TWI726406B - Authentication method - Google Patents

Authentication method Download PDF

Info

Publication number
TWI726406B
TWI726406B TW108131801A TW108131801A TWI726406B TW I726406 B TWI726406 B TW I726406B TW 108131801 A TW108131801 A TW 108131801A TW 108131801 A TW108131801 A TW 108131801A TW I726406 B TWI726406 B TW I726406B
Authority
TW
Taiwan
Prior art keywords
host
management controller
baseboard management
host unit
unit
Prior art date
Application number
TW108131801A
Other languages
Chinese (zh)
Other versions
TW202111576A (en
Inventor
欣 陳
金龍 李
Original Assignee
神雲科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 神雲科技股份有限公司 filed Critical 神雲科技股份有限公司
Priority to TW108131801A priority Critical patent/TWI726406B/en
Publication of TW202111576A publication Critical patent/TW202111576A/en
Application granted granted Critical
Publication of TWI726406B publication Critical patent/TWI726406B/en

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

An authentication method is implemented by a host unit of a computer system. The computer system further includes a baseboard management controller (BMC). The authentication method includes steps of: the host unit sending to BMC a request for BMC signature; the host unit receiving BMC signature data from the BMC; the host unit determining whether the received BMC signature data is authentic based on a BMC public key stored in the host unit and the received BMC signature data; and the host unit allowing the BMC to access the host unit when it is determined that the BMC signature data is authentic.

Description

認證方法Authentication method

本發明是有關於一種認證方法,特別是指一種用於基板管理控制系統的認證方法。The present invention relates to an authentication method, in particular to an authentication method used in a substrate management control system.

現有的電腦系統通常包括一基板管理控制系統(baseboard management controller system,簡稱BMC)來監看該電腦系統的運作狀況,其中,BMC可監控設置於電腦系統上之感測器所感測到之感測值是否異常,並紀錄異常狀態,透過BMC也可控制電腦系統重置及發佈電源重啟。在某些電腦系統中,透過BMC還可更新系統韌體,如BIOS或U-Boot。關於BMC的安全性議題日益受到關注,若駭客透過BMC攻擊電腦系統,來竄改運行於電腦系統中的韌體,將使得電腦系統暴露在極大的風險與威脅之中。另一方面,雖然電腦系統中的主機板開機時,統一可延伸韌體介面(Unified Extensible Firmware Interface;UEFI)中有設置一安全開機(Secure Boot)的安全機制,在開機的時候,會依據主機板硬體廠商預先載入在主機板內的一組憑證來識別啟動的作業系統是否為可信任的,如果不是,就不能開機,然而,此安全機制僅能識別該作業系統是否為可信任,安全性上的防護相當有限。若電腦系統遭受駭客攻擊,不僅電腦系統的安全型堪慮,BMC恐也會跟著遭殃,故如何提升電腦系統的安全性是一亟待解決的課題。Existing computer systems usually include a baseboard management controller system (BMC) to monitor the operating status of the computer system. Among them, the BMC can monitor the sensors set on the computer system. Whether the value is abnormal, and record the abnormal state, through the BMC can also control the computer system reset and issue power restart. In some computer systems, the system firmware, such as BIOS or U-Boot, can also be updated through the BMC. The security issue of BMC is getting more and more attention. If hackers use BMC to attack the computer system to tamper with the firmware running on the computer system, the computer system will be exposed to great risks and threats. On the other hand, although the motherboard in the computer system is booted, there is a Secure Boot (Secure Boot) security mechanism in the Unified Extensible Firmware Interface (UEFI). The board hardware manufacturer pre-loads a set of certificates in the motherboard to identify whether the booted operating system is trustworthy. If it is not, it cannot be booted. However, this security mechanism can only identify whether the operating system is trustworthy. Security protection is quite limited. If the computer system is attacked by hackers, not only the security of the computer system is worrying, but the BMC may also suffer. Therefore, how to improve the security of the computer system is an urgent issue to be solved.

因此,本發明的一目的,即在提供一種提升電腦系統之安全性的認證方法。Therefore, an object of the present invention is to provide an authentication method that improves the security of a computer system.

於是,本發明認證方法,適用於認證一電腦系統所包含的一基板管理控制器,並藉由該電腦系統所包含之一電連接該基板管理控制器的主機單元來實施,該主機單元儲存有一相關於一特定基板管理控制器的參考基板端公鑰,該認證方法包含以下步驟:Therefore, the authentication method of the present invention is suitable for authenticating a baseboard management controller included in a computer system, and is implemented by a host unit included in the computer system that is electrically connected to the baseboard management controller, and the host unit stores a Related to the reference board-side public key of a specific board management controller, the authentication method includes the following steps:

(A)該主機單元傳送一相關於該基板管理控制器的基板端簽章請求至該基板管理控制器;(A) The host unit transmits a substrate end signature request related to the baseboard management controller to the baseboard management controller;

(B)在該主機單元獲得來自該基板管理控制器回應於該基板端簽章請求的基板端簽章資料後,該主機單元根據該參考基板端公鑰及該基板端簽章資料,認證該基板管理控制器是否為該特定基板管理控制器;及(B) After the host unit obtains the substrate-side signature data from the substrate management controller in response to the substrate-side signature request, the host unit authenticates the substrate based on the reference substrate-side public key and the substrate-side signature data Whether the baseboard management controller is the specific baseboard management controller; and

(C)當該主機單元認證出該基板管理控制器即為該特定基板管理控制器時,該主機單元允許該基板管理控制器存取該主機單元。(C) When the host unit authenticates that the baseboard management controller is the specific baseboard management controller, the host unit allows the baseboard management controller to access the host unit.

本發明的另一目的,即在提供一種提升電腦系統之安全性的認證方法。Another object of the present invention is to provide an authentication method that improves the security of the computer system.

於是,本發明認證方法,適用於認證一電腦系統所包含的一主機單元,並藉由該電腦系統所包含之一電連接該主機單元的基板管理控制器來實施,該基板管理控制器儲存有一相關於一特定主機端的參考主機端公鑰,該認證方法包含以下步驟:Therefore, the authentication method of the present invention is suitable for authenticating a host unit included in a computer system, and is implemented by a baseboard management controller included in the computer system that is electrically connected to the host unit, and the baseboard management controller stores a Related to the reference host public key of a specific host, the authentication method includes the following steps:

(A)該基板管理控制器傳送一相關於該主機單元的主機端簽章請求至該主機單元;(A) The baseboard management controller transmits a host-side signature request related to the host unit to the host unit;

(B)在該基板管理控制器獲得來自該主機單元回應於該主機端簽章請求的主機端簽章資料後,該基板管理控制器根據該參考主機端公鑰及該主機端簽章資料,認證該主機單元是否為該特定主機端;及(B) After the baseboard management controller obtains the host-side signature data from the host unit in response to the host-side signature request, the baseboard management controller uses the reference host-side public key and the host-side signature data, Authenticate whether the host unit is the specific host; and

(C)當該基板管理控制器認證出認證該主機單元是否為該特定主機端時,該基板管理控制器允許該主機單元存取該基板管理控制器。(C) When the baseboard management controller authenticates whether the host unit is the specific host end, the baseboard management controller allows the host unit to access the baseboard management controller.

