TWI815263B - Processing system and method for online firmware update - Google Patents

Processing system and method for online firmware update Download PDF

Info

Publication number
TWI815263B
TWI815263B TW110149077A TW110149077A TWI815263B TW I815263 B TWI815263 B TW I815263B TW 110149077 A TW110149077 A TW 110149077A TW 110149077 A TW110149077 A TW 110149077A TW I815263 B TWI815263 B TW I815263B
Authority
TW
Taiwan
Prior art keywords
firmware
new version
encrypted
file
server
Prior art date
Application number
TW110149077A
Other languages
Chinese (zh)
Other versions
TW202326413A (en
Inventor
賴育承
Original Assignee
尚承科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 尚承科技股份有限公司 filed Critical 尚承科技股份有限公司
Priority to TW110149077A priority Critical patent/TWI815263B/en
Publication of TW202326413A publication Critical patent/TW202326413A/en
Application granted granted Critical
Publication of TWI815263B publication Critical patent/TWI815263B/en

Links

Images

Abstract

一種線上更新韌體的處理系統與方法,處理系統執行以下步驟: 電子設備向一韌體安全更新服務端發送一下載要求;由該韌體安全更新服務端根據該下載要求查找是否具有一新版韌體資訊;若該韌體安全更新服務端具有相應該電子設備的該新版韌體資訊,該韌體安全更新服務端將相應該電子設備的一加密新版韌體檔案解密為一新版韌體檔案,並以一唯一特徵加密該新版韌體檔案產生一專屬加密新版韌體檔案,並依據該專屬加密新版韌體檔案產生一載點路徑資訊; 該電子設備接收所述載點路徑資訊,再由載點路徑資訊連結至該韌體安全更新服務端,且於韌體安全更新服務端下載所述專屬加密新版韌體檔案,並該電子設備以一唯一特徵解密所述專屬加密新版韌體檔案以取得所述新版韌體檔案。 A processing system and method for updating firmware online. The processing system performs the following steps: The electronic device sends a download request to a firmware security update server; the firmware security update server searches for whether there is a new version of firmware information based on the download request; if the firmware security update server has the corresponding electronic device's For the new version of firmware information, the firmware security update server decrypts an encrypted new version of firmware file corresponding to the electronic device into a new version of firmware file, and encrypts the new version of firmware file with a unique characteristic to generate an exclusive encrypted new version of firmware. body file, and generates a load point path information based on the exclusive encrypted new version of the firmware file; the electronic device receives the load point path information, and then links the load point path information to the firmware security update server, and in the firmware The security update server downloads the exclusive encrypted new version firmware file, and the electronic device decrypts the exclusive encrypted new version firmware file with a unique characteristic to obtain the new version firmware file.

Description

線上更新韌體的處理系統與方法Processing system and method for online firmware update

關於一種線上更新系統與方法,特別有關一種線上更新韌體的處理系統與方法。It relates to an online update system and method, in particular to an online firmware update processing system and method.

對於電子產品而言,硬體設計與軟體設計都是相同重要的課題。而為能有效控制硬體元件的相關運作,還需要仰賴軟體與韌體(firmware)的協做。韌體是軟體與硬體之間的溝通媒介,因此韌體一旦出問題勢必影響電子產品各方面的使用。For electronic products, hardware design and software design are equally important topics. In order to effectively control the related operations of hardware components, it also needs to rely on the cooperation of software and firmware. Firmware is the communication medium between software and hardware, so once there is a problem with the firmware, it will inevitably affect all aspects of the use of electronic products.

此外,電子產品也可以透過韌體的升級,進而提供更加強大的功能。由於韌體的獨特地位,所以韌體的更新將會直接影響電子產品。特別是資訊安全的考量,如果電子設備載入具有惡意程式碼的韌體檔案,將有可能對電子產品造成破壞或洩漏使用者的機密資訊。In addition, electronic products can also provide more powerful functions through firmware upgrades. Due to the unique status of firmware, firmware updates will directly affect electronic products. Especially for information security considerations, if an electronic device loads a firmware file with malicious code, it may cause damage to the electronic product or leak the user's confidential information.

對於韌體提供端而言,韌體提供端並無法驗證提出下載要求的發起端身份。因此無法避免惡意第三方偽裝成合法的電子產品向韌體提供端索取相應的韌體。For the firmware provider, the firmware provider cannot verify the identity of the initiator who makes the download request. Therefore, it is unavoidable that malicious third parties disguise themselves as legitimate electronic products and request the corresponding firmware from the firmware provider.

有鑑於此,在一實施例中提供一種線上更新韌體的處理系統,對電子設備製作專屬的韌體與下載資源,確保更新韌體的過程中不會遭受惡意第三方的偽造或攻擊。In view of this, in one embodiment, an online firmware update processing system is provided to create exclusive firmware and download resources for electronic devices to ensure that the firmware update process will not be forged or attacked by malicious third parties.

為達上述目的,本發明係提供一種線上更新韌體的處理系統,係包括:一韌體源端,可產生至少一加密新版韌體檔案及一新版韌體資訊;一韌體安全更新服務端,連接該韌體源端,該韌體安全更新服務端接收並儲存該新版韌體資訊及該加密新版韌體檔案,且將該加密新版韌體檔案並解密為一新版韌體檔案,且該韌體安全更新服務端對該新版韌體檔案以一唯一特徵加密產生一專屬加密新版韌體檔案,並依據該專屬加密新版韌體檔案產生一載點路徑資訊。至少一電子設備,連接於該韌體安全更新服務端,且該電子設備接收所述載點路徑資訊,再由載點路徑資訊連結至該韌體安全更新服務端,並下載所述專屬加密新版韌體檔案。並該電子設備依據該唯一特徵解密所述專屬加密新版韌體檔案以取得所述新版韌體檔案。To achieve the above objectives, the present invention provides an online firmware update processing system, which includes: a firmware source that can generate at least one encrypted new version of firmware file and a new version of firmware information; and a firmware security update server. , connected to the firmware source, the firmware security update server receives and stores the new version of firmware information and the encrypted new version of firmware file, and decrypts the encrypted new version of firmware file into a new version of firmware file, and the The firmware security update server encrypts the new version of the firmware file with a unique characteristic to generate a unique encrypted new version of the firmware file, and generates a load point path information based on the unique encrypted new version of the firmware file. At least one electronic device is connected to the firmware security update server, and the electronic device receives the download point path information, and then connects to the firmware security update server through the download point path information, and downloads the exclusive encrypted new version. Firmware file. And the electronic device decrypts the exclusive encrypted new version firmware file based on the unique characteristic to obtain the new version firmware file.

