system management bus (System Management Bus, SM bus) 132. Therefore, when the security card 15 is inserted into the security 200910137 V / VJZ. / w. X vv II i613twf.doc / n card slot 140, the substrate management controller 13 can be read via the SM bus i32 and the female full card slot 140 The first identification data on the security card 15〇. The security card 150 has a memory 151 for storing the first identification data. The general knowledge in the field can be implemented in various ways according to the needs of the user. For example, in the embodiment, the memory 151 is Electronics can erase stylized only. Buy 1 彳5^(Eiectricaiiy Erasabie pr〇grammabie

Read-Only Memory, referred to as EEPR〇M). The substrate management controller 130 is connected to the south bridge wafer 12 by a low pin count bus (abbreviated as lpc bus) 13! Since the operating power required for the substrate control H 13G is provided by the standby power supply S1, when the computer system 1 is turned off (that is, the power supply is: single = 11 〇 stop supplying the system power supply VSYS to the computer system 1 〇〇 At the time), the earthboard official controller 130 is still in an enabled state. The board g controller 13 itself records the second material of the computer system 1 (10). When the user presses the power button 161, the power-on unit 16 〇 P drives the power-on signal to the baseboard management controller 130. When the substrate tube=controller 13G receives the first-on signal, the substrate management control cry will be compared with the second (four) recorded by itself and the safety card 15GJJ first=identification material, thereby determining whether to output the second Off signal. According to this second job signal, the system UG is different from the supply system, and the 'yuan power supply VSYS gives the computer system 1〇〇. The machine = know whether the data is consistent or not. The method is only for the present time. For example, the brother-identification data and the second day of the day can be the corresponding encryption key pair; by the security card 15〇200910137 070270.TW 24613twf .doc/n first identification data (encryption key) pair - preset data (such as string "丨 2 3") - encryption operation 'and then transfer the encrypted default data to the substrate tube, controller no; The substrate management controller m performs the decryption operation on the encrypted preset data by using the second identification data (the gift output). If the decrypted result is the original preset data (the string "123"), the second identification data and the second identification data = Identify the opposite of the mater (mateh). In this case, the first identification of both the greedy material and the second identification data can be the system management basis of the computer system. System This round-in and output system (System Management Basic Input 〇utput

System, referred to as SMBIOS), identifies the unique Identifier (UUID). The user can store the SMBI〇S tUUID in the computer system 1 in the security card 150 and the baseboard management controller 130 in advance. After the substrate management control II丨3 Q & to the first-on signal, the substrate management controller 130 reads the first identification data (UUID of smbi〇s) from the security card 15' and then compares the record of the first The second identification data (^JUID) is the same as the first-identification data, which is another embodiment of the mechanism of "Comparing whether the second identification material and the first identification data are consistent". The first identification data and the second identification data may also be the UUID of the encrypted SMBIOS. 2 depicts a method of safe booting in accordance with an embodiment of the present invention. Please refer to the map at the same time! 2, step S21 is when the booting unit 16 (e.g., the user presses the button 161), the booting unit 160 rotates the first-on signal to the baseboard management controller 130. In step S22G 'The substrate management controller 13() compares the first identification data with the second identification data. If the first identification data and the second identification information & 200910137 070270.TW 24613twf.doc/n management controller 130 passes through Nanqiaojing Please control, so that the packet source supply 100 will be the system power supply ^ 100 (step S230). SYS, YES, ,, & TEM system diagram = shown as a security according to the preferred embodiment of the present invention Referring to FIG. 1 and FIG. 3 simultaneously, step S3. 1 ^ raw parts, for example, the user presses the power on button (6), the user presses the power on button 161, and the switch is issued to the baseboard management controller 13A. In the first-start signal processing step S3G3 in which the machine unit 160 rotates in the step s3〇2, it is determined whether there is a second=:=SMBI0S, ID), and if the second identification is stored, the step S304 is performed. If it is not, it means that the computer system may be turned on once, so the base Step (iv) management controller 13G. ^S304 is the substrate management controller, please judge whether the computer system _ is in safe mode. This security mode is determined by the step coffee ~s3i2 (detailed later). It is pre-set by the user whether the mode of the computer system (10) is to be closed, if the security mode is on, then step S305 is performed, and if the security mode is on, step S3 is performed. In step S306, the substrate management controller 13 reads the first identification data (for example, the UUID of the SMBIOS) stored in the memory (5) of the security card 15 through the SM bus 132 and the security card slot 14 . Next, in step S307, the substrate management controller 130 compares the second identification data on the security card 15 with the second identification data of the computer system 100 to obtain a comparison result. For example, the substrate management controller 13 determines the read