本發明的功效在於:藉由該主機單元根據該參考基板端公鑰及該基板端簽章資料,認證該基板管理控制器是否為該特定基板管理控制器,且在該主機單元成功認證該基板管理控制器後,該主機單元才允許該基板管理控制器存取該主機單元,藉此,可提升該基板管理控制器及該主機單元間通訊的安全性,進而提升電腦系統的安全性。The effect of the present invention is that the host unit authenticates whether the baseboard management controller is the specific baseboard management controller according to the reference substrate end public key and the substrate end signature data, and the host unit successfully authenticates the substrate After the controller is managed, the host unit allows the baseboard management controller to access the host unit, thereby improving the security of the communication between the baseboard management controller and the host unit, thereby enhancing the security of the computer system.

參閱圖1,本發明認證方法的實施例,藉由一電腦系統1來實施,該電腦系統1包含一主機單元2及一電連接該主機單元2的基板管理控制器3。Referring to FIG. 1, an embodiment of the authentication method of the present invention is implemented by a computer system 1 which includes a host unit 2 and a baseboard management controller 3 electrically connected to the host unit 2.

該主機單元2包含一處理模組21、一電連接該處理模組21的儲存模組22,及一受控於該處理模組21而用於控制該儲存模組22與該基板管理控制器3間之寫入權限的開關23,該儲存模組22儲存有一相關於一特定基板管理控制器的參考基板端公鑰222、一由該處理模組21運行之基本輸入輸出系統程式223,及與該主機單元2所運行之基本輸入輸出系統程式223(Basic Input/Output System,簡稱BIOS)之一部分程式片段相關的一主機端數位簽章224,該主機端數位簽章224係藉由將該部分程式片段進行一如,MD5訊息摘要演算法之雜湊運算而獲得一檢查碼,並將該檢查碼透過一主機端私鑰加密而獲得。其中,該處理模組21,例如可為一中央處理單元(Center Processing Unit,簡稱CPU),該儲存模組22例如可為一BIOS 晶片。在本實施例中,該主機端數位簽章224係藉由將經雜湊運算的該部分程式片段加密而獲得;然而;在其他實施例中,也可藉由將該部分程式片段,與BIOS標頭(header)、BIOS供應商之簽章、BIOS版本、BIOS大小、及相關於該部分程式片段的記憶體位址之至少一者進行該雜湊運算來獲得對應的檢查碼,接著,將所獲得之檢查碼透過該主機端私鑰(圖未示)加密而獲得該主機端數位簽章224,並不以此為限。The host unit 2 includes a processing module 21, a storage module 22 electrically connected to the processing module 21, and a storage module 22 controlled by the processing module 21 for controlling the storage module 22 and the baseboard management controller A switch 23 with 3 write permissions. The storage module 22 stores a reference board-side public key 222 related to a specific board management controller, a basic input output system program 223 run by the processing module 21, and A host-side digital signature 224 related to a part of the basic input/output system program 223 (Basic Input/Output System, referred to as BIOS) run by the host unit 2 Part of the program fragments perform the same hash operation of the MD5 message digest algorithm to obtain a check code, and the check code is obtained through a host-side private key encryption. The processing module 21 may be, for example, a central processing unit (Center Processing Unit, CPU for short), and the storage module 22 may be, for example, a BIOS chip. In this embodiment, the host-side digital signature 224 is obtained by encrypting the part of the program fragment that has been hashed; however, in other embodiments, the part of the program fragment may be combined with the BIOS label. At least one of the header, the signature of the BIOS vendor, the BIOS version, the size of the BIOS, and the memory address related to the part of the program fragment performs the hash operation to obtain the corresponding check code, and then the obtained The check code is encrypted with the host-side private key (not shown) to obtain the host-side digital signature 224, and it is not limited to this.

該基板管理控制器3包含一處理單元31、一電連接該處理單元31的儲存單元32,及一受控於該處理單元31而用於控制該儲存單元32與該主機單元2間之寫入權限的開關33。該儲存單元32儲存有一相關於一特定主機端的參考主機端公鑰321、一由該處理單元31運行之韌體322,及與該基板管理控制器3所運行之韌體322之一部分韌體片段相關的一基板端數位簽章323,該基板端數位簽章323係藉由將該部分韌體片段進行如,MD5訊息摘要演算法之該雜湊運算而獲得另一檢查碼,並將該另一檢查碼透過一基板端私鑰(圖未示)加密而獲得。在本實施例中,該基板端數位簽章323係藉由將經雜湊運算的該部分韌體片段加密而獲得;然而;在其他實施例中,也可藉由將該部分韌體片段,與韌體標頭、韌體供應商之簽章、韌體版本、韌體大小、及相關於該部分韌體片段的記憶體位址之至少一者進行該雜湊運算來獲得對應的檢查碼,接著,將所獲得之檢查碼透過該基板端私鑰加密而獲得該基板端數位簽章323,並不以此為限。The baseboard management controller 3 includes a processing unit 31, a storage unit 32 electrically connected to the processing unit 31, and a storage unit 32 controlled by the processing unit 31 for controlling the writing between the storage unit 32 and the host unit 2 Permission switch 33. The storage unit 32 stores a reference host-side public key 321 related to a specific host-side, a firmware 322 run by the processing unit 31, and a partial firmware fragment of the firmware 322 run by the baseboard management controller 3 A related board-side digital signature 323, the board-side digital signature 323 is obtained by performing the hash operation of the part of the firmware segment, such as the MD5 message digest algorithm, to obtain another check code. The check code is obtained through encryption with a board-side private key (not shown). In this embodiment, the substrate-side digital signature 323 is obtained by encrypting the part of the firmware segment that has been hashed; however, in other embodiments, the part of the firmware segment can also be combined with At least one of the firmware header, the signature of the firmware vendor, the firmware version, the firmware size, and the memory address related to the part of the firmware segment performs the hash operation to obtain the corresponding check code, and then, Encrypting the obtained check code through the substrate-side private key to obtain the substrate-side digital signature 323 is not limited to this.

參閱圖1、圖2與圖4,本發明認證方法的實施例係藉由該主機單元2與該基板管理控制器3執行所對應的基本輸入輸出系統程式223與韌體322來實現,並包含以下步驟。1, 2 and 4, the embodiment of the authentication method of the present invention is implemented by the host unit 2 and the baseboard management controller 3 executing the corresponding basic input output system program 223 and firmware 322, and includes The following steps.

在步驟201中,該主機單元2之處理模組21傳送一相關於該基板管理控制器3的基板端簽章請求至該基板管理控制器3。In step 201, the processing module 21 of the host unit 2 transmits a substrate end signature request related to the substrate management controller 3 to the substrate management controller 3.