根據本發明線上更新韌體的處理系統之一實施例,其中該韌體安全更新服務端更包括:一韌體儲存端,連接該韌體源端,接收並儲存該新版韌體資訊及該加密新版韌體檔案;至少一韌體產製服務器,連接於該韌體儲存端,接收該加密新版韌體檔案;一安全運算端,連接於該韌體產製服務器,並該安全運算端接收所述加密新版韌體檔案且解密該加密新版韌體檔案產生所述新版韌體檔案,並以所述唯一特徵加密該新版韌體檔案產生一專屬加密新版韌體檔案後,將該專屬加密新版韌體檔案傳送至該韌體產製服務器,該韌體產製服務器由該專屬加密新版韌體檔案產生有一載點路徑資訊;一更新管理端,連接於該韌體儲存端並接收該新版韌體資訊,連接於該韌體產製服務器且接收所述載點路徑資訊;一韌體提供端,連接該韌體產製服務器且接收所述專屬加密新版韌體檔案。一電子設備,連接該更新管理端與韌體提供端,並該電子設備接收所述載點路徑資訊,再由載點路徑資訊連結至韌體提供端且於韌體提供端下載所述專屬加密新版韌體檔案,並該電子設備以所述唯一特徵解密所述專屬加密新版韌體檔案以取得所述新版韌體檔案。According to an embodiment of the online firmware update processing system of the present invention, the firmware security update server further includes: a firmware storage terminal connected to the firmware source terminal to receive and store the new version of firmware information and the encryption A new version of the firmware file; at least one firmware production server, connected to the firmware storage terminal, receives the encrypted new version of the firmware file; a secure computing terminal, connected to the firmware production server, and the secure computing terminal receives all After encrypting the new version of the firmware file and decrypting the encrypted new version of the firmware file to generate the new version of the firmware file, and encrypting the new version of the firmware file with the unique characteristics to generate an exclusive encrypted new version of the firmware file, the exclusive encrypted new version of the firmware file is The firmware production server generates load point path information from the exclusive encrypted new version of the firmware file; an update management terminal is connected to the firmware storage terminal and receives the new version of the firmware. information, connected to the firmware production server and receiving the load point path information; a firmware provider, connected to the firmware production server and receiving the exclusive encrypted new version of the firmware file. An electronic device connects the update management terminal and the firmware provider, and the electronic device receives the download point path information, and then connects to the firmware provider through the download point path information and downloads the exclusive encryption at the firmware provider A new version of the firmware file, and the electronic device decrypts the exclusive encrypted new version of the firmware file using the unique characteristics to obtain the new version of the firmware file.

根據本發明線上更新韌體的處理系統之一實施例,其中該韌體源端使用一簽章私鑰為該加密新版韌體檔案簽章產生一簽章資訊,並以一加密公鑰為該簽章資訊及一加密新版韌體金鑰進行加密產生一加密簽章資訊及一被加密金鑰,並將該加密新版韌體檔案、該加密簽章資訊及該被加密金鑰經由該韌體儲存端及該專屬韌體產製服務器傳送至該安全運算端,該安全運算端使用一解密私鑰為該加密簽章資訊及該被加密金鑰解密得到該簽章資訊及該加密新版韌體金鑰,該安全運算端使用該加密新版韌體金鑰為該加密新版韌體檔案進行解密得到該新版韌體檔案,該韌體源端使用一驗章公鑰對該簽章資訊進行驗章並以確認該加密新版韌體檔案來自該韌體源端。According to an embodiment of the online firmware update processing system of the present invention, the firmware source uses a signature private key to generate signature information for the encrypted new version of the firmware file, and uses an encrypted public key for the signature. The signature information and an encrypted new version of the firmware key are encrypted to generate an encrypted signature information and an encrypted key, and the encrypted new version of the firmware file, the encrypted signature information and the encrypted key are passed through the firmware The storage terminal and the dedicated firmware production server are sent to the secure computing terminal. The secure computing terminal uses a decryption private key to decrypt the encrypted signature information and the encrypted key to obtain the signature information and the encrypted new version of firmware. The secure computing end uses the encrypted new version firmware key to decrypt the encrypted new version firmware file to obtain the new version firmware file. The firmware source end uses a signature verification public key to verify the signature information. And to confirm that the encrypted new version of the firmware file comes from the source of the firmware.

根據本發明線上更新韌體的處理系統之一實施例,其中該韌體源端及該韌體儲存端之間建立傳輸層安全(TLS)連線。According to an embodiment of the online firmware update processing system of the present invention, a Transport Layer Security (TLS) connection is established between the firmware source and the firmware storage.

根據本發明線上更新韌體的處理系統之一實施例,更包括有一訊息序列管理器及一負載服務器,該訊息序列管理器連接所述更新管理端與所述韌體產製服務器,而該負載服務器連接所述訊息序列管理器且由訊息序列管理器連接所述更新管理端與所述韌體產製服務器,且該負載服務器根據該些韌體產製服務器的一當前負載,從該些韌體產製服務器中選擇該當前負載最小者為該目標服務器。According to an embodiment of the online firmware update processing system of the present invention, it further includes a message sequence manager and a load server. The message sequence manager connects the update management terminal and the firmware production server, and the load The server connects to the message sequence manager and the message sequence manager connects the update management terminal and the firmware production server, and the load server obtains data from the firmware production servers based on a current load of the firmware production servers. The one with the smallest current load among the institutional servers is selected as the target server.

本發明還提供一種線上更新韌體的處理方法,包括如下步驟: 一電子設備向一韌體安全更新服務端發送一下載要求; 由該韌體安全更新服務端根據該下載要求查找是否具有一新版韌體資訊; 若該韌體安全更新服務端具有相應該電子設備的該新版韌體資訊,該韌體安全更新服務端將相應該電子設備的一加密新版韌體檔案解密為一新版韌體檔案,並以一唯一特徵加密該新版韌體檔案產生一專屬加密新版韌體檔案,並依據該專屬加密新版韌體檔案產生一載點路徑資訊; 該電子設備接收所述載點路徑資訊,再由載點路徑資訊連結至該韌體安全更新服務端,且於該韌體安全更新服務端下載所述專屬加密新版韌體檔案,並該電子設備以該唯一特徵解密所述專屬加密新版韌體檔案以取得所述新版韌體檔案。 The present invention also provides a method for updating firmware online, which includes the following steps: An electronic device sends a download request to a firmware security update server; The firmware security update server searches for information about a new version of firmware based on the download request; If the firmware security update server has the new version of the firmware information corresponding to the electronic device, the firmware security update server decrypts an encrypted new version of the firmware file of the corresponding electronic device into a new version of the firmware file, and uses a The unique characteristic is to encrypt the new version of firmware file to generate a unique encrypted new version of firmware file, and generate a load point path information based on the unique encrypted new version of firmware file; The electronic device receives the download point path information, and then connects to the firmware security update server through the download point path information, and downloads the exclusive encrypted new version of the firmware file on the firmware security update server, and the electronic device Decrypt the exclusive encrypted new version firmware file using the unique feature to obtain the new version firmware file.

