WO2014190884A1 - Method and apparatus for protecting terminal by using power-on password - Google Patents

Method and apparatus for protecting terminal by using power-on password Download PDF

Info

Publication number
WO2014190884A1
WO2014190884A1 PCT/CN2014/078424 CN2014078424W WO2014190884A1 WO 2014190884 A1 WO2014190884 A1 WO 2014190884A1 CN 2014078424 W CN2014078424 W CN 2014078424W WO 2014190884 A1 WO2014190884 A1 WO 2014190884A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
password
power
operating system
user
Prior art date
Application number
PCT/CN2014/078424
Other languages
French (fr)
Chinese (zh)
Inventor
刘小元
孙增才
Original Assignee
华为终端有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为终端有限公司 filed Critical 华为终端有限公司
Publication of WO2014190884A1 publication Critical patent/WO2014190884A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Definitions

  • the present invention relates to the field of communications, and in particular, to a method and apparatus for protecting a terminal by using a power-on password.
  • Current terminals e.g., tablet computers, personal computers, etc.
  • the password input box is displayed to protect the user equipment.
  • USB Universal Serial Bus
  • wifi network bypassing the security mechanism of the screen password, thereby cracking the device password. Therefore, the prior art protects the password. Insufficient strength, there is still a risk of terminal leakage.
  • the present invention provides a method and apparatus for protecting a terminal by using a power-on password, which can reduce the leakage of the terminal. Risk.
  • a first aspect of the present invention provides a method for protecting a terminal by using a power-on password, which may include: obtaining, after the terminal is powered on, the power-on password input by the user on the terminal interface before loading the operating system;
  • the power-on password input by the user on the terminal interface is obtained before the operating system is loaded, including:
  • the power-on password input by the user on the terminal interface is obtained before the operating system is loaded, including:
  • the power-on password entered by the user on the terminal interface is obtained.
  • the second possible implementation manner of the first aspect in a third possible implementation manner, when the power-on password input by the user is different from the pre-stored verification password in the terminal When the number of times is set, stopping the loading of the operating system of the terminal includes: whenever the power-on password input by the user is different from the verification password pre-stored in the terminal, recording a password error in the terminal;
  • the method of the embodiment of the present invention further includes:
  • the verification password is stored in advance in a storage area of the terminal, and the storage area includes a storage area in the central control chip and an embedded multimedia card eMMC built in the terminal.
  • a second aspect of the present invention provides an apparatus for including a terminal by using a power-on password, which may include: a power-on password acquisition unit, configured to obtain, after the terminal is powered on, before the operating system is loaded, Take the power-on password entered by the user on the terminal interface;
  • a verification unit configured to verify whether the power-on password input by the user obtained by the power-on password acquisition unit is the same as the verification password pre-stored in the terminal; when the verification password pre-stored in the terminal is the same, the operating system of the terminal is loaded And when the verification unit verifies that the power-on password input by the user is not the same as the pre-stored verification password in the terminal reaches a preset number of times, stopping loading the operating system of the terminal.
  • the acquiring unit is specifically configured to obtain, after the terminal is powered on, the power-on password input by the user on the terminal interface before running the bootloader bootloader of the operating system.
  • the acquiring unit is specifically configured to: after the terminal starts to power on and load the touch screen driver of the terminal, before loading the operating system kernel Kernel, acquiring the booting input by the user on the terminal interface password.
  • the processing unit includes: loading the terminal when the verification password is pre-stored in the terminal An operating system; a recording unit, configured to record a password error in the terminal whenever the verification unit verifies that the power-on password input by the user is different from the verification password pre-stored in the terminal;
  • a second processing sub-unit configured to stop loading the operating system of the terminal when the number of password errors recorded by the recording unit in the terminal reaches a preset number of times.
  • the apparatus of the embodiment of the present invention further includes:
  • a pre-processing unit configured to pre-store the verification password in a storage area of the terminal, where the storage area includes a storage area in the central control chip and an embedded multimedia card eMMC built in the terminal.
  • a third aspect of the present invention provides an apparatus for protecting a terminal by using a power-on password, which may include: a memory and a processor, wherein the memory stores a specific program, and the processor invokes the save The specific program stored in the storage, and performs the following operations:
  • the processor obtains a power-on password input by the user on the terminal interface before running the bootloader bootloader of the operating system after the terminal is powered on.