在步驟202中,在該基板管理控制器3之處理單元31接收到該基板端簽章請求後,該基板管理控制器3之處理單元31回應於該基板端簽章請求,根據儲存於該儲存單元32之基板端數位簽章323及韌體322,產生包含該基板端數位簽章323,及與該部分韌體片段相關之一基板端明文資料的該基板端簽章資料,並傳送該基板端簽章資料至該主機單元2。值得一提的是,在本實施例中,由於該基板端數位簽章323所對應的檢查碼係根據該部分韌體片段而獲得,故該基板端明文資料僅包含該部分韌體片段;然而,在該基板端數位簽章323所對應之檢查碼係根據該部分韌體片段,與韌體供應商之簽章、韌體版本、韌體大小、及相關於該部分韌體片段的記憶體位址之至少一者而獲得的情況下,該基板端明文資料除了包含該部分韌體片段外,還須包含與韌體供應商之簽章、韌體版本、韌體大小、及相關於該部分韌體片段的記憶體位址之至少一者。此外,在本實施例中,該基板管理控制器3之處理單元31係透過智慧平台管理介面(Intelligent Platform Management Interface,簡稱IPMI)傳送該基板端簽章資料至該主機單元2。In step 202, after the processing unit 31 of the substrate management controller 3 receives the substrate-side signature request, the processing unit 31 of the substrate management controller 3 responds to the substrate-side signature request according to the storage The substrate-side digital signature 323 and firmware 322 of the unit 32 generate the substrate-side signature data including the substrate-side digital signature 323 and a substrate-side plaintext data related to the part of the firmware segment, and transmit the substrate End signature data to the host unit 2. It is worth mentioning that, in this embodiment, since the check code corresponding to the digital signature 323 on the substrate side is obtained based on the part of the firmware segment, the plaintext data on the substrate side only includes the part of the firmware segment; however, , The check code corresponding to the digital signature 323 on the board end is based on the part of the firmware segment, and the signature of the firmware supplier, the firmware version, the firmware size, and the memory location related to the part of the firmware segment In the case of obtaining at least one of the address, the plaintext data of the board end must include the signature of the firmware supplier, the firmware version, the firmware size, and the related part in addition to the part of the firmware fragment. At least one of the memory addresses of the firmware segment. In addition, in this embodiment, the processing unit 31 of the baseboard management controller 3 transmits the baseboard end signature data to the host unit 2 through an Intelligent Platform Management Interface (IPMI).

在步驟203中,該主機單元2之處理模組21判定在一第一預定時間區間內是否有收到回應於該基板端簽章請求的基板端簽章資料。當該主機單元2之處理模組21判定在該第一預定時間區間內未收到該基板端簽章資料時,該主機單元2之處理模組21回到步驟201;當該主機單元2之處理模組21判定在該第一預定時間區間內有收到該基板端簽章資料時,該主機單元2之處理模組21進行步驟204。In step 203, the processing module 21 of the host unit 2 determines whether the substrate-side signature data in response to the substrate-side signature request is received within a first predetermined time interval. When the processing module 21 of the host unit 2 determines that the substrate end signature data is not received within the first predetermined time interval, the processing module 21 of the host unit 2 returns to step 201; When the processing module 21 determines that the substrate end signature data is received within the first predetermined time interval, the processing module 21 of the host unit 2 proceeds to step 204.

在步驟204中,在該主機單元2之處理模組21獲得回應於該基板端簽章請求的基板端簽章資料後,該主機單元2之處理模組21根據該參考基板端公鑰222及該基板端簽章資料,認證該基板管理控制器3是否為該特定基板管理控制器。當該主機單元2之處理模組21認證出該基板管理控制器3不為該特定基板管理控制器時,流程進行步驟205;當該主機單元2之處理模組21認證出該基板管理控制器3為該特定基板管理控制器3時,流程進行步驟206。In step 204, after the processing module 21 of the host unit 2 obtains the substrate-side signature data in response to the substrate-side signature request, the processing module 21 of the host unit 2 uses the reference substrate-side public key 222 and The substrate end signature data verifies whether the substrate management controller 3 is the specific substrate management controller. When the processing module 21 of the host unit 2 authenticates that the baseboard management controller 3 is not the specific baseboard management controller, the process proceeds to step 205; when the processing module 21 of the host unit 2 authenticates the baseboard management controller When 3 is the specific baseboard management controller 3, the flow proceeds to step 206.

在步驟205中,該主機單元2之處理模組21控制該主機單元2之開關23不導通,以阻止該基板管理控制器3對該主機單元2之儲存模組22進行寫入。In step 205, the processing module 21 of the host unit 2 controls the switch 23 of the host unit 2 to be turned off, so as to prevent the baseboard management controller 3 from writing to the storage module 22 of the host unit 2.

在步驟206中,該主機單元2之處理模組21控制該主機單元2之開關23導通,以允許該基板管理控制器3對該主機單元2之儲存模組22進行寫入,並傳送一認證成功通知至該基板管理控制器3。在其他實施方式中,該主機單元2不僅允許該基板管理控制器3對該主機單元2之儲存模組22進行寫入,還允許該基板管理控制器3控制該主機單元2,且該主機單元2還可回應於該基板管理控制器3之一操作請求進行相關於該操作請求的操作,亦即,回應於該基板管理控制器3之該操作請求進行包含如,提供該電腦系統1之資訊給該基板管理控制器3,或重新啟動該主機單元2等的操作。In step 206, the processing module 21 of the host unit 2 controls the switch 23 of the host unit 2 to be turned on to allow the baseboard management controller 3 to write to the storage module 22 of the host unit 2 and send an authentication Successfully notify the baseboard management controller 3. In other embodiments, the host unit 2 not only allows the baseboard management controller 3 to write to the storage module 22 of the host unit 2, but also allows the baseboard management controller 3 to control the host unit 2, and the host unit 2 can also respond to an operation request of the baseboard management controller 3 to perform an operation related to the operation request, that is, respond to the operation request of the baseboard management controller 3 to include, for example, provide information about the computer system 1 Give the baseboard management controller 3, or restart the operation of the host unit 2, etc.

參閱圖1與圖3,值得一提的是,步驟204包含以下子步驟。1 and 3, it is worth mentioning that step 204 includes the following sub-steps.

在子步驟241中,該主機單元2之處理模組21根據該基板端明文資料進行該雜湊運算以獲得一檢查碼資料,並透過該參考基板端公鑰222解密該基板端數位簽章323以獲得一待比對檢查碼。In sub-step 241, the processing module 21 of the host unit 2 performs the hash operation according to the plaintext data on the substrate side to obtain a check code data, and decrypts the substrate side digital signature 323 with the reference substrate side public key 222 Obtain a check code to be compared.