根據本發明線上更新韌體的處理方法之一實施例,其中在該韌體安全更新服務端包括: 由該更新管理端根據該下載要求查找是否具有一新版韌體資訊; 若該更新管理端具有相應該電子設備的該新版韌體資訊,該更新管理端令一韌體儲存端將相應該電子設備的一加密新版韌體檔案發送至一韌體產製服務器; 該韌體產製服務器將該加密新版韌體檔案發送至一安全運算端; 該安全運算端對該加密新版韌體檔案解密為一新版韌體檔案,並以一唯一特徵加密該新版韌體檔案產生一專屬加密新版韌體檔案,且將該專屬加密新版韌體檔案發送至所述韌體產製服務器; 該韌體產製服務器依據該專屬加密新版韌體檔案產生有一載點路徑資訊,且將其專屬加密新版韌體檔案發送至所述韌體提供端,並將該載點路徑資訊發送至該更新管理端;以及 該電子設備接收所述載點路徑資訊,再由載點路徑資訊連結至韌體提供端且於韌體提供端下載所述專屬加密新版韌體檔案,並該電子設備以該唯一特徵解密所述專屬加密新版韌體檔案以取得所述新版韌體檔案。 According to one embodiment of the online firmware update processing method of the present invention, the firmware security update server includes: The update management terminal searches whether there is a new version of firmware information based on the download request; If the update management terminal has the new version firmware information corresponding to the electronic device, the update management terminal causes a firmware storage terminal to send an encrypted new version firmware file corresponding to the electronic device to a firmware production server; The firmware production server sends the encrypted new version firmware file to a secure computing terminal; The secure computing terminal decrypts the encrypted new firmware file into a new firmware file, encrypts the new firmware file with a unique characteristic to generate an exclusive encrypted new firmware file, and sends the exclusive encrypted new firmware file to The firmware production server; The firmware production server generates a load point path information based on the exclusive encrypted new version firmware file, and sends its exclusive encrypted new version firmware file to the firmware provider, and sends the load point path information to the update management side; and The electronic device receives the loading point path information, and then links the loading point path information to the firmware provider and downloads the exclusive encrypted new version of the firmware file at the firmware provider, and the electronic device decrypts the said unique feature. Exclusively encrypt the new version of the firmware file to obtain the new version of the firmware file.

根據本發明線上更新韌體的處理方法之一實施例,其中在該更新管理端令一韌體儲存端將相應該電子設備的一加密新版韌體檔案發送至一韌體產製服務器的步驟包括:該更新管理端透過一訊息序列管理器發出一製作指令至一負載服務器,以由該負載服務器根據該些韌體產製服務器的一當前負載選擇該當前負載最小者為該目標服務器。According to one embodiment of the online firmware update processing method of the present invention, the step of instructing a firmware storage terminal to send an encrypted new version of the firmware file corresponding to the electronic device to a firmware production server at the update management terminal includes : The update management terminal sends a production command to a load server through a message sequence manager, so that the load server selects the one with the smallest current load as the target server according to a current load of the firmware production servers.

根據本發明線上更新韌體的處理方法之一實施例,其中包括一安全機制:一韌體源端,傳送該加密新版韌體檔案及該新版韌體資訊至韌體儲存端; 為該韌體源端使用一簽章私鑰為該加密新版韌體檔案簽章產生一簽章資訊,並以一加密公鑰為該簽章資訊及一加密新版韌體金鑰進行加密產生一加密簽章資訊及一被加密金鑰,並將該加密新版檔韌體案、該加密簽章資訊及該被加密金鑰發送至該韌體儲存端; 該韌體儲存端將該加密新版檔韌體案、該加密簽章資訊及該被加密金鑰發送至該韌體產製服務器; 該韌體產製服務器將該加密新版檔韌體案、該加密簽章資訊及該被加密金鑰傳送至該安全運算端; 該安全運算端使用一解密私鑰為該加密簽章資訊及該被加密金鑰解密得到該簽章資訊及該加密新版韌體金鑰,該安全運算端使用該加密新版韌體金鑰為該加密新版韌體檔案進行解密得到該新版韌體檔案,該安全運算端使用一驗章公鑰對該簽章資訊進行驗章並以確認該加密新版韌體檔案來自該韌體源端; According to one embodiment of the method for online firmware update of the present invention, it includes a security mechanism: a firmware source that transmits the encrypted new version of the firmware file and the new version of the firmware information to the firmware storage end; Use a signing private key for the firmware source to sign the encrypted new version of the firmware file to generate a signature information, and use an encrypted public key to encrypt the signature information and an encrypted new version of the firmware key to generate a signature. Encrypt the signature information and an encrypted key, and send the encrypted new version file firmware file, the encrypted signature information and the encrypted key to the firmware storage end; The firmware storage terminal sends the encrypted new version file firmware file, the encrypted signature information and the encrypted key to the firmware production server; The firmware production server transmits the encrypted new version file firmware file, the encrypted signature information and the encrypted key to the secure computing terminal; The secure computing end uses a decryption private key to decrypt the encrypted signature information and the encrypted key to obtain the signature information and the encrypted new version of the firmware key. The secure computing end uses the encrypted new version of the firmware key to Encrypt the new version of the firmware file and decrypt it to obtain the new version of the firmware file. The secure computing terminal uses a signature verification public key to verify the signature information and confirm that the encrypted new version of the firmware file comes from the firmware source;

根據本發明線上更新韌體的處理方法之一實施例,其中包括一安全機制:一韌體源端,傳送該加密新版韌體檔案及該新版韌體資訊至韌體儲存端,該韌體源端及該韌體儲存端之間建立TLS安全連線。According to one embodiment of the method for online firmware update of the present invention, a security mechanism is included: a firmware source transmits the encrypted new version of the firmware file and the new version of the firmware information to the firmware storage end, and the firmware source Establish a TLS secure connection between the client and the firmware storage client.

本發明之上述目的及其結構與功能上的特性,將依據所附圖式之較佳實施例予以說明。The above objects and structural and functional characteristics of the present invention will be explained based on the preferred embodiments of the accompanying drawings.

請參閱第1圖所示,係為本發明線上更新韌體的處理系統之系統架構示意圖,由圖中可清楚看出,該線上更新韌體的處理系統1係包括有一韌體源端110及一韌體安全更新服務端12,該韌體安全更新服務端12包括有一韌體儲存端120及至少一韌體產製服務器130及一安全運算端140及一更新管理端150及一韌體提供端160及至少一電子設備170。Please refer to Figure 1, which is a schematic diagram of the system architecture of the online firmware update processing system of the present invention. It can be clearly seen from the figure that the online firmware update processing system 1 includes a firmware source end 110 and A firmware security update server 12. The firmware security update server 12 includes a firmware storage terminal 120 and at least one firmware production server 130, a security computing terminal 140, an update management terminal 150 and a firmware provider. Terminal 160 and at least one electronic device 170.

其中該韌體源端110可產生有至少一加密新版韌體檔案111及一新版韌體資訊112,而該韌體儲存端120電性連接所述韌體源端110,且該韌體儲存端120係接收所述加密新版韌體檔案111及所述新版韌體資訊112並儲存,而該韌體產製服務器130係連接所述韌體儲存端120,且該韌體產製服務器130係接收所述加密新版韌體檔案111,另該安全運算端140係連接所述韌體產製服務器130,且該安全運算端140設置有至少一唯一特徵141,而該更新管理端150與該韌體提供端160則分別連接至所述韌體產製服務器130,該電子設備170連接該更新管理端150與該韌體提供端160,且該電子設備170係包括有所述唯一特徵141,其中安全運算端140與電子設備170的唯一特徵142可以是電子設備170的通用唯一辨識碼(Universally Unique Identifier,UUID)、設備型號或憑證。The firmware source 110 can generate at least one encrypted new version of firmware file 111 and a new version of firmware information 112, and the firmware storage end 120 is electrically connected to the firmware source end 110, and the firmware storage end 120 receives and stores the encrypted new version firmware file 111 and the new version firmware information 112, and the firmware production server 130 is connected to the firmware storage terminal 120, and the firmware production server 130 receives The new version of the firmware file 111 is encrypted, and the secure computing terminal 140 is connected to the firmware production server 130, and the secure computing terminal 140 is provided with at least one unique feature 141, and the update management terminal 150 and the firmware The provider 160 is connected to the firmware production server 130 respectively, the electronic device 170 is connected to the update management end 150 and the firmware provider 160, and the electronic device 170 includes the unique feature 141, wherein the security The unique characteristics 142 of the computing terminal 140 and the electronic device 170 may be a universally unique identifier (UUID), device model or certificate of the electronic device 170 .