  • the processor obtains a power-on password input by the user on the terminal interface before loading the operating system kernel Kernel after the terminal is powered on and loaded with the terminal touch screen driver.
  • the processor performs the power-on password input by the user and the pre-stored verification password in the terminal is not When the same number of times reaches the preset number, when the operating system of the terminal is stopped, the following operations are performed:
  • the processor further performs the following operations:
  • the verification password is stored in advance in a storage area of the terminal, and the storage area includes a storage area in the central control chip and an embedded multimedia card eMMC built in the terminal.
  • the boot password verification is used to determine whether to load the operating system of the terminal, thereby accessing the terminal before the operating system runs. It protects the security of the terminal operating system startup and reduces the risk of terminal leakage.
  • FIG. 1 is a flow chart showing an embodiment of a method for protecting a terminal by a power-on password according to the present invention.
  • FIG. 2 is a flow chart showing an embodiment of an apparatus for protecting a terminal by a power-on password according to the present invention.
  • FIG. 3 is a block diagram showing the structure of an embodiment of the processing unit of Figure 2.
  • FIG. 4 is a flow chart showing another embodiment of an apparatus for protecting a terminal by a power-on password according to the present invention.
  • FIG. 1 is a flow chart showing a first embodiment of a method for protecting a terminal by a power-on password. As shown in FIG. 1, the method of the embodiment of the present invention may include:
  • Step S110 After the terminal is powered on, obtain the power-on password input by the user on the terminal interface before loading the operating system.
  • step S110 after the terminal is powered on, the boot password input by the user on the terminal interface is obtained before the boot loader of the operating system is run.
  • the boot password input by the user on the terminal interface is obtained before the boot loader of the operating system is run.
  • the liquid crystal display LCD
  • the liquid crystal display is lit (driving the LCD, Mipi DSI interface, Framebuffer).
  • the operating system manufacturer logo is displayed.
  • running Android bootloader Before, the data corresponding to the display password box is directly written into the framebuffer, so that the password input box can be displayed on the illuminated liquid crystal display to prompt the user to input the password, and the user can input the power-on password through the physical key of the tablet.
  • the user can use the "power", "volumn” keys to achieve digital input, volumn +, used to achieve a digital increase of 1, volumn - used to achieve a digital reduction of 1, the initial value of 0, power is used to achieve confirmation, when input and After confirming a password number, the cursor moves to the next character position. After the number of digits of the power-on password input by the user reaches a predetermined length, the power-on password input by the user is obtained.
  • step S110 after the terminal starts and loads the terminal touch screen driver, the power-on password input by the user on the terminal interface is obtained before the operating system kernel Kernel is loaded.
  • the liquid crystal display LCD
  • the touch screen touch panel driver is loaded
  • the password input box is displayed, prompting the user to input a password, and displaying a soft keyboard on the LCD for the user to input a password. After the user enters the password through the soft keyboard, the user obtains the power-on password.
  • Step S111 When the power-on password input by the user is the same as the verification password pre-stored in the terminal, the operating system of the terminal is loaded.
  • Step S112 When the power-on password input by the user is different from the pre-stored verification password in the terminal, the operating system of the terminal is stopped.
  • the verification password may be stored in a storage area of the terminal, where the storage area includes a storage area in the central control chip (for example, a read-only storage area ROM in the central control chip) and a built-in terminal.
  • Embedded multimedia card eMMC Embedded multimedia card.
  • the pre-stored verification password can be called through the calling interface of the storage area.
  • the verification password stored in the ROM can be obtained through the callback function; and for the eMMC, the eMMC can be passed.
  • the read/write interface obtains the verification password stored in the eMMC; compares the obtained power-on password input by the user with the pre-stored verification password, and loads when the power-on password input by the user is the same as the pre-stored verification password in the terminal.
  • the operating system of the terminal stops loading the operating system of the terminal when the power-on password input by the user is different from the pre-stored verification password in the terminal by a preset number of times. Concrete In the present, the preset number of times may be greater than or equal to two times.
  • step S112 whenever the power-on password input by the user is different from the verification password pre-stored in the terminal, a password error is recorded in the terminal (for example, it can be stored in the storage for storage). Verify the password in the storage area);
  • step S112 when the number of recorded password errors reaches a preset number of times, the operating system of the terminal is stopped, and a power-on prompt is also output to the user, for example, a tablet lock may be output. Please return to the factory for repairs.