在子步驟242中,該主機單元2之處理模組21判定該檢查碼資料是否相符於該待比對檢查碼,以認證該基板管理控制器3是否為該特定基板管理控制器3。當該主機單元2之處理模組21判定出該檢查碼資料不符合該待比對檢查碼時,該基板管理控制器3被認證成不為該特定基板管理控制器3;當該主機單元2之處理模組21判定出該檢查碼資料相符於該待比對檢查碼時,該基板管理控制器3被認證為該特定基板管理控制器3。In sub-step 242, the processing module 21 of the host unit 2 determines whether the check code data matches the check code to be compared to verify whether the baseboard management controller 3 is the specific baseboard management controller 3. When the processing module 21 of the host unit 2 determines that the check code data does not match the check code to be compared, the baseboard management controller 3 is authenticated as not the specific baseboard management controller 3; when the host unit 2 When the processing module 21 determines that the check code data matches the check code to be compared, the baseboard management controller 3 is authenticated as the specific baseboard management controller 3.

繼續參閱圖1、圖2與圖4,在步驟207中,該基板管理控制器3之處理單元31判定在一第二預定時間區間內是否有收到來自該主機單元2之認證成功通知。當該基板管理控制器3之處理單元31判定在該第二預定時間區間內未收到該認證成功通知時,該基板管理控制器3之處理單元31進行步驟208;當該基板管理控制器3之處理單元31判定在該第二預定時間區間內有收到該認證成功通知時,該基板管理控制器3之處理單元31進行步驟209。Continuing to refer to FIGS. 1, 2 and 4, in step 207, the processing unit 31 of the baseboard management controller 3 determines whether an authentication success notification from the host unit 2 is received within a second predetermined time interval. When the processing unit 31 of the substrate management controller 3 determines that the authentication success notification is not received within the second predetermined time interval, the processing unit 31 of the substrate management controller 3 proceeds to step 208; when the substrate management controller 3 When the processing unit 31 determines that the authentication success notification is received within the second predetermined time interval, the processing unit 31 of the baseboard management controller 3 proceeds to step 209.

在步驟208中,該基板管理控制器3之處理單元31等待再次接收到該基板端簽章請求,並在收到該基板端簽章請求後回到步驟202。In step 208, the processing unit 31 of the substrate management controller 3 waits to receive the substrate-side signature request again, and returns to step 202 after receiving the substrate-side signature request.

在步驟209中,該基板管理控制器3之處理單元31傳送一相關於該主機單元2的主機端簽章請求至該主機單元2。In step 209, the processing unit 31 of the baseboard management controller 3 transmits a host-side signature request related to the host unit 2 to the host unit 2.

在步驟210中,該主機單元2之處理模組21判定在一第三預定時間區間內是否有收到來自該基板管理控制器3的該主機端簽章請求。當該主機單元2之處理模組21判定在該第三預定時間區間內未收到該主機端簽章請求時,該主機單元2之處理模組21回到步驟201;當該主機單元2之處理模組21判定在該第三預定時間區間內有收到該主機端簽章請求時,該主機單元2之處理模組21進行步驟211。In step 210, the processing module 21 of the host unit 2 determines whether the host side signature request from the baseboard management controller 3 is received within a third predetermined time interval. When the processing module 21 of the host unit 2 determines that the host end signature request is not received within the third predetermined time interval, the processing module 21 of the host unit 2 returns to step 201; When the processing module 21 determines that the host side signature request is received within the third predetermined time interval, the processing module 21 of the host unit 2 proceeds to step 211.

在步驟211中,在該主機單元2之處理模組21接收到該主機端簽章請求後,該主機單元2之處理模組21回應於該主機端簽章請求,根據儲存於該儲存模組22之主機端數位簽章224及基本輸入輸出系統程式223,產生包含該主機端數位簽章224,及與該部分程式片段相關之一主機端明文資料的該主機端簽章資料,並傳送該主機端簽章資料至該基板管理控制器3。值得一提的是,在本實施例中,由於該主機端數位簽章224所對應的檢查碼係根據該部分程式片段而獲得,故該主機端明文資料僅包含該部分程式片段;然而,在該主機端數位簽章224所對應之檢查碼係根據該部分程式片段,與BIOS供應商之簽章、BIOS版本、BIOS大小、及相關於該部分程式片段的記憶體位址之至少一者而獲得的情況下,該主機端明文資料除了包含該部分程式片段外,還須包含與BIOS供應商之簽章、BIOS版本、BIOS大小、及相關於該部分程式片段的記憶體位址之至少一者。此外,在本實施例中,該主機單元2之處理模組21係透過智慧平台管理介面(Intelligent Platform Management Interface,簡稱IPMI)傳送該主機端簽章資料至該基板管理控制器3。In step 211, after the processing module 21 of the host unit 2 receives the host-side signing request, the processing module 21 of the host unit 2 responds to the host-side signing request according to the data stored in the storage module 22 host-side digital signature 224 and basic input output system program 223, generate the host-side signature data including the host-side digital signature 224 and a host-side plaintext data related to the part of the program fragment, and send the The host side signs the data to the baseboard management controller 3. It is worth mentioning that in this embodiment, since the check code corresponding to the host-side digital signature 224 is obtained based on the part of the program fragment, the host-side plaintext data only includes the part of the program fragment; however, The check code corresponding to the host-side digital signature 224 is obtained based on the part of the program fragment, and at least one of the BIOS vendor's signature, BIOS version, BIOS size, and the memory address related to the part of the program fragment In the case of, in addition to the part of the program fragment, the host-side plaintext data must also include at least one of the signature with the BIOS vendor, the BIOS version, the BIOS size, and the memory address related to the part of the program fragment. In addition, in this embodiment, the processing module 21 of the host unit 2 transmits the host-side signature data to the baseboard management controller 3 through an Intelligent Platform Management Interface (IPMI).

在步驟212中,該基板管理控制器3之處理單元31判定在一第四預定時間區間內是否有收到來自該主機單元2之主機端簽章資料。當該基板管理控制器3之處理單元31判定在該第四預定時間區間內未收到該主機端簽章資料時,該基板管理控制器3之處理單元31回到步驟209;當該基板管理控制器3之處理單元31判定在該第四預定時間區間內有收到該主機端簽章資料時,該基板管理控制器3之處理單元31進行步驟213。In step 212, the processing unit 31 of the baseboard management controller 3 determines whether the host side signature data from the host unit 2 is received within a fourth predetermined time interval. When the processing unit 31 of the substrate management controller 3 determines that the host side signature data is not received within the fourth predetermined time interval, the processing unit 31 of the substrate management controller 3 returns to step 209; when the substrate management When the processing unit 31 of the controller 3 determines that the host-side signature data is received within the fourth predetermined time interval, the processing unit 31 of the baseboard management controller 3 proceeds to step 213.

在步驟213中,在該基板管理控制器3之處理單元31獲得回應於該主機端簽章請求的主機端簽章資料後,該基板管理控制器3之處理單元31根據該參考主機端公鑰321及該主機端簽章資料,認證該主機單元2是否為該特定主機端。當該基板管理控制器3之處理單元31認證出該主機單元2不為該特定主機端時,流程進行步驟214;當該基板管理控制器3之處理單元31認證出該主機單元2為該特定主機端時,流程進行步驟215。In step 213, after the processing unit 31 of the baseboard management controller 3 obtains the host-side signature data in response to the host-side signature request, the processing unit 31 of the baseboard management controller 3 according to the reference host-side public key 321 and the host side signature data to verify whether the host unit 2 is the specific host side. When the processing unit 31 of the baseboard management controller 3 authenticates that the host unit 2 is not the specific host, the process proceeds to step 214; when the processing unit 31 of the baseboard management controller 3 authenticates that the host unit 2 is the specific host On the host side, the process proceeds to step 215.