其中當該韌體源端110產生有所述加密新版韌體檔案111及所述新版韌體資訊112時,該韌體源端110便會將所述加密新版韌體檔案111及所述新版韌體資訊112傳送至韌體儲存端120,而該韌體儲存端120接收所述加密新版韌體檔案111及新版韌體資訊112並儲存外,該韌體儲存端120同時會發送新版韌體資訊112至所述更新管理端150。When the firmware source 110 generates the encrypted new firmware file 111 and the new firmware information 112, the firmware source 110 will generate the encrypted new firmware file 111 and the new firmware. The firmware storage 112 is sent to the firmware storage 120, and the firmware storage 120 receives and stores the encrypted new firmware file 111 and the new firmware information 112. The firmware storage 120 also sends the new firmware information. 112 to the update management terminal 150.

而當電子設備170對該更新管理端150發出更新韌體下載要求時,該更新管理端150會先針對電子設備170之身分進行確認,該電子設備170與更新管理端150以一身份認證機制建立聯線,該身份認證機制可為更新管理端對該電子設備進行公開金鑰基礎建設(PKI)身份認證或該電子設備及該更新管理端之間建立傳輸層安全(TLS)連線。而其更新管理端150與電子設備170經由身份認證及所述新版韌體資訊112,該更新管理端150便可得知其電子設備170所使用之新版韌體檔案是否產生,若韌體源端110沒有產生其電子設備170所需要之新版韌體檔案時,該更新管理端150向電子設備170發送回應訊息,以告知電子設備170此時並未有其所需之新版韌體檔案。When the electronic device 170 sends an update firmware download request to the update management terminal 150, the update management terminal 150 will first confirm the identity of the electronic device 170. The electronic device 170 and the update management terminal 150 are established through an identity authentication mechanism. Online, the identity authentication mechanism can perform Public Key Infrastructure (PKI) identity authentication on the electronic device for the update management end or establish a Transport Layer Security (TLS) connection between the electronic device and the update management end. After the update management terminal 150 and the electronic device 170 pass identity authentication and the new version of firmware information 112, the update management terminal 150 can know whether the new version of the firmware file used by the electronic device 170 has been generated. If the firmware source When 110 does not generate the new version firmware file required by its electronic device 170, the update management terminal 150 sends a response message to the electronic device 170 to inform the electronic device 170 that the new version firmware file it requires is not available at this time.

反之,若更新管理端150得知其電子設備170所使用之新版韌體檔案已產生時,該更新管理端150則再判斷是否已有對應該電子設備170之專屬加密新版韌體檔案142產生,若無,該更新管理端150會告知電子設備170其新版韌體檔案已由韌體源端110發佈但未供下載,且同時該更新管理端150則對其韌體產製服務器130產生一製作指令,該韌體產製服務器130則接收其韌體儲存端120之加密新版韌體檔案111,且該韌體產製服務器130將其加密新版韌體檔案111傳送至所述安全運算端140,該安全運算端140接收所述加密新版韌體檔案111且對該加密新版韌體檔案111進行解密為一新版韌體檔案,此解密方式可為該韌體源端110與安全運算端140具有配對之公、私、金鑰解密,而後該安全運算端140以其電子設備171之唯一特徵141對該新版韌體檔案做加密產生一專屬加密新版韌體檔案142,而該安全運算端140產生有所述專屬加密新版韌體檔案142後,該安全運算端140將其專屬加密新版韌體檔案142回傳至所述韌體產製服務器130,該韌體產製服務器130接收到所述專屬加密新版韌體檔案142後,該韌體產製服務器130則產生相對應該專屬加密新版韌體檔案142之載點路徑資訊131,其中該載點路徑資訊131可為檔案傳輸協定(FTP)空間或統一資源定位符路徑資訊空間(Uniform Resource Locator,URL)等,且該韌體產製服務器130又於載點路徑資訊131產生後,將所述專屬加密新版韌體檔案142傳送至所述韌體提供端160,又將載點路徑資訊131傳送至更新管理端150,使該更新管理端150具有所述載點路徑資訊131,而該韌體提供端160則具有所述專屬加密新版韌體檔案142,而後若該電子設備170再次對該更新管理端150發出所述更新韌體下載要求時,該更新管理端150則將該載點路徑資訊131發送給電子設備170,該電子設備170則可透過連接所述載點路徑資訊131至韌體提供端160內下載所述專屬加密新版韌體檔案142,而該電子設備170下載所述專屬加密新版韌體檔案142後,該電子設備170則對其專屬加密新版韌體檔案142以電子裝置之唯一特徵141解密,進而取得所述新版韌體檔案。On the contrary, if the update management terminal 150 learns that the new version of the firmware file used by the electronic device 170 has been generated, the update management terminal 150 then determines whether the exclusive encrypted new version of the firmware file 142 corresponding to the electronic device 170 has been generated. If not, the update management terminal 150 will inform the electronic device 170 that its new version of the firmware file has been released by the firmware source 110 but is not available for download, and at the same time, the update management terminal 150 will generate a production for its firmware production server 130 command, the firmware production server 130 receives the encrypted new firmware file 111 of its firmware storage 120, and the firmware production server 130 transmits the encrypted new firmware file 111 to the secure computing terminal 140, The secure computing end 140 receives the encrypted new version firmware file 111 and decrypts the encrypted new version firmware file 111 into a new version firmware file. This decryption method can be a pairing between the firmware source end 110 and the secure computing end 140 Decrypt the public, private and golden keys, and then the secure computing end 140 encrypts the new version of the firmware file with the unique characteristics 141 of the electronic device 171 to generate an exclusive encrypted new version of the firmware file 142, and the secure computing end 140 generates After the exclusive encryption of the new version of the firmware file 142, the secure computing terminal 140 returns the exclusive encryption of the new version of the firmware file 142 to the firmware production server 130. The firmware production server 130 receives the exclusive encryption. After the new version of the firmware file 142, the firmware production server 130 generates the download point path information 131 corresponding to the unique encrypted new version of the firmware file 142, wherein the download point path information 131 can be a File Transfer Protocol (FTP) space or a unified Resource locator path information space (Uniform Resource Locator, URL), etc., and the firmware production server 130 sends the exclusive encrypted new version firmware file 142 to the firmware provider after the load point path information 131 is generated. The terminal 160 further transmits the download point path information 131 to the update management terminal 150, so that the update management terminal 150 has the download point path information 131, and the firmware provider 160 has the exclusive encrypted new version firmware file 142. , and then if the electronic device 170 sends the update firmware download request to the update management terminal 150 again, the update management terminal 150 sends the download point path information 131 to the electronic device 170, and the electronic device 170 can pass Connect the load point path information 131 to the firmware provider 160 to download the exclusive encrypted new version firmware file 142, and after the electronic device 170 downloads the exclusive encrypted new version firmware file 142, the electronic device 170 The exclusive encrypted new version firmware file 142 is decrypted using the unique characteristics 141 of the electronic device to obtain the new version firmware file.

又其中該電子設備170可以是但不限定於個人電腦、筆記型電腦、行動通訊裝置、平板電腦、晶片或其他具有通訊能力的計算機設備。The electronic device 170 may be, but is not limited to, a personal computer, a notebook computer, a mobile communication device, a tablet computer, a chip, or other computer equipment with communication capabilities.