  • the operating system that stops loading the terminal may be: automatically shutting down the central control chip of the terminal to implement chip-level security protection, so that even if the chip is installed on another terminal, the terminal cannot be used continuously, and the terminal is guaranteed. The security of the data.
  • the operating system that stops loading the terminal may be: automatically shutting down the terminal.
  • the terminal detects that the number of times the terminal power-on password is incorrect for the preset number of times, it automatically turns off, which effectively protects the security of the terminal data.
  • Fig. 2 is a block diagram showing the structure of a first embodiment of the apparatus for protecting a terminal by a power-on password according to the present invention.
  • the device for protecting a terminal by using a power-on password may include: a power-on password acquisition unit 21, a verification unit 22, and a processing unit 23, where:
  • the power-on password obtaining unit 21 is configured to obtain, after the terminal is powered on, the power-on password input by the user on the terminal interface before loading the operating system;
  • the verification unit 22 is configured to verify whether the power-on password input by the user acquired by the power-on password acquisition unit 21 is the same as the verification password pre-stored in the terminal;
  • the processing unit 23 is configured to: when the verification unit 22 verifies that the power-on password input by the user is the same as the verification password pre-stored in the terminal, loading the operating system of the terminal; When the verification unit verifies that the power-on password input by the user is not the same as the pre-stored verification password in the terminal reaches a preset number of times, the operating system of the terminal is stopped.
  • the power-on password obtaining unit 21 can obtain the boot password input by the user on the terminal interface before the boot loader of the operating system is run after the terminal is powered on.
  • the tablet with the Android operating system Take the tablet with the Android operating system as an example.
  • the liquid crystal display (LCD) is lit (driving LCD, Mipi DSI interface, Framebuffer), after displaying the operating system manufacturer logo.
  • the data corresponding to the display password box is directly written into the framebuffer, so that the password input box can be displayed on the illuminated liquid crystal display, prompting the user to input a password, and the user can input the physical key through the tablet.
  • Password for example, the user can use the "power", "volumn” key to achieve digital input, volumn +, used to achieve a digital increase of 1, volumn - used to achieve a digital reduction of 1, the initial value of 0, power is used to achieve confirmation, when After entering and confirming a password number, the cursor moves to the next character position. After the number of digits of the power-on password entered by the user reaches a predetermined length, the power-on password input by the user is obtained.
  • the power-on password obtaining unit 21 can obtain the power-on password input by the user on the terminal interface before the terminal is loaded and loaded with the touch screen driver.
  • the power-on password obtaining unit 21 displays a password input box, prompting the user to input a password, and simultaneously displaying a soft keyboard on the LCD for the user to input a password, and the user inputs the password through the soft keyboard and clicks to determine the user input. Power-on password.
  • the apparatus of the embodiment of the present invention may further include a pre-processing unit 20, configured to pre-store the verification password in a storage area of the terminal, where the storage area includes a central control chip.
  • the storage area for example, the read-only storage area ROM in the central control chip
  • the embedded multimedia card eMMC built in the terminal.
  • the verification unit 22 can call the pre-stored verification password through the calling interface of the storage area.
  • the verification password stored in the ROM can be obtained through the callback function; and for the eMMC, the eMMC can be obtained through the eMMC read/write interface.
  • the obtained power-on password input by the user is compared with the pre-stored verification password.
  • the processing unit 23 may include:
  • a first processing sub-unit 231 configured to: when the verification unit 22 verifies that the user-entered open password is the same as the pre-stored verification password in the terminal, loading the operating system of the terminal;
  • the recording unit 232 is configured to record a password error in the terminal whenever the verification unit 22 verifies that the power-on password input by the user is different from the verification password pre-stored in the terminal;
  • the second processing sub-unit 233 is configured to stop loading the operating system of the terminal when the number of times the password error recorded by the recording unit 232 in the terminal reaches a preset number of times.
  • the preset number of times may be greater than or equal to two times.
  • the recording unit 232 when the power-on password input by the user is different from the verification password pre-stored in the terminal, the recording unit 232 records a password error in the terminal (for example, can be stored in the password for Store the storage password in the storage area);
  • the second processing sub-unit 233 stops loading the operating system of the terminal.