在步驟214中,該基板管理控制器3之處理單元31控制該基板管理控制器3之開關23不導通,以阻止該主機單元2對該基板管理控制器3之儲存單元32進行寫入。In step 214, the processing unit 31 of the baseboard management controller 3 controls the switch 23 of the baseboard management controller 3 to be turned off, so as to prevent the host unit 2 from writing to the storage unit 32 of the baseboard management controller 3.

在步驟215中,該基板管理控制器3之處理單元31控制該基板管理控制器3之開關23導通,以允許該主機單元2對該基板管理控制器3之儲存單元32進行寫入,並傳送另一認證成功通知至該主機單元2。在其他實施方式中,該基板管理控制器3不僅允許該主機單元2對該基板管理控制器3之儲存單元32進行寫入,還允許接收該主機單元2的資料請求以回報與該主機單元2相關的資料,並允許該主機單元2更新該基板管理控制器3之儲存單元32所儲存的韌體322,且該基板管理控制器3還可回應於該主機單元2之一操作請求進行相關於該操作請求的操作,亦即,回應於該主機單元2之該操作請求進行包含如,自一外部儲存模組取得一檔案,或重新啟動該基板管理控制器3等的操作。In step 215, the processing unit 31 of the baseboard management controller 3 controls the switch 23 of the baseboard management controller 3 to be turned on to allow the host unit 2 to write to the storage unit 32 of the baseboard management controller 3 and transmit The host unit 2 is notified of another successful authentication. In other embodiments, the baseboard management controller 3 not only allows the host unit 2 to write to the storage unit 32 of the baseboard management controller 3, but also allows the host unit 2 to receive data requests to report back to the host unit 2 Related data, and allow the host unit 2 to update the firmware 322 stored in the storage unit 32 of the baseboard management controller 3, and the baseboard management controller 3 can also respond to an operation request of the host unit 2 to perform related The operation of the operation request, that is, in response to the operation request of the host unit 2 to perform operations including, for example, obtaining a file from an external storage module, or restarting the baseboard management controller 3, etc.

參閱圖1與圖5,值得一提的是,步驟213包含以下子步驟。1 and 5, it is worth mentioning that step 213 includes the following sub-steps.

在子步驟231中,該基板管理控制器3之處理單元31根據該主機端明文資料進行該雜湊運算以獲得另一檢查碼資料,並透過該參考主機端公鑰321解密該主機端數位簽章224以獲得另一待比對檢查碼。In sub-step 231, the processing unit 31 of the baseboard management controller 3 performs the hash operation according to the host-side plaintext data to obtain another check code data, and decrypts the host-side digital signature through the reference host-side public key 321 224 to obtain another check code to be compared.

在子步驟232中,該基板管理控制器3之處理單元31判定該另一檢查碼資料是否相符於該另一待比對檢查碼,以認證該基板管理控制器3是否為該特定基板管理控制器3。當該基板管理控制器3之處理單元31判定出該另一檢查碼資料不符合該另一待比對檢查碼時,該主機單元2被認證成不為該特定主機端;當該基板管理控制器3之處理單元31判定出該另一檢查碼資料相符於該另一待比對檢查碼時,該主機單元2被認證為該特定主機端。In sub-step 232, the processing unit 31 of the baseboard management controller 3 determines whether the other check code data matches the other check code to be compared to verify whether the baseboard management controller 3 is the specific baseboard management control器3. When the processing unit 31 of the baseboard management controller 3 determines that the other check code data does not match the other check code to be compared, the host unit 2 is authenticated as not the specific host; when the baseboard management controls When the processing unit 31 of the device 3 determines that the other check code data matches the other check code to be compared, the host unit 2 is authenticated as the specific host.

繼續參閱圖1、圖2與圖4,在步驟216中,該主機單元2之處理模組21判定在一第五預定時間區間內是否有收到來自該基板管理控制器3之另一認證成功通知。當該主機單元2之處理模組21判定在該第五預定時間區間內未收到該另一認證成功通知時,該主機單元2之處理模組21進行步驟217;當該主機單元2之處理模組21判定在該第五預定時間區間內有收到該另一認證成功通知時,該基板管理控制器3與該主機單元2雙向認證成功。Continuing to refer to FIGS. 1, 2 and 4, in step 216, the processing module 21 of the host unit 2 determines whether another successful authentication from the baseboard management controller 3 is received within a fifth predetermined time interval Notice. When the processing module 21 of the host unit 2 determines that the another authentication success notification is not received within the fifth predetermined time interval, the processing module 21 of the host unit 2 proceeds to step 217; when the host unit 2 processes When the module 21 determines that the another authentication success notification is received within the fifth predetermined time interval, the bidirectional authentication of the baseboard management controller 3 and the host unit 2 is successful.

值得一提的是,在本實施例中,當該基板管理控制器3與該主機單元2互相認證成功時,即代表該參考基板端公鑰222與該基板端私鑰互為一組金鑰對(Key Pair),且該參考主機端公鑰321與該主機端私鑰也互為一組金鑰對(Key Pair),其中,該參考基板端公鑰222、該基板端私鑰、該參考主機端公鑰321、該主機端私鑰、該基板端數位簽章323及該主機端數位簽章224皆由一可信賴之第三方認證機構利用一硬體安全模組(Hardware security module,簡稱HSM)所提供,該基板端私鑰與該主機端私鑰係由該第三方認證機構所保存,而不對外公開。It is worth mentioning that in this embodiment, when the baseboard management controller 3 and the host unit 2 successfully authenticate each other, it means that the reference baseboard-side public key 222 and the baseboard-side private key are a set of mutual keys. Pair (Key Pair), and the reference host-side public key 321 and the host-side private key are also a set of key pairs (Key Pair), where the reference board-side public key 222, the board-side private key, the Refer to the host-side public key 321, the host-side private key, the board-side digital signature 323, and the host-side digital signature 224. All of them are used by a trusted third-party certification authority using a hardware security module (Hardware security module, (Referred to as HSM), the board-side private key and the host-side private key are kept by the third-party certification authority and not disclosed to the public.

在步驟217中,該主機單元2之處理模組21等待再次接收到該主機端簽章請求,並在收到該主機端簽章請求後回到步驟211。In step 217, the processing module 21 of the host unit 2 waits to receive the host-side signature request again, and returns to step 211 after receiving the host-side signature request.

值得一提的是,每當該電腦系統1初次開機、該主機單元2重新啟動,皆會重新執行本發明認證方法之實施例。It is worth mentioning that, whenever the computer system 1 is turned on for the first time and the host unit 2 is restarted, the embodiment of the authentication method of the present invention will be executed again.