200910137 070270.TW 24613tw£doc/n This:: Whether the second identification data stored is the same. If the same, or can not read the first::= knowledge does not match (or does not send the second 'baseboard management controller 130 will (Powers take it; judge read (or the same) ¥ ' or in step S3〇 3, when it is judged that the substrate management control caches the data, or if it is determined in step S3Q4 that the computer system is in the safe mode, step S305 is performed. In step S305, the substrate management controller 13() is sent out. The second power-on signal is sent to the south 1 chip 120. When the south bridge chip 12 receives the second power-on signal, the south bridge chip 120 outputs a power-on signal to the power supply unit 110 to enable the power supply unit 110 to supply the system power source. "To the computer system 100. Therefore, the computer system 1 can perform booting procedures such as the Basic On/Output System (BIOS) Power On Self Test (POST). 'The computer system 100 can be used in the POST process of the BIOS, and the second identification data (such as SMBIOS) is not used by the Intelligent Platform Management Interface (IPMI) instruction. The UUID is transmitted to the baseboard management controller 130 and written into the baseboard management controller 130 (step S309). Step S310 provides the user to perform the security mode setting in the POST phase of the BIOS. Then, proceed to step 11 200910137 070270.TW 24613twf.doc/n S311. In step S311, the BIOS transmits an IPMI command of "safe mode is on" to the baseboard management controller 130. The baseboard management controller 13 will receive "start". The IPMI command of the security mode, and means that when the user presses the power on button 161 (step S301), the first identification data and the second identification data must match (step S307), and the substrate management controller 〖go sends the second The power-on signal (step S305). Otherwise, if the user sets the security mode to off, the process proceeds to step S312. In step S312, the BI0S transmits the IPMI command "safe mode is off" to the baseboard management controller 13A. The substrate management control cry will receive, 'close' the 'safe mode command, and represents the user; when the power button 161 is pressed (step S301), the substrate management The controller 13 will not compare the first identification data with the second identification data (step S3〇7), and the substrate management control 130 will directly send out the second startup signal (ie, directly proceed to step S305). After the safe mode, the computer system continues to perform other procedures of POST. After the completion of the P0ST, the computer system 100 begins to load the operating system, and the operating system continues to perform other booting (program (step S313). ', / In another embodiment, the UBIOS of the SMBIOS can be encrypted beforehand. Write the security card 150 as the first identification data. Since the POST phase of M〇s (step S309), the UUID (second identification data) of the SMBIOS that has not been encrypted and added with the check code is written into the substrate. In the management controller 130, before the first identification data and the second identification data are compared (step S307), the decryption step is required to perform the comparison process. 12 200910137 υ/υ2/υ.ι w 246l3twf .d〇c/n Figure 4 is a flow chart showing the steps of decrypting the first identification data according to another embodiment of the present invention. Step S306 is to read the first identification data from the memory 151 of the security card 150. S402 is used to decrypt the first identification data by the substrate management controller 130. In this embodiment, the encryption and decryption of the first identification data can be implemented by any algorithm, such as data encryption/decryption standard (Data Encryption/Decryp Tion Standard (referred to as DES), the singularity method, the Southern Plus, and the decryption standard (Advanced En, Encryption/Decryption Standard, AES) algorithm, etc. In step S403, the 'substrate management controller 130 will check the first identification. The check code of the data. After the confirmation is correct, the unidentified first identification data is obtained (step S404). The above check code may be a checksum. After the first identification data is decrypted, step S307 may be performed. The first identification data stored in the memory 151 of the security card 150 can be written into the memory 15 i by the following two methods. The first method is as shown in FIG. 5 'Step S501 The computer system is booted to the operating system. Step S502 acquires the computer system 1 by the software (identification data (for example, UUID of SMBI0S). In the step, the software transmits the UUID of the SMBI0S to the baseboard management controller by using the IPMI command. 130. In step S504, the UMUID of the SMBI〇s is added with a check code, for example, a checksum checksum, by the substrate management controller 13. Step S505 is managed by the substrate. The controller 130 encrypts the UUID data with the check code, and uses the encrypted UTJID data as the first identification data. In this embodiment, 'any algorithm can be implemented as step 13 200910137 υ/uz/u. 1 w zhd 13twf.doc/n S5〇5 'eg DES algorithm, AES algorithm, etc. Finally, step SS06 is performed, and the substrate management controller m encrypts the memory 151 which is encrypted and contains the first identification data of the security card 15Q. f One way is to directly add the first identification data that has been added and contains the inspection code when the motherboard of the computer system 100 is produced.