  • the user may also output a power-on prompt to the user through the display screen of the terminal.
  • the device may output "plate lock, please return to the factory for maintenance”. Prompt message.
  • the operating system that stops the loading of the terminal by the second processing sub-unit 233 may specifically: automatically shut down the central control chip of the terminal to implement chip-level security protection, so that even if the chip is installed on other terminals, Can not continue to use, to ensure the security of the terminal data.
  • the operating system that stops the loading of the terminal by the second processing sub-unit 233 may specifically: automatically shut down the terminal. In this way, the next time the terminal detects that the terminal power-on password is incorrect for the preset number of times, it automatically shuts down, which effectively protects the security of the terminal data.
  • the power-on password verification is used to determine whether to load the operating system of the terminal, thereby before the operating system is run.
  • Protect terminal access and implement terminal operations The security of the system startup reduces the risk of terminal compromise.
  • Fig. 4 is a block diagram showing the structure of a second embodiment of the apparatus for protecting a terminal by a power-on password according to the present invention. As shown in FIG. 4, it may include: a memory 41 and a processor 42, wherein the memory 41 stores a specific program, and the processor 42 may call the specific program stored in the memory 41 and execute Do the following:
  • the processor 42 can obtain the power-on password input by the user on the terminal interface before the boot loader of the operating system is run after the terminal is powered on. Take a tablet with an Android operating system as an example. When the tablet is powered on, on the LCD screen.
  • the processor 42 can obtain the power-on password input by the user on the terminal interface before the operating system kernel Kernel is loaded after the terminal starts and loads the terminal touch screen driver.
  • the liquid crystal display (LCD) is lit, after the operating system manufacturer logo is displayed, after the touch screen touch panel driver is loaded,
  • the password input box is displayed, prompting the user to enter a password, and displaying a soft keyboard on the LCD.
  • the user enters the password through the soft keyboard and clicks OK to obtain the power-on password input by the user.
  • the verification password may be stored in a storage area of the terminal, where the storage area includes a storage area in the central control chip (for example, a read-only storage area ROM in the central control chip) and a built-in terminal.
  • Embedded multimedia card eMMC Embedded multimedia card
  • the processor 42 can call the pre-stored verification password through the calling interface of the storage area.
  • the verification password stored in the ROM can be obtained through the callback function; and for the eMMC, the eMMC can be obtained through the eMMC read/write interface.
  • the operating system is configured to stop loading the operating system of the terminal when the power-on password input by the user is different from the pre-stored verification password in the terminal by a preset number of times.
  • the preset number of times may be greater than or equal to two times.
  • the processor 42 when the power-on password input by the user is different from the verification password pre-stored in the terminal, the processor 42 records a password error in the terminal (for example, can be stored in the storage for verification). In the storage area of the password);
  • the processor 42 stops loading the operating system of the terminal, and can also output a power-on prompt to the user through the display screen of the terminal, for example, outputting "Platform lock, please return to factory for repair" message.
  • the operating system of the processor 42 to stop loading the terminal may specifically: automatically shut down the central control chip of the terminal to implement chip-level security protection, so that the chip cannot be continued even if the chip is installed on another terminal. Use, to ensure the security of the terminal data.
  • the operating system of the processor 42 to stop loading the terminal may specifically: automatically shut down the terminal. In this way, the next time the terminal detects that the terminal power-on password is incorrect for the preset number of times, it will automatically shut down, which effectively protects the security of the terminal data.
  • the power-on password verification is used to determine whether to load the operating system of the terminal. Therefore, the access of the terminal can be protected before the operating system is run, the security of the terminal operating system startup is realized, and the risk of the terminal leaking is reduced.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Telephone Function (AREA)
  • Storage Device Security (AREA)
  • Power Sources (AREA)

Abstract

Embodiments of the present invention disclose a method and an apparatus for protecting a terminal by using a power-on password. The method may comprise: after a terminal is powered on and before an operating system is loaded, obtaining a power-on password input by a user on an interface of the terminal; when the power-on password input by the user is the same as a verification password pre-stored in the terminal, loading the operating system of the terminal; and when the times that the user inputs the power-on password not same as the verification password pre-stored in the terminal exceeds the preset number of times, stopping loading the operating system of the terminal. Therefore, by using the present invention, risk of secret leakage can be reduced.