綜上所述,本發明認證方法,藉由該主機單元2與該基板管理控制器3彼此進行雙向認證,當該基板管理控制器3被該主機單元2認證成功後才允許該基板管理控制器3存取該主機單元2,相似地,當該主機單元2被該基板管理控制器3認證成功後才允許該主機單元2存取該基板管理控制器3,藉此,可提升該基板管理控制器3及該主機單元2間通訊的安全性,進而提升電腦系統1的安全性,故確實能達成本發明的目的。In summary, the authentication method of the present invention uses the host unit 2 and the baseboard management controller 3 to mutually authenticate each other, and only allows the baseboard management controller 3 to be authenticated by the host unit 2 successfully. 3 Access the host unit 2. Similarly, the host unit 2 is allowed to access the baseboard management controller 3 only after the host unit 2 is successfully authenticated by the baseboard management controller 3, thereby improving the baseboard management control The security of the communication between the device 3 and the host unit 2 further enhances the security of the computer system 1, so it can indeed achieve the purpose of the invention.

惟以上所述者,僅為本發明的實施例而已,當不能以此限定本發明實施的範圍,凡是依本發明申請專利範圍及專利說明書內容所作的簡單的等效變化與修飾,皆仍屬本發明專利涵蓋的範圍內。However, the above are only examples of the present invention. When the scope of implementation of the present invention cannot be limited by this, all simple equivalent changes and modifications made in accordance with the scope of the patent application of the present invention and the content of the patent specification still belong to Within the scope covered by the patent of the present invention.

1········ 電腦系統 2········ 主機單元 21······· 處理模組 22······· 儲存模組 222····· 參考基板端公鑰 223····· 基本輸入輸出系統程式 224····· 主機端數位簽章 23······· 開關 3········ 基板管理控制器 31······· 處理單元 32······· 儲存單元 321····· 參考主機端公鑰 322····· 韌體 323····· 基板端數位簽章 33······· 開關 201~217 步驟 231~232 子步驟 241~242 子步驟 1········Computer System 2········ Main unit 21·······Processing Module 22······· Storage Module 222····· Reference board public key 223·····Basic Input Output System Program 224····· Host-side digital signature 23······· Switch 3········ Baseboard Management Controller 31·······Processing Unit 32······· Storage Unit 321····· Refer to the host-side public key 322····· Firmware 323····· Digital Signature on Board Side 33······· Switch 201~217 steps 231~232 sub-step 241~242 sub-steps   To

本發明的其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中: 圖1是一方塊圖,說明實施本發明認證方法之實施例的一電腦系統; 圖2是一流程圖,說明本發明認證方法之實施例的一基板管理控制器認證程序 圖3是一流程圖,說明一主機單元如何認證一基板管理控制器的細部流程; 圖4是一流程圖,說明本發明認證方法之實施例的一主機單元認證程序;及 圖5是一流程圖,說明該基板管理控制器如何認證該主機單元的細部流程。 Other features and effects of the present invention will be clearly presented in the embodiments with reference to the drawings, in which: Figure 1 is a block diagram illustrating a computer system implementing an embodiment of the authentication method of the present invention; Figure 2 is a flowchart illustrating a baseboard management controller authentication procedure of an embodiment of the authentication method of the present invention Figure 3 is a flowchart illustrating the detailed process of how a host unit authenticates a baseboard management controller; FIG. 4 is a flowchart illustrating a host unit authentication procedure of an embodiment of the authentication method of the present invention; and Fig. 5 is a flowchart illustrating the detailed process of how the baseboard management controller authenticates the host unit.

201~209···· 步驟 201~209····Steps

Claims (12)