為清楚說明線上更新韌體的處理系統整體運作流程,請參考第2圖所示,其係為本發明線上更新韌體的處理方法流程圖。In order to clearly explain the overall operation process of the online firmware update processing system, please refer to Figure 2, which is a flow chart of the online firmware update processing method of the present invention.

步驟S210:電子設備向更新管理端發送下載要求;Step S210: The electronic device sends a download request to the update management terminal;

步驟S220:由該韌體安全更新服務端根據該下載要求查找是否具有新版韌體資訊;若該韌體安全更新服務端不具有相應該電子設備的該新版韌體資訊時,則進入步驟S230:該韌體安全更新服務端向電子設備發送回應訊息,以告知電子設備此時並未有其所需之新版韌體檔案;反之,若該韌體安全更新服務端具有相應該電子設備的該新版韌體資訊時,則進入步驟S240。Step S220: The firmware security update server searches whether there is a new version of firmware information according to the download request; if the firmware security update server does not have the new version of firmware information corresponding to the electronic device, then enter step S230: The firmware security update server sends a response message to the electronic device to inform that the electronic device does not have the new version of the firmware file it requires at this time; conversely, if the firmware security update server has the new version of the corresponding electronic device When the firmware information is received, step S240 is entered.

步驟S240:若該韌體安全更新服務端具有相應該電子設備的該新版韌體資訊,該韌體安全更新服務端將相應該電子設備的一加密新版韌體檔案解密為一新版韌體檔案,並以一唯一特徵加密該新版韌體檔案產生一專屬加密新版韌體檔案,並依據該專屬加密新版韌體檔案產生一載點路徑資訊;Step S240: If the firmware security update server has the new version firmware information corresponding to the electronic device, the firmware security update server decrypts an encrypted new version firmware file corresponding to the electronic device into a new version firmware file, And encrypt the new version firmware file with a unique characteristic to generate a unique encrypted new version firmware file, and generate a load path information based on the unique encrypted new version firmware file;

步驟S250:該電子設備接收所述載點路徑資訊,再由載點路徑資訊連結至韌體安全更新服務端且於韌體安全更新服務端下載所述專屬加密新版韌體檔案,並該電子設備以該唯一特徵解密所述專屬加密新版韌體檔案以取得所述新版韌體檔案。Step S250: The electronic device receives the loading point path information, and then connects to the firmware security update server through the loading point path information and downloads the exclusive encrypted new version of the firmware file on the firmware security update server, and the electronic device Decrypt the exclusive encrypted new version firmware file using the unique feature to obtain the new version firmware file.

再請參閱第3圖,其係為本發明線上更新韌體的處理方法流程圖之一實施例。Please refer to Figure 3 again, which is a flow chart of an online firmware update processing method according to an embodiment of the present invention.

步驟S310:電子設備向更新管理端發送下載要求;Step S310: The electronic device sends a download request to the update management terminal;

步驟S320:由該更新管理端根據該下載要求查找是否具有新版韌體資訊;若該更新管理端不具有相應該電子設備的新版韌體資訊時,則進入步驟S330:該更新管理端向電子設備發送回應訊息,以告知電子設備此時並未有其所需之新版韌體檔案;反之,若該更新管理端具有相應該電子設備170的新版韌體資訊時,則進入步驟S340。Step S320: The update management terminal searches whether there is a new version of firmware information according to the download request; if the update management terminal does not have the new version of firmware information corresponding to the electronic device, then enter step S330: The update management terminal provides the electronic device with A response message is sent to inform that the electronic device does not have the new version of firmware file it requires at this time; on the contrary, if the update management terminal has the new version of firmware information corresponding to the electronic device 170, step S340 is entered.

步驟S340:該更新管理端令一韌體儲存端將相應該電子設備的加密新版韌體檔案發送至韌體產製服務器;Step S340: The update management terminal causes a firmware storage terminal to send the encrypted new version of the firmware file corresponding to the electronic device to the firmware production server;

步驟S350:該韌體產製服務器將該加密新版韌體檔案發送至安全運算端;Step S350: The firmware production server sends the encrypted new version of the firmware file to the secure computing terminal;

步驟S360:該安全運算端對該加密新版韌體檔案解密為新版韌體檔案,並以一唯一特徵加密該新版韌體檔案產生一專屬加密新版韌體檔案,且將該專屬加密新版韌體檔案發送至所述韌體產製服務器;Step S360: The secure computing terminal decrypts the encrypted new firmware file into a new firmware file, encrypts the new firmware file with a unique characteristic to generate an exclusive encrypted new firmware file, and encrypts the exclusive encrypted new firmware file. Sent to the firmware production server;

步驟S370:該韌體產製服務器依據該專屬加密新版韌體檔案產生有一載點路徑資訊,且將其專屬加密新版韌體檔案發送至所述韌體提供端,並將該載點路徑資訊發送至該更新管理端;以及Step S370: The firmware production server generates a load point path information based on the exclusive encrypted new version firmware file, and sends its exclusive encrypted new version firmware file to the firmware provider, and sends the load point path information. to the update manager; and

步驟S380:該電子設備接收所述載點路徑資訊,再由載點路徑資訊連結至韌體提供端且於韌體提供端下載所述專屬加密新版韌體檔案,並該電子設備以該唯一特徵解密所述專屬加密新版韌體檔案以取得所述加密新版韌體檔案。Step S380: The electronic device receives the loading point path information, and then connects to the firmware provider through the loading point path information and downloads the exclusive encrypted new version of the firmware file at the firmware provider, and the electronic device uses the unique characteristic Decrypt the exclusive encrypted new version firmware file to obtain the encrypted new version firmware file.

再請參閱第4圖所示,係為本發明線上更新韌體的處理系統增加訊息序列管理器與負載服務器之系統架構示意圖,其中線上更新韌體的處理系統1更包括有一訊息序列管理器151及一負載服務器190,該訊息序列管理器151連接所述更新管理端150與所述韌體產製服務器130,而該負載服務器190連接所述訊息序列管理器151且由訊息序列管理器151連接所述更新管理端150與所述韌體產製服務器130,且該負載服務器190根據該些韌體產製服務器130的一當前負載,從該些韌體產製服務器130中選擇該當前負載最小者為該目標服務器。Please refer to Figure 4 again, which is a schematic diagram of the system architecture of adding a message sequence manager and a load server to the online firmware update processing system of the present invention. The online firmware update processing system 1 further includes a message sequence manager 151 and a load server 190, the message sequence manager 151 connects the update management terminal 150 and the firmware production server 130, and the load server 190 connects the message sequence manager 151 and is connected by the message sequence manager 151 The update management terminal 150 and the firmware production server 130, and the load server 190 selects the minimum current load from the firmware production servers 130 according to a current load of the firmware production servers 130. is the target server.

當前負載可以是但不限定為中央處理器的運作負載、網路吞吐負載或儲存空間負載等。當負載服務器190接獲加密新版韌體檔案111時,負載服務器190將會評估所有韌體產製服務器130的當前負載。負載服務器190從韌體產製服務器130中選取當前負載最小者為目標服務器。The current load may be, but is not limited to, the operating load of the CPU, network throughput load or storage space load, etc. When the load server 190 receives the encrypted new version of the firmware file 111, the load server 190 will evaluate the current loads of all firmware production servers 130. The load server 190 selects the one with the smallest current load from the firmware production servers 130 as the target server.