Description

通过开机密码保护终端的方法及装置  Method and device for protecting terminal by power-on password
本申请要求于 2013年 05月 30日提交中国专利局、 申请号为 201310209609.5、 发明名称为 "通过开机密码保护终端的方法及装置" 的中 国专利申请的优先权, 其全部内容通过引用结合在本申请中。 This application claims priority to Chinese Patent Application No. 201310209609.5, entitled "Method and Apparatus for Protecting Terminals by Power-on Password" on May 30, 2013, the entire contents of which are incorporated herein by reference. In the application.
技术领域 本发明涉及通信领域, 尤其涉及通过开机密码保护终端的方法及装置。 TECHNICAL FIELD The present invention relates to the field of communications, and in particular, to a method and apparatus for protecting a terminal by using a power-on password.
背景技术 目前的终端 (比如, 平板电脑, 个人计算机等)在操作系统运行后都 可提供屏幕保护密码、 文件加密密码等机制来对终端进行保护。 BACKGROUND OF THE INVENTION Current terminals (e.g., tablet computers, personal computers, etc.) can provide a screen saver password, a file encryption password, and the like to protect a terminal after the operating system is running.
在现在的 android上,如果用户打开了密码设置,则系统启动完成 (kernel 已经运行, 文件系统已经挂载)后, 检测到用户设置了密码, 则显示密码输 入框, 对用户设备进行保护。  On the current android, if the user opens the password setting, after the system startup is completed (the kernel has been run and the file system is mounted), after detecting that the user has set a password, the password input box is displayed to protect the user equipment.
由于系统已经启动, 攻击者可以通过 USB ( Universal Serial Bus, 通用 串行总线)、 wifi网络对设备进行攻击, 绕开屏幕密码的安全机制, 从而破 解设备密码, 因而, 现有技术在保护密码的强度不够, 仍存在终端泄密的 风险。  Since the system has been started, the attacker can attack the device through USB (Universal Serial Bus) and wifi network, bypassing the security mechanism of the screen password, thereby cracking the device password. Therefore, the prior art protects the password. Insufficient strength, there is still a risk of terminal leakage.
发明内容 本发明提供通过开机密码保护终端的方法及装置, 可降低终端泄密的 风险。 SUMMARY OF THE INVENTION The present invention provides a method and apparatus for protecting a terminal by using a power-on password, which can reduce the leakage of the terminal. Risk.
本发明第一方面提供一种通过开机密码保护终端的方法, 其可包括: 在终端上电启动后, 加载操作系统之前, 获取用户在终端界面上输入 的开机密码;  A first aspect of the present invention provides a method for protecting a terminal by using a power-on password, which may include: obtaining, after the terminal is powered on, the power-on password input by the user on the terminal interface before loading the operating system;
当所述用户输入的开机密码与所述终端中预先存储的验证密码相同 时, 加载所述终端的操作系统;  When the power-on password input by the user is the same as the verification password pre-stored in the terminal, loading an operating system of the terminal;
当所述用户输入的开机密码与所述终端中预先存储的验证密码不相同 次数达到预设次数时, 则停止加载所述终端的操作系统。  When the power-on password input by the user is different from the pre-stored verification password in the terminal by a preset number of times, the operating system of the terminal is stopped.
结合第一方面, 在第一种可能的实现方式中, 在终端上电启动后, 加 载操作系统之前, 获取用户在终端界面上输入的开机密码, 包括:  With the first aspect, in the first possible implementation manner, after the terminal is powered on, the power-on password input by the user on the terminal interface is obtained before the operating system is loaded, including:
在终端上电启动后, 运行操作系统的引导加载程序 boot loader之前, 获取用户在终端界面上输入的开机密码。  After the terminal is powered on, obtain the power-on password entered by the user on the terminal interface before running the boot loader of the operating system.
结合第一方面, 在第二种可能的实现方式中, 在终端上电启动后, 加 载操作系统之前, 获取用户在终端界面上输入的开机密码, 包括:  With reference to the first aspect, in a second possible implementation manner, after the terminal is powered on, the power-on password input by the user on the terminal interface is obtained before the operating system is loaded, including:
在终端上电启动并加载终端触摸屏驱动后, 加载操作系统内核 Kernel 之前, 获取用户在终端界面上输入的开机密码。  After the terminal is powered on and the terminal touch screen driver is loaded, before the operating system kernel Kernel is loaded, the power-on password entered by the user on the terminal interface is obtained.