一種認證方法,適用於認證一電腦系統所包含的一基板管理控制器,並藉由該電腦系統所包含之一電連接該基板管理控制器的主機單元來實施,該基板管理控制器儲存有一相關於一特定主機端的參考主機端公鑰,該主機單元儲存有一相關於一特定基板管理控制器的參考基板端公鑰,該認證方法包含以下步驟:(A)該主機單元傳送一相關於該基板管理控制器的基板端簽章請求至該基板管理控制器;(B)在該主機單元獲得回應於該基板端簽章請求的基板端簽章資料後,該主機單元根據該參考基板端公鑰及該基板端簽章資料,認證該基板管理控制器是否為該特定基板管理控制器;(C)當該主機單元認證出該基板管理控制器即為該特定基板管理控制器時,該主機單元傳送一認證成功通知至該基板管理控制器並允許該基板管理控制器存取該主機單元;(D)在該主機單元接收到一來自該基板管理控制器且相關於該主機單元的主機端簽章請求後,該主機單元回應於該主機端簽章請求傳送主機端簽章資料至該基板管理控制器,以致該基板管理控制器根據該參考主機端公鑰及該主機端簽章資料,認證該主機單元是否為該特定主機端;及(E)在該主機單元接收到一來自該基板管理控制器的 認證成功通知後,該主機單元即可存取該基板管理控制器。 An authentication method is suitable for authenticating a baseboard management controller included in a computer system, and is implemented by a host unit included in the computer system that is electrically connected to the baseboard management controller, and the baseboard management controller stores a related A reference host-side public key at a specific host side, the host unit stores a reference board-side public key related to a specific baseboard management controller, the authentication method includes the following steps: (A) the host unit transmits a reference board-side public key related to the board The board end signing request of the management controller is sent to the board management controller; (B) After the host unit obtains the board end signing data in response to the board end signing request, the host unit according to the reference board end public key And the baseboard end signature data to verify whether the baseboard management controller is the specific baseboard management controller; (C) when the host unit authenticates that the baseboard management controller is the specific baseboard management controller, the host unit Send an authentication success notification to the baseboard management controller and allow the baseboard management controller to access the host unit; (D) receive a host end signature from the baseboard management controller and related to the host unit in the host unit After the chapter request, the host unit sends the host-side signature data to the baseboard management controller in response to the host-side signature request, so that the baseboard management controller authenticates according to the reference host-side public key and the host-side signature data Whether the host unit is the specific host; and (E) receiving a message from the baseboard management controller in the host unit After the authentication success notification, the host unit can access the baseboard management controller. 如請求項1所述的認證方法,其中,步驟(B)包含以下子步驟:(B-1)該基板端簽章資料包含與該基板管理控制器所運行之韌體之一部分韌體片段相關的一基板端數位簽章,及與該部分韌體片段相關的一基板端明文資料,該基板端數位簽章係藉由將該部分韌體片段進行一雜湊運算而獲得一檢查碼,並將該檢查碼透過一基板端私鑰加密而獲得,該主機單元係根據該基板端明文資料進行該雜湊運算以獲得一檢查碼資料,並透過該參考基板端公鑰解密該基板端數位簽章以獲得一待比對檢查碼;(B-2)該主機單元藉由判定該檢查碼資料是否相符於該待比對檢查碼,以認證該基板管理控制器是否為該特定基板管理控制器。 The authentication method according to claim 1, wherein step (B) includes the following sub-steps: (B-1) the board end signature data includes a part of the firmware segment related to the firmware run by the board management controller A digital signature of the substrate end of the, and a plaintext data of the substrate end related to the part of the firmware segment. The digital signature of the substrate end is obtained by performing a hash operation on the part of the firmware segment to obtain a check code. The check code is obtained by encrypting with a board-side private key. The host unit performs the hash operation based on the board-side plaintext data to obtain a check code data, and decrypts the board-side digital signature with the reference board-side public key. Obtain a check code to be compared; (B-2) The host unit verifies whether the baseboard management controller is the specific baseboard management controller by determining whether the check code data matches the check code to be compared. 如請求項1所述的認證方法,該主機單元包含一處理模組、一電連接該處理模組的儲存模組,及一受控於該處理模組而用於控制該儲存模組與該基板管理控制器間之寫入權限的開關,該儲存模組還儲存有一基本輸入輸出系統程式,其中,在該步驟(C)中,當該主機單元認證出該基板管理控制器即為該特定基板管理控制器時,該主機單元之處理模組控制該開關導通,以允許該基板管理控制器對該儲存模組進行寫入。 According to the authentication method of claim 1, the host unit includes a processing module, a storage module electrically connected to the processing module, and a storage module controlled by the processing module for controlling the storage module and the The switch of the write permission between the baseboard management controllers, the storage module also stores a basic input output system program, wherein, in this step (C), when the host unit authenticates the baseboard management controller as the specific When the baseboard management controller is used, the processing module of the host unit controls the switch to be turned on to allow the baseboard management controller to write to the storage module. 如請求項1所述的認證方法,在步驟(D)中,該主機端簽 章資料包含與該主機單元所運行之基本輸入輸出系統程式之一部分程式片段相關的一主機端數位簽章,及與該部分程式片段相關的一主機端明文資料,該主機端數位簽章係藉由將該部分程式片段進行一雜湊運算而獲得一檢查碼,並將該檢查碼透過一主機端私鑰加密而獲得。 In the authentication method described in claim 1, in step (D), the host signs The chapter data includes a host-side digital signature related to a part of the program segment of the basic input output system program run by the host unit, and a host-side plaintext data related to the part of the program segment, and the host-side digital signature is borrowed A check code is obtained by performing a hash operation on the partial program fragments, and the check code is obtained by encrypting the check code with a host-side private key. 如請求項1所述的認證方法,該基板管理控制器包含一儲存有一由該基板管理控制器運行之韌體的儲存單元,及一受控於該基板管理控制器而用於控制該儲存單元與該主機單元間之寫入權限的開關,其中,在該步驟(E)中,在該主機單元接收到來自該基板管理控制器的該認證成功通知後,該主機單元即可經由導通的該另一開關對該儲存單元進行寫入。 According to the authentication method of claim 1, the baseboard management controller includes a storage unit storing a firmware run by the baseboard management controller, and a storage unit controlled by the baseboard management controller for controlling the storage unit Switching the write authority between the host unit and the host unit, wherein, in the step (E), after the host unit receives the authentication success notification from the baseboard management controller, the host unit can pass through the turned-on The other switch writes to the storage unit. 如請求項1所述的認證方法,在步驟(C)之後還包含以下步驟:(F)該主機單元判定在一預定時間內是否有接收到該主機端簽章請求;及(G)當該主機單元判定出在該預定時間內並未收到該主機端簽章請求時,該主機單元回到步驟(A);其中,當該主機單元判定出在該預定時間內有收到該主機端簽章請求時,進行步驟(D)。 The authentication method as described in claim 1, after step (C), further includes the following steps: (F) the host unit determines whether the host-side signature request is received within a predetermined time; and (G) when the When the host unit determines that it has not received the host-side signature request within the predetermined time, the host unit returns to step (A); wherein, when the host unit determines that the host-side signature request has been received within the predetermined time When signing the request, proceed to step (D). 一種認證方法,適用於認證一電腦系統所包含的一主機單元,並藉由該電腦系統所包含之一電連接該主機單元的基板管理控制器來實施,該主機單元儲存有一相關於一特定基板管理控制器的參考基板端公鑰,該基板管理控制器儲 存有一相關於一特定主機端的參考主機端公鑰,該認證方法包含以下步驟:(A)在該基板管理控制器接收到一來自該主機單元且相關於該基板管理控制器的基板端簽章請求後,該基板管理控制器回應於該基板端簽章請求傳送基板端簽章資料至該主機單元,以致該主機單元根據該參考基板端公鑰及該基板端簽章資料,認證該基板管理控制器是否為該特定基板管理控制器;(B)在該基板管理控制器接收到一來自該主機單元的認證成功通知後,該基板管理控制器被允許存取該主機單元,並傳送一相關於該主機單元的主機端簽章請求至該主機單元;(C)在該基板管理控制器獲得回應於該主機端簽章請求的主機端簽章資料後,該基板管理控制器根據該參考主機端公鑰及該主機端簽章資料,認證該主機單元是否為該特定主機端;及(D)當該基板管理控制器認證出認證該主機單元即為該特定主機端時,該基板管理控制器允許該主機單元存取該基板管理控制器。 An authentication method is suitable for authenticating a host unit included in a computer system, and is implemented by a substrate management controller included in the computer system that is electrically connected to the host unit, and the host unit stores a specific substrate related to The reference baseboard end public key of the management controller, the baseboard management controller stores There is a reference host-side public key related to a specific host-side, and the authentication method includes the following steps: (A) the baseboard management controller receives a baseboard-side signature from the host unit and related to the baseboard management controller After the request, the baseboard management controller transmits the baseboard end signature data to the host unit in response to the baseboard end signature request, so that the host unit authenticates the baseboard management based on the reference baseboard end public key and the baseboard end seal data Whether the controller is the specific baseboard management controller; (B) After the baseboard management controller receives an authentication success notification from the host unit, the baseboard management controller is allowed to access the host unit and send a related The host-side signing request of the host unit is sent to the host unit; (C) after the baseboard management controller obtains the host-side signing data in response to the host-side signing request, the baseboard management controller according to the reference host End public key and the host end signature data to verify whether the host unit is the specific host end; and (D) when the baseboard management controller authenticates that the host unit is the specific host end, the baseboard management control The device allows the host unit to access the baseboard management controller. 如請求項7所述的認證方法,其中,(C-1)該主機端簽章資料包含與該主機單元所運行之基本輸入輸出系統程式之一部分程式片段相關的一主機端數位簽章,及與該部分程式片段相關的一主機端明文資料,該主機端數位簽章係藉由將該部分程式片段進行一雜 湊運算而獲得一檢查碼,並將該檢查碼透過一主機端私鑰加密而獲得,該基板管理控制器係根據該主機端明文資料進行該雜湊運算以獲得一檢查碼資料,並透過該參考主機端公鑰解密該主機端數位簽章以獲得一待比對檢查碼;(C-2)該基板管理控制器藉由判定該檢查碼資料是否相符於該待比對檢查碼,以認證該主機單元是否為該特定主機端。 The authentication method according to claim 7, wherein (C-1) the host-side signature data includes a host-side digital signature related to a part of the basic input output system program run by the host unit, and A host-side plaintext data related to the part of the program fragment. The host-side digital signature is used to perform a miscellaneous operation of the part of the program fragment. A check code is obtained through a summing operation, and the check code is obtained by encrypting a host-side private key. The baseboard management controller performs the hash operation according to the host-side plaintext data to obtain a check code data, and passes the reference The host-side public key decrypts the host-side digital signature to obtain a check code to be compared; (C-2) The baseboard management controller verifies the check code by determining whether the check code data matches the check code to be compared Whether the host unit is the specific host. 如請求項7所述的認證方法,其中,該基板管理控制器包含一儲存有一被該基板管理控制器運行之韌體的儲存單元,及一受控於該基板管理控制器而用於控制該儲存單元與該主機單元間之寫入權限的開關,其中,在該步驟(D)中,當該基板管理控制器認證出該主機單元即為該特定主機端時,該基板管理控制器控制該開關導通,以允許該主機單元對該儲存單元進行寫入。 The authentication method according to claim 7, wherein the baseboard management controller includes a storage unit storing a firmware run by the baseboard management controller, and a storage unit controlled by the baseboard management controller for controlling the The switch of the write authority between the storage unit and the host unit, wherein, in the step (D), when the baseboard management controller authenticates that the host unit is the specific host, the baseboard management controller controls the The switch is turned on to allow the host unit to write to the storage unit. 如請求項7所述的認證方法,該主機單元包含一處理模組、一電連接該處理模組的儲存模組,及一受控於該處理模組而用於控制該儲存模組與該基板管理控制器間之寫入權限的開關,其中,在該步驟(B)中,在該基板管理控制器接收到來自該主機單元的該認證成功通知後,該基板管理控制器即可經由導通的該開關對該儲存模組進行寫入。 According to the authentication method of claim 7, the host unit includes a processing module, a storage module electrically connected to the processing module, and a storage module controlled by the processing module for controlling the storage module and the Switching of the write authority between the baseboard management controllers, wherein, in the step (B), after the baseboard management controller receives the authentication success notification from the host unit, the baseboard management controller can be turned on The switch for writing to the storage module. 如請求項7所述的認證方法,在步驟(A)中,該基板端簽章資料包含與該基板管理控制器所運行之韌體之一部分韌體片段相關的一基板端數位簽章,及與該部分韌體片段相 關的一基板端明文資料,該基板端數位簽章係藉由將該部分韌體片段進行一雜湊運算而獲得一檢查碼,並將該檢查碼透過一基板端私鑰加密而獲得。 According to the authentication method of claim 7, in step (A), the board-side signature data includes a board-side digital signature related to a part of the firmware segment of the firmware run by the board management controller, and Corresponding to this part of the firmware segment A board-side plaintext data related to the board-side digital signature is obtained by performing a hash operation on the part of the firmware segment to obtain a check code, and the check code is obtained by encrypting the board-side private key. 如請求項7所述的認證方法,在步驟(B)之後還包含以下步驟:(E)該基板管理控制器判定在另一預定時間內是否有接收到該主機端簽章資料;及(F)當該基板管理控制器判定出在該另一預定時間內並未收到該主機端簽章資料時,該基板管理控制器回到步驟(B);其中,當該基板管理控制器判定出在該另一預定時間內有收到該主機端簽章資料時,進行步驟(C)。 The authentication method according to claim 7, after step (B), further includes the following steps: (E) the baseboard management controller determines whether the host side signature data is received within another predetermined time; and (F ) When the baseboard management controller determines that the host side signature data has not been received within another predetermined time, the baseboard management controller returns to step (B); wherein, when the baseboard management controller determines When the host side signature data is received within the other predetermined time, step (C) is performed.
TW108131801A 2019-09-04 2019-09-04 Authentication method TWI726406B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW108131801A TWI726406B (en) 2019-09-04 2019-09-04 Authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108131801A TWI726406B (en) 2019-09-04 2019-09-04 Authentication method