再請參閱第5圖所示,係為本發明線上更新韌體的處理系統之安全傳輸系統示意圖,其中該韌體源端110使用一簽章私鑰1101為該加密新版韌體111檔案簽章產生一簽章資訊,並以一加密公鑰1102為該簽章資訊及一加密新版韌體金鑰進行加密產生一加密簽章資訊1103及一被加密金鑰1104,並將該加密新版韌體檔案111、該加密簽章資訊1103及該被加密金鑰1104經由該韌體儲存端120及該韌體產製服務器130傳送至該安全運算端140,該安全運算端140使用一解密私鑰1402為該加密簽章資訊1103及該被加密金鑰1104解密得到該簽章資訊及該加密新版韌體金鑰,該安全運算端140使用該加密新版韌體金鑰為該加密新版韌體檔案111進行解密得到該新版韌體檔案,該韌體源端使用一驗章公鑰1401對該簽章資訊進行驗章並以確認該加密新版韌體檔案來自該韌體源端。以此確保加密新版韌體111傳送至對的韌體安全更新服務端12,並避免加密新版韌體111遺失時遭人破解使用。Please refer to Figure 5 again, which is a schematic diagram of the secure transmission system of the online firmware update processing system of the present invention. The firmware source 110 uses a signature private key 1101 to sign the encrypted new version of the firmware 111 file. Generate a signature information, and use an encrypted public key 1102 to encrypt the signature information and an encrypted new version firmware key to generate an encrypted signature information 1103 and an encrypted key 1104, and encrypt the new version of the firmware The file 111, the encrypted signature information 1103 and the encrypted key 1104 are transmitted to the secure computing terminal 140 via the firmware storage 120 and the firmware production server 130. The secure computing terminal 140 uses a decryption private key 1402 The encrypted signature information 1103 and the encrypted key 1104 are decrypted to obtain the signature information and the encrypted new firmware key, and the secure computing terminal 140 uses the encrypted new firmware key to encrypt the new firmware file 111 Decryption is performed to obtain the new version of the firmware file. The firmware source uses a signature verification public key 1401 to verify the signature information and confirm that the encrypted new version of the firmware file comes from the firmware source. This ensures that the encrypted new firmware 111 is sent to the correct firmware security update server 12 and prevents the encrypted new firmware 111 from being cracked and used when it is lost.

以上已將本發明做一詳細說明,惟以上所述者,僅為本發明之一較佳實施例而已,當不能限定本發明實施之範圍,即凡依本發明申請範圍所作之均等變化與修飾等,皆應仍屬本發明之專利涵蓋範圍。The present invention has been described in detail above. However, the above is only a preferred embodiment of the present invention. It cannot limit the scope of the present invention, that is, all equivalent changes and modifications can be made according to the scope of the present invention. etc., should still fall within the scope of the patent of the present invention.

線上更新韌體的處理系統...1 韌體源端...110 加密新版韌體檔案...111 新版韌體資訊...112 韌體安全更新服務端....12 韌體儲存端...120 韌體產製服務器...130 載點路徑資訊...131 安全運算端...140 唯一特徵...141 專屬加密新版韌體檔案...142 更新管理端...150 訊息序列管理器...151 韌體提供端...160 電子設備...170 負載服務器...190 簽章私鑰...1101 加密公鑰...1102 加密簽章資訊...1103 被加密金鑰...1104 驗章公鑰...1401 解密私鑰...1402 Online firmware update processing system. . . 1 Firmware source. . . 110 Encrypt new version firmware files. . . 111 New version of firmware information. . . 112 Firmware security update server... . . 12 Firmware storage terminal. . . 120 Firmware production server. . . 130 Load point path information. . . 131 Safe computing terminal. . . 140 The only characteristic. . . 141 Exclusive encrypted new version firmware file. . . 142 Update management terminal. . . 150 Message sequence manager. . . 151 Firmware provider. . . 160 Electronic equipment. . . 170 Load server. . . 190 Signing private key. . . 1101 Encryption public key. . . 1102 Encrypted signature information. . . 1103 The encrypted key. . . 1104 Verification public key. . . 1401 Decrypt the private key. . . 1402

第1圖為本發明線上更新韌體的處理系統之系統架構示意圖。。 第2圖為本發明線上更新韌體的處理方法之流程圖。 第3圖為本發明線上更新韌體的處理方法之流程圖之一實施例。 第4圖為本發明線上更新韌體的處理系統增加訊息序列管理器與負載服務器之系統架構示意圖。 第5圖為本發明線上更新韌體的處理系統之安全傳輸系統示意圖。 Figure 1 is a schematic diagram of the system architecture of the online firmware update processing system of the present invention. . Figure 2 is a flow chart of the online firmware update processing method of the present invention. Figure 3 is an embodiment of a flow chart of the online firmware update processing method of the present invention. Figure 4 is a schematic diagram of the system architecture in which a message sequence manager and a load server are added to the online firmware update processing system of the present invention. Figure 5 is a schematic diagram of the secure transmission system of the online firmware update processing system of the present invention.

線上更新韌體的處理系統...1 韌體源端...110 加密新版韌體檔案...111 新版韌體資訊...112 韌體安全更新服務端....12 韌體儲存端...120 韌體產製服務器...130 載點路徑資訊...131 安全運算端...140 唯一特徵...141 專屬加密新版韌體檔案...142 更新管理端...150 韌體提供端...160 電子設備...170 Online firmware update processing system. . . 1 Firmware source. . . 110 Encrypt new version firmware files. . . 111 New version of firmware information. . . 112 Firmware security update server... . . 12 Firmware storage terminal. . . 120 Firmware production server. . . 130 Load point path information. . . 131 Safe computing terminal. . . 140 The only characteristic. . . 141 Exclusive encrypted new version firmware file. . . 142 Update management terminal. . . 150 Firmware provider. . . 160 Electronic equipment. . . 170

Claims (8)