结合第一方面至第一方面的第二种可能的实现方式, 在第三种可能的 实现方式中, 当所述用户输入的开机密码与所述终端中预先存储的验证密 码不相同次数达到预设次数时, 则停止加载所述终端的操作系统, 包括: 每当所述用户输入的开机密码与所述终端中预先存储的验证密码不相 同时, 则在所述终端中记录一次密码错误;  With reference to the second aspect, the second possible implementation manner of the first aspect, in a third possible implementation manner, when the power-on password input by the user is different from the pre-stored verification password in the terminal When the number of times is set, stopping the loading of the operating system of the terminal includes: whenever the power-on password input by the user is different from the verification password pre-stored in the terminal, recording a password error in the terminal;
当记录的密码错误的次数达到预设次数时, 则停止加载所述终端的操 作系统。  When the number of recorded password errors reaches a preset number of times, the operation system of the terminal is stopped.
结合第一方面至第一方面的第二种可能的实现方式, 在第四种可能的 实现方式中, 本发明实施例的方法进一步包括:  With reference to the first aspect to the second possible implementation of the first aspect, in a fourth possible implementation, the method of the embodiment of the present invention further includes:
预先将所述验证密码存储在所述终端的存储区域中, 所述存储区域包 括中央控制芯片内的存储区域和终端内置的嵌入式多媒体卡 eMMC。  The verification password is stored in advance in a storage area of the terminal, and the storage area includes a storage area in the central control chip and an embedded multimedia card eMMC built in the terminal.
本发明第二方面提供一种通过开机密码包含终端的装置, 其可包括: 开机密码获取单元, 用于在终端上电启动后, 加载操作系统之前, 获 取用户在终端界面上输入的开机密码; A second aspect of the present invention provides an apparatus for including a terminal by using a power-on password, which may include: a power-on password acquisition unit, configured to obtain, after the terminal is powered on, before the operating system is loaded, Take the power-on password entered by the user on the terminal interface;
验证单元, 用于验证所述开机密码获取单元所获取的用户输入的开机 密码是否与所述终端中预先存储的验证密码相同; 终端中预先存储的验证密码相同时, 加载所述终端的操作系统; 当所述验 证单元验证所述用户输入的开机密码与所述终端中预先存储的验证密码不 相同次数达到预设次数时, 则停止加载所述终端的操作系统。  a verification unit, configured to verify whether the power-on password input by the user obtained by the power-on password acquisition unit is the same as the verification password pre-stored in the terminal; when the verification password pre-stored in the terminal is the same, the operating system of the terminal is loaded And when the verification unit verifies that the power-on password input by the user is not the same as the pre-stored verification password in the terminal reaches a preset number of times, stopping loading the operating system of the terminal.
结合第二方面, 在第一种可能的实现方式中, 所述获取单元具体用于 在终端上电启动后,运行操作系统的引导加载程序 bootloader之前, 获取用 户在终端界面上输入的开机密码。  With reference to the second aspect, in a first possible implementation manner, the acquiring unit is specifically configured to obtain, after the terminal is powered on, the power-on password input by the user on the terminal interface before running the bootloader bootloader of the operating system.
结合第二方面, 在第二种可能的实现方式中, 所述获取单元具体用于 在终端上电启动并加载终端触摸屏驱动后,加载操作系统内核 Kernel之前, 获取用户在终端界面上输入的开机密码。  With reference to the second aspect, in a second possible implementation manner, the acquiring unit is specifically configured to: after the terminal starts to power on and load the touch screen driver of the terminal, before loading the operating system kernel Kernel, acquiring the booting input by the user on the terminal interface password.