The EEPROM burner is burned into the memory 151 of the security card. In summary, the security card boot mode of the present invention allows the use of ^ to have full system usage rights. The invention can be used at the time of starting up, that is, whether the user has the right to open the system, and does not need to wait until the computer system and the charging system have been activated to verify the user's system usage right. It will increase the risk of the computer system being arbitrarily changed and stealing internal data. Moreover, the hardware cost of adding a security card is otherwise low. For example, the cost of using a security card is much lower than that of a fingerprint identification system. The present invention has been disclosed in the above preferred embodiments, but it is not intended to limit the invention, and any person having ordinary skill in the art can make some changes without departing from the spirit and scope of the present invention. Change and refinement, = the scope of this invention is considered to be attached to the application of the weaving industry. BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 depicts a computer system in accordance with an embodiment of the present invention. 2 is a safe booting device according to an embodiment of the present invention. 200910137 υ/υζ/υ.ι w ζ^613 twf.doc/n FIG. 3 illustrates a preferred embodiment of the present invention. A flow chart of the steps of safe booting. 4 is a flow chart showing the steps of decrypting the first identification data in accordance with another embodiment of the present invention. FIG. 5 is a flow chart showing the steps of writing the first identification data into the memory. [Description of Main Component Symbols] 100: Computer System 110: Power Supply Unit 120: South Bridge Wafer 130: Substrate Management Controller 131: LPC Bus Bar 132: SM Bus Bar 140: Security Card Slot 150: Security Card 151: Memory G 160 : Power-on unit 161. Power-on button S210~S230: Steps S301 to S313 of the safe boot method: Operation steps S401 to S404 for secure booting: Steps S501 to S506 for decrypting the identification data: Step of writing the identification data to the memory Vsb · Standby Power supply VsYS · 糸 power supply 15

Claims (1)

200910137 厶,613twf.doc/n X. Patent application scope: 1. A computer system, including: standby power supply and a system power supply, a power supply unit for supplying to the computer system; first boot signal; security card, The security card has a booting unit for providing - a security card slot for inserting a first identification data; and a slot, the booting unit and the security card of the baseboard management (4) 1|connected_standby; #电脑线When it is turned off, it is enabled to find the power supply; when the substrate tube=receives the signal of the first machine, it is more consistent with the first-identification brother " Two open 0. And the money source supply unit determines whether to supply the system power to the computer system according to the second power-on signal. The computer system of claim 1, wherein the powering unit comprises a power button. 3: The brain system of claim 1, wherein the substrate management controller outputs the second power-on signal if the substrate management control does not have the second identification data. <4. The computer system of claim 1, wherein the substrate management controller is coupled to the security card slot by a system management bus. 5. The computer system as claimed in claim 1, further comprising: 16 200910137 υ/υζ/υινν ^6l3twf.doc/n connected to the substrate management μ, wherein when the south bridge chip receives the second and second original : Shiqiao chip output - power supply open call:, engage, the south power supply unit supplies the system 'to control the = the patent _ the fifth item of electricity = system, & (4) base interest. 5 l hunting by - low pin number bus bar connected to the south bridge chip η full card 7 packets (four) 1 item of electricity (four) system, where the security == what secret program __, used to store the 8. The patent application scope is described in item 1 - the identification data and the second identification data are - System Management US Wheel = System (SMBIOS) identification data (UUID). The current round of entry and exit 糸9. If the identification data and the second identification data are encrypted as described in the scope of the patent application, the identification data of the round-in and out system (SMBI〇S) (UUII^ '/Basic 10. A safe boot method, including: a boot event occurs; ~ comparison = one of the first identification data on the security card and the second identification data match to obtain - comparison results; and, The system is based on the result of Lin Qiqi, the mosquito is the secret should be - pure power to the computer U · Rugao apply for the special job _ 1G item of the security job method, the basin package = the brother - identification and the second identification: # Whether the material is consistent or not ς 17 200910137 ^-r613twf.doc/n Since the female full card money, the first - Lai information; and the identification; ΐ: body and the computer system - the substrate management, the identification in the system In order to obtain the comparison result. System 12. If the method of claiming the scope of the patent is more than the method of identifying the data, it further includes: a step of identifying the shellfish or not agreeing to check the substrate management Is there any Ο in the controller? The system power supply to the computer system is easy to open ^ identify the Belle's supply of the 13. If the f, please refer to the special identification of the first and the identification data and the second identification: the method 'it includes : The step of the Μ 疋 疋 吻合 吻合 吻合 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若 若The second identification includes the security boot method as described in claim 10, and if the first identification data and the second identification data do not supply the system power, the electrical system is in the _= , including i: 5. If the first identification data and the second identification resource should be the system power supply, the computer system is powered on and the test is consistent. For 18