Publications (2)

Publication Number Publication Date
TW202111576A TW202111576A (en) 2021-03-16
TWI726406B true TWI726406B (en) 2021-05-01

Family

ID=76035452

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108131801A TWI726406B (en) 2019-09-04 2019-09-04 Authentication method

Country Status (1)

Country Link
TW (1) TWI726406B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109063470A (en) * 2018-07-26 2018-12-21 郑州云海信息技术有限公司 A kind of safe verification method and system of BMC firmware
US10210567B2 (en) * 2012-05-09 2019-02-19 Rackspace Us, Inc. Market-based virtual machine allocation
CN109492352A (en) * 2018-10-09 2019-03-19 华为技术有限公司 A kind of implementation method and device of device identification combine engine

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10210567B2 (en) * 2012-05-09 2019-02-19 Rackspace Us, Inc. Market-based virtual machine allocation
CN109063470A (en) * 2018-07-26 2018-12-21 郑州云海信息技术有限公司 A kind of safe verification method and system of BMC firmware
CN109492352A (en) * 2018-10-09 2019-03-19 华为技术有限公司 A kind of implementation method and device of device identification combine engine

Also Published As

Publication number Publication date
TW202111576A (en) 2021-03-16

Similar Documents

Publication Publication Date Title
US7200758B2 (en) Encapsulation of a TCPA trusted platform module functionality within a server management coprocessor subsystem
US10885197B2 (en) Merging multiple compute nodes with trusted platform modules utilizing authentication protocol with active trusted platform module provisioning
US20190073478A1 (en) Hardware-enforced firmware security
TWI667586B (en) System and method for verifying changes to uefi authenticated variables
EP1805571B1 (en) Verifying binding of an initial trusted device to a secured processing system
US8789037B2 (en) Compatible trust in a computing device
CN107567630B (en) Isolation of trusted input/output devices
US20170085383A1 (en) Trusted support processor authentication of host bios/uefi
US11082214B2 (en) Key generation apparatus and key update method
US11206141B2 (en) Merging multiple compute nodes with trusted platform modules utilizing provisioned node certificates
JP2014505943A (en) System and method for tamper resistant boot processing
US11106798B2 (en) Automatically replacing versions of a key database for secure boots
CN110730159B (en) TrustZone-based secure and trusted hybrid system starting method
US10282549B2 (en) Modifying service operating system of baseboard management controller
US11361067B2 (en) Cross authentication method for computer system security
US20240104213A1 (en) Securing node groups
CN116049825A (en) Managing storage of secrets in memory of baseboard management controller
US11909882B2 (en) Systems and methods to cryptographically verify an identity of an information handling system
US11683172B2 (en) Distributed secure communication system
WO2023179745A1 (en) Trusted verification method and apparatus
US11580225B2 (en) Determine whether to perform action on computing device based on analysis of endorsement information of a security co-processor
TWI726406B (en) Authentication method
US20230119196A1 (en) Information processing apparatus, authenticity verification method, and program
CN112487500A (en) Authentication method
US20240037216A1 (en) Systems And Methods For Creating Trustworthy Orchestration Instructions Within A Containerized Computing Environment For Validation Within An Alternate Computing Environment