结合第二方面至第二方面的第二种可能的实现方式, 在第三种可能的 实现方式中, 所述处理单元包括: 与所述终端中预先存储的验证密码相同时, 加载所述终端的操作系统; 记录单元, 用于每当所述验证单元验证出所述用户输入的开机密码与 所述终端中预先存储的验证密码不相同时, 则在所述终端中记录一次密码 错误;  With reference to the second aspect to the second possible implementation of the second aspect, in a third possible implementation, the processing unit includes: loading the terminal when the verification password is pre-stored in the terminal An operating system; a recording unit, configured to record a password error in the terminal whenever the verification unit verifies that the power-on password input by the user is different from the verification password pre-stored in the terminal;
第二处理子单元, 用于当所述记录单元在所述终端中记录的密码错误 的次数达到预设次数时, 则停止加载所述终端的操作系统。  And a second processing sub-unit, configured to stop loading the operating system of the terminal when the number of password errors recorded by the recording unit in the terminal reaches a preset number of times.
结合第二方面至第二方面的第二种可能的实现方式, 在第四种可能的 实现方式中, 本发明实施例的装置进一步包括:  With reference to the second aspect to the second possible implementation of the second aspect, in a fourth possible implementation, the apparatus of the embodiment of the present invention further includes:
预处理单元, 用于预先将所述验证密码存储在所述终端的存储区域中, 所述存储区域包括中央控制芯片内的存储区域和终端内置的嵌入式多媒体 卡 eMMC。  And a pre-processing unit, configured to pre-store the verification password in a storage area of the terminal, where the storage area includes a storage area in the central control chip and an embedded multimedia card eMMC built in the terminal.
本发明第三方面提供一种通过开机密码保护终端的装置, 其可包括: 存储器和处理器, 所述存储器中存储有特定程序, 所述处理器调用所述存 储器中存储的所述特定程序, 并执行如下操作: A third aspect of the present invention provides an apparatus for protecting a terminal by using a power-on password, which may include: a memory and a processor, wherein the memory stores a specific program, and the processor invokes the save The specific program stored in the storage, and performs the following operations:
在终端上电启动后, 加载操作系统之前, 获取用户在终端界面上输入 的开机密码;  After the terminal is powered on, obtain the power-on password entered by the user on the terminal interface before loading the operating system.
当所述用户输入的开机密码与所述终端中预先存储的验证密码相同 时, 加载所述终端的操作系统;  When the power-on password input by the user is the same as the verification password pre-stored in the terminal, loading an operating system of the terminal;
当所述用户输入的开机密码与所述终端中预先存储的验证密码不相同 次数达到预设次数时, 则停止加载所述终端的操作系统。  When the power-on password input by the user is different from the pre-stored verification password in the terminal by a preset number of times, the operating system of the terminal is stopped.
结合第三方面, 在第一种可能的实现方式中, 所述处理器具体在终端 上电启动后,运行操作系统的引导加载程序 bootloader之前, 获取用户在终 端界面上输入的开机密码。  With reference to the third aspect, in a first possible implementation manner, the processor obtains a power-on password input by the user on the terminal interface before running the bootloader bootloader of the operating system after the terminal is powered on.
结合第三方面, 在第二种可能的实现方式中, 所述处理器具体在终端 上电启动并加载终端触摸屏驱动后, 加载操作系统内核 Kernel之前, 获取 用户在终端界面上输入的开机密码。  With reference to the third aspect, in a second possible implementation manner, the processor obtains a power-on password input by the user on the terminal interface before loading the operating system kernel Kernel after the terminal is powered on and loaded with the terminal touch screen driver.
结合第三方面至第三方面的第二种可能的实现方式, 在第三种可能的 实现方式中, 所述处理器执行所述用户输入的开机密码与所述终端中预先 存储的验证密码不相同次数达到预设次数时, 则停止加载所述终端的操作 系统时, 具体执行如下操作:  With the third aspect to the second possible implementation of the third aspect, in a third possible implementation, the processor performs the power-on password input by the user and the pre-stored verification password in the terminal is not When the same number of times reaches the preset number, when the operating system of the terminal is stopped, the following operations are performed:
每当所述用户输入的开机密码与所述终端中预先存储的验证密码不相 同时, 则在所述终端中记录一次密码错误;  Whenever the power-on password input by the user is not the same as the verification password pre-stored in the terminal, a password error is recorded in the terminal;
当记录的密码错误的次数达到预设次数时, 则停止加载所述终端的操 作系统。  When the number of recorded password errors reaches a preset number of times, the operation system of the terminal is stopped.