一種線上更新韌體的處理系統,包括:一韌體源端,可產生至少一加密新版韌體檔案及一新版韌體資訊;一韌體安全更新服務端,其包括一韌體儲存端、至少一韌體產製服務器、一安全運算端、一更新管理端及一韌體提供端,該韌體儲存端連接該韌體源端,接收並儲存該新版韌體資訊及該加密新版韌體檔案,該韌體產製服務器連接於該韌體儲存端,接收該加密新版韌體檔案,該安全運算端連接於該韌體產製服務器,並該安全運算端接收所述加密新版韌體檔案且解密該加密新版韌體檔案產生所述新版韌體檔案,並以一唯一特徵加密該新版韌體檔案產生一專屬加密新版韌體檔案後,將該專屬加密新版韌體檔案傳送至該韌體產製服務器,該韌體產製服務器由該專屬加密新版韌體檔案產生有一載點路徑資訊,該更新管理端連接於該韌體儲存端並接收該新版韌體資訊,連接於該韌體產製服務器且接收所述載點路徑資訊;及至少一電子設備,連接於該韌體安全更新服務端的更新管理端與韌體提供端,且該電子設備接收所述載點路徑資訊,再由載點路徑資訊連結至該韌體安全更新服務端且於韌體提供端下載所述專屬加密新版韌體檔案,並下載所述專屬加密新版韌體檔案,並該電子設備依據該唯一特徵解密所述專屬加密新版韌體檔案以取得所述新版韌體檔案,其中安全運算端140與電子設備170的唯一特徵142可以是電子設備170的通用唯一辨識碼(Universally Unique Identifier,UUID)、設備型號或憑證。 A processing system for online firmware update, including: a firmware source that can generate at least one encrypted new version of firmware file and one new version of firmware information; a firmware security update server that includes a firmware storage terminal, at least A firmware production server, a secure computing terminal, an update management terminal and a firmware provider. The firmware storage terminal is connected to the firmware source terminal to receive and store the new version of firmware information and the encrypted new version of firmware file. , the firmware production server is connected to the firmware storage terminal and receives the encrypted new version of the firmware file, the secure computing terminal is connected to the firmware production server, and the secure computing terminal receives the encrypted new version of the firmware file and Decrypt the encrypted new version firmware file to generate the new version firmware file, encrypt the new version firmware file with a unique characteristic to generate an exclusive encrypted new version firmware file, and then transmit the exclusive encrypted new version firmware file to the firmware product. The firmware production server generates load point path information from the exclusive encrypted new version of the firmware file. The update management terminal is connected to the firmware storage terminal and receives the new version of the firmware information. It is connected to the firmware production server. The server receives the download point path information; and at least one electronic device is connected to the update management end and the firmware provider of the firmware security update server, and the electronic device receives the download point path information, and then uses the download point path information to The path information is linked to the firmware security update server and the exclusive encrypted new version of the firmware file is downloaded from the firmware provider, and the exclusive encrypted new version of the firmware file is downloaded, and the electronic device decrypts the exclusive encrypted new version of the firmware file based on the unique characteristic. The new version of the firmware file is encrypted to obtain the new version of the firmware file, in which the unique characteristics 142 of the secure computing terminal 140 and the electronic device 170 may be a universally unique identifier (Universally Unique Identifier, UUID), device model or certificate of the electronic device 170 . 如請求項1的線上更新韌體的處理系統,其中該韌體源端使用一簽章私鑰為該加密新版韌體檔案簽章產生一簽章資訊,並以一加密 公鑰為該簽章資訊及一加密新版韌體金鑰進行加密產生一加密簽章資訊及一被加密金鑰,並將該加密新版韌體檔案、該加密簽章資訊及該被加密金鑰經由該韌體儲存端及該韌體產製服務器傳送至該安全運算端,該安全運算端使用一解密私鑰為該加密簽章資訊及該被加密金鑰解密得到該簽章資訊及該加密新版韌體金鑰,該安全運算端使用該加密新版韌體金鑰為該加密新版韌體檔案進行解密得到該新版韌體檔案,該韌體源端使用一驗章公鑰對該簽章資訊進行驗章並以確認該加密新版韌體檔案來自該韌體源端。 For example, the online firmware update processing system of request item 1, wherein the firmware source uses a signature private key to generate a signature information for the encrypted new version of the firmware file, and uses an encrypted The public key encrypts the signature information and an encrypted new version of the firmware key to generate an encrypted signature information and an encrypted key, and the encrypted new version of the firmware file, the encrypted signature information and the encrypted key are It is transmitted to the secure computing terminal through the firmware storage terminal and the firmware production server. The secure computing terminal uses a decryption private key to decrypt the encrypted signature information and the encrypted key to obtain the signature information and the encryption. The new version of the firmware key is used by the secure computing end to decrypt the encrypted new version of the firmware file and the new version of the firmware file is obtained. The firmware source end uses a verification public key for the signature information. Perform seal verification to confirm that the encrypted new version of the firmware file comes from the source of the firmware. 如請求項1的線上更新韌體的處理系統,其中該韌體源端及該韌體儲存端之間建立傳輸層安全(TLS)連線,安全連線。 For example, in the online firmware update processing system of claim 1, a Transport Layer Security (TLS) connection is established between the firmware source and the firmware storage, and the connection is secure. 如請求項1的線上更新韌體的處理系統,更包括有一訊息序列管理器及一負載服務器,該訊息序列管理器連接所述更新管理端與所述韌體產製服務器,而該負載服務器連接所述訊息序列管理器且由訊息序列管理器連接所述更新管理端與所述韌體產製服務器,且該負載服務器根據該些韌體產製服務器的一當前負載,從該些韌體產製服務器中選擇該當前負載最小者為該目標服務器。 The online firmware update processing system of claim 1 further includes a message sequence manager and a load server, the message sequence manager connects the update management terminal and the firmware production server, and the load server connects The message sequence manager connects the update management terminal and the firmware production server by the message sequence manager, and the load server obtains the information from the firmware production servers according to a current load of the firmware production servers. Select the one with the smallest current load among the target servers as the target server. 一種線上更新韌體的處理方法,包括:一電子設備向一韌體安全更新服務端發送一下載要求;由該韌體安全更新服務端的更新管理端根據該下載要求查找是否具有一新版韌體資訊;若該韌體安全更新服務端的更新管理端具有相應該電子設備的該新版韌體資訊,該韌體安全更新服務端的更新管理端令一韌體儲存端將相應該電子設備的一加密新版韌體檔案發送至一韌體產製服務器; 該韌體產製服務器將該加密新版韌體檔案發送至一安全運算端;該安全運算端對該加密新版韌體檔案解密為一新版韌體檔案,並以一唯一特徵加密該新版韌體檔案產生一專屬加密新版韌體檔案,且將該專屬加密新版韌體檔案發送至該韌體產製服務器;該韌體產製服務器依據該專屬加密新版韌體檔案產生一載點路徑資訊,且將該專屬加密新版韌體檔案發送至一韌體提供端,並將該載點路徑資訊發送至一更新管理端;以及該電子設備接收所述載點路徑資訊,再由載點路徑資訊連結至該韌體安全更新服務端的韌體提供端且於韌體提供端下載所述專屬加密新版韌體檔案,並該電子設備以該唯一特徵解密所述專屬加密新版韌體檔案以取得所述新版韌體檔案,其中安全運算端140與電子設備170的唯一特徵142可以是電子設備170的通用唯一辨識碼(Universally Unique Identifier,UUID)、設備型號或憑證。 A method for updating firmware online, including: an electronic device sends a download request to a firmware security update server; the update management end of the firmware security update server searches whether there is a new version of firmware information based on the download request ; If the update management end of the firmware security update server has the new version of firmware information corresponding to the electronic device, the update management end of the firmware security update server causes a firmware storage end to store an encrypted new version of the firmware of the corresponding electronic device. Send the body file to a firmware production server; The firmware production server sends the encrypted new firmware file to a secure computing terminal; the secure computing terminal decrypts the encrypted new firmware file into a new firmware file, and encrypts the new firmware file with a unique characteristic Generate an exclusive encrypted new version of the firmware file, and send the exclusive encrypted new version of the firmware file to the firmware production server; the firmware production server generates a load point path information based on the exclusive encrypted new version of the firmware file, and sends the The exclusive encrypted new version of the firmware file is sent to a firmware provider, and the download point path information is sent to an update management terminal; and the electronic device receives the download point path information, and then links the download point path information to the The firmware provider of the firmware security update server downloads the exclusive encrypted new firmware file from the firmware provider, and the electronic device decrypts the exclusive encrypted new firmware file using the unique characteristic to obtain the new firmware. File, in which the unique characteristics 142 of the secure computing terminal 140 and the electronic device 170 may be a universally unique identifier (UUID), device model or certificate of the electronic device 170 . 如請求項5的線上更新韌體的處理方法,其中在該更新管理端令一韌體儲存端將相應該電子設備的一加密新版韌體檔案發送至一韌體產製服務器的步驟包括:該更新管理端透過一訊息序列管理器發出一製作指令至一負載服務器,以由該負載服務器根據該些韌體產製服務器的一當前負載選擇該當前負載最小者為該目標服務器。 For example, the method for online firmware update in claim 5, wherein the step of causing a firmware storage terminal to send an encrypted new version of the firmware file corresponding to the electronic device to a firmware production server at the update management terminal includes: The update management terminal sends a production command to a load server through a message sequence manager, so that the load server selects the one with the smallest current load as the target server according to a current load of the firmware production servers. 如請求項5的線上更新韌體的處理方法,其中包括一安全機制:一韌體源端,傳送該加密新版韌體檔案及該新版韌體資訊至韌體儲存端; 該韌體源端使用一簽章私鑰為該加密新版韌體檔案簽章產生一簽章資訊,並以一加密公鑰為該簽章資訊及一加密新版韌體金鑰進行加密產生一加密簽章資訊及一被加密金鑰,並將該加密新版韌體檔案、該加密簽章資訊及該被加密金鑰發送至該韌體儲存端;該韌體儲存端將該加密新版檔韌體案、該加密簽章資訊及該被加密金鑰發送至該韌體產製服務器;該韌體產製服務器將該加密新版檔韌體案、該加密簽章資訊及該被加密金鑰傳送至該安全運算端;以及該安全運算端使用一解密私鑰為該加密簽章資訊及該被加密金鑰解密得到該簽章資訊及該加密新版韌體金鑰,該安全運算端使用該加密新版韌體金鑰為該加密新版韌體檔案進行解密得到該新版韌體檔案,該安全運算端使用一驗章公鑰對該簽章資訊進行驗章並以確認該加密新版韌體檔案來自該韌體源端。 For example, the processing method of online firmware update in request item 5 includes a security mechanism: a firmware source that transmits the encrypted new version of the firmware file and the new version of the firmware information to the firmware storage end; The firmware source uses a signature private key to sign the encrypted new version of the firmware file to generate a signature information, and uses an encrypted public key to encrypt the signature information and an encrypted new version of the firmware key to generate an encrypted signature. Signature information and an encrypted key, and send the encrypted new version firmware file, the encrypted signature information and the encrypted key to the firmware storage end; the firmware storage end sends the encrypted new version firmware file The file, the encrypted signature information and the encrypted key are sent to the firmware production server; the firmware production server sends the encrypted new version file firmware file, the encrypted signature information and the encrypted key to The secure computing end; and the secure computing end uses a decryption private key to decrypt the encrypted signature information and the encrypted key to obtain the signature information and the encrypted new version of the firmware key, and the secure computing end uses the encrypted new version The firmware key decrypts the encrypted new version of the firmware file to obtain the new version of the firmware file. The secure computing terminal uses a verification public key to verify the signature information and confirm that the encrypted new version of the firmware file comes from the firmware. Body source end. 如請求項5的線上更新韌體的處理方法,其中包括一安全機制:一韌體源端,傳送該加密新版韌體檔案及該新版韌體資訊至韌體儲存端,該韌體源端及該韌體儲存端之間建立TLS安全連線。 For example, the method of requesting online firmware update in item 5 includes a security mechanism: a firmware source that sends the encrypted new version of the firmware file and the new version of the firmware information to the firmware storage end, and the firmware source end and A TLS secure connection is established between the firmware stores.
TW110149077A 2021-12-28 2021-12-28 Processing system and method for online firmware update TWI815263B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW110149077A TWI815263B (en) 2021-12-28 2021-12-28 Processing system and method for online firmware update

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW110149077A TWI815263B (en) 2021-12-28 2021-12-28 Processing system and method for online firmware update

Publications (2)

Publication Number Publication Date
TW202326413A TW202326413A (en) 2023-07-01
TWI815263B true TWI815263B (en) 2023-09-11

Family

ID=88147634

Family Applications (1)

Application Number Title Priority Date Filing Date
TW110149077A TWI815263B (en) 2021-12-28 2021-12-28 Processing system and method for online firmware update

Country Status (1)

Country Link
TW (1) TWI815263B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170115984A1 (en) * 2014-06-30 2017-04-27 Feitian Technologies Co., Ltd. Firmware update method in two-chip solution for secure terminal
TW202009778A (en) * 2018-08-27 2020-03-01 香港商阿里巴巴集團服務有限公司 Firmware upgrade method and device
US20200285760A1 (en) * 2019-03-08 2020-09-10 Seagate Technology Llc Environment-aware storage drive with expandable security policies
CN112311799A (en) * 2020-11-02 2021-02-02 清创网御(合肥)科技有限公司 OTA (over the air) security upgrading method for Tbox firmware

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170115984A1 (en) * 2014-06-30 2017-04-27 Feitian Technologies Co., Ltd. Firmware update method in two-chip solution for secure terminal
TW202009778A (en) * 2018-08-27 2020-03-01 香港商阿里巴巴集團服務有限公司 Firmware upgrade method and device
US20200285760A1 (en) * 2019-03-08 2020-09-10 Seagate Technology Llc Environment-aware storage drive with expandable security policies
CN112311799A (en) * 2020-11-02 2021-02-02 清创网御(合肥)科技有限公司 OTA (over the air) security upgrading method for Tbox firmware

Also Published As

Publication number Publication date
TW202326413A (en) 2023-07-01

Similar Documents

Publication Publication Date Title
US20230155821A1 (en) Secure shared key establishment for peer to peer communications
USRE49673E1 (en) Systems and methods for secure data exchange
US11722316B2 (en) Cryptographic communication system and cryptographic communication method based on blockchain
CN111431713B (en) Private key storage method and device and related equipment
CN112737779B (en) Cryptographic machine service method, device, cryptographic machine and storage medium
US9800556B2 (en) Systems and methods for providing data security services
WO2020082160A1 (en) Methods and systems for secure data communication
US11853438B2 (en) Providing cryptographically secure post-secrets-provisioning services
CN112532580B (en) Data transmission method and system based on block chain and proxy re-encryption
WO2022100356A1 (en) Identity authentication system, method and apparatus, device, and computer readable storage medium
WO2020078225A1 (en) Key downloading method, client, cryptographic device and terminal device
US10630466B1 (en) Apparatus and method for exchanging cryptographic information with reduced overhead and latency
EP4096160A1 (en) Shared secret implementation of proxied cryptographic keys
CN113411187A (en) Identity authentication method and system, storage medium and processor
EP4206906A1 (en) Processing system and method for updating firmware online
JP2023097609A (en) Online firmware update processing system and method
US20140181508A1 (en) Communication device and computer program product
TWI815263B (en) Processing system and method for online firmware update
US20230205507A1 (en) Processing system and method for updating firmware online
TW202304172A (en) Location-key encryption system
KR102539418B1 (en) Apparatus and method for mutual authentication based on physical unclonable function
CN113918971A (en) Block chain based message transmission method, device, equipment and readable storage medium
KR100883442B1 (en) Method of delivering direct proof private keys to devices using an on-line service
CN112966287A (en) Method, system, device and computer readable medium for acquiring user data
CN114465768A (en) Processing system and method for updating firmware online