结合第三方面至第三方面的第二种可能的实现方式, 在第四种可能的 实现方式中, 所述处理器还执行如下操作:  With reference to the second possible implementation of the third aspect to the third aspect, in a fourth possible implementation, the processor further performs the following operations:
预先将所述验证密码存储在所述终端的存储区域中, 所述存储区域包 括中央控制芯片内的存储区域和终端内置的嵌入式多媒体卡 eMMC。  The verification password is stored in advance in a storage area of the terminal, and the storage area includes a storage area in the central control chip and an embedded multimedia card eMMC built in the terminal.
通过本发明提供的技术方案, 在终端上电启动后, 加载操作系统之前, 便通过开机密码验证来确定是否加载所述终端的操作系统, 由此, 可在操 作系统运行之前便对终端的访问加以保护, 实现了终端操作系统启动的安 全性, 降低了终端泄密的风险。 附图说明 为了更清楚地说明本发明实施例中的技术方案, 下面将对实施例描述 中所需要使用的附图作简单地介绍, 显而易见地, 下面描述中的附图是 本发明的一些实施例, 对于本领域普通技术人员来讲, 在不付出创造性 劳动的前提下, 还可以根据这些附图获得其他的附图。 According to the technical solution provided by the present invention, after the terminal is powered on, before the operating system is loaded, the boot password verification is used to determine whether to load the operating system of the terminal, thereby accessing the terminal before the operating system runs. It protects the security of the terminal operating system startup and reduces the risk of terminal leakage. BRIEF DESCRIPTION OF THE DRAWINGS In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are some implementations of the present invention. For example, other drawings may be obtained from those of ordinary skill in the art in light of the inventive work.
图 1为本发明的通过开机密码保护终端的方法的一实施例的流程示意 图。  1 is a flow chart showing an embodiment of a method for protecting a terminal by a power-on password according to the present invention.
图 2为本发明的通过开机密码保护终端的装置的一实施例的流程示意 图。  2 is a flow chart showing an embodiment of an apparatus for protecting a terminal by a power-on password according to the present invention.
图 3为图 2中的处理单元的一实施例的结构组成示意图。  Figure 3 is a block diagram showing the structure of an embodiment of the processing unit of Figure 2.
图 4为本发明的通过开机密码保护终端的装置的另一实施例的流程示意 图。  4 is a flow chart showing another embodiment of an apparatus for protecting a terminal by a power-on password according to the present invention.
具体实施方式 为使本发明的目的、 技术方案和优点更加清楚, 下面将结合附图对本 发明作进一步地详细描述。 DETAILED DESCRIPTION OF THE INVENTION In order to make the objects, technical solutions and advantages of the present invention more comprehensible, the present invention will be further described in detail with reference to the accompanying drawings.
图 1为本发明的通过开机密码保护终端的方法的第一实施例的流程示 意图。 如图 1所示, 本发明实施例的方法可包括:  BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is a flow chart showing a first embodiment of a method for protecting a terminal by a power-on password. As shown in FIG. 1, the method of the embodiment of the present invention may include:
步骤 S110 , 在终端上电启动后, 加载操作系统之前, 获取用户在终端 界面上输入的开机密码。  Step S110: After the terminal is powered on, obtain the power-on password input by the user on the terminal interface before loading the operating system.
具体实现中, 在步骤 S110, 可在终端上电启动后, 运行操作系统的引 导加载程序 bootloader之前, 获取用户在终端界面上输入的开机密码。 以装 载有 Android操作系统的平板电脑为例, 平板电脑上电启动时, 在液晶显 示屏( Liquid Crystal Display , LCD ) 点亮 (驱动 LCD、 Mipi DSI接口、 Framebuffer ) , 显示完操作系统厂商 logo后 , 在运行 Android bootloader之 前, 将显示密码框所对应的数据直接写入 framebuffer, 从而, 可在点亮的 液晶显示屏上显示密码输入框, 用以提示用户输入密码, 用户可通过平板 电脑的物理键输入开机密码, 比如, 用户可通过 "power" , "volumn"键 实现数字输入, volumn +, 用于实现数字增加 1 , volumn -用于实现数字减 少 1 , 初始值为 0, power用于实现确认, 当输入并确认一个密码数字后, 光标移动到下一个字符位置。 当用户输入的开机密码的位数达到预定长度 后, 获取用户输入的开机密码。 In a specific implementation, in step S110, after the terminal is powered on, the boot password input by the user on the terminal interface is obtained before the boot loader of the operating system is run. Take a tablet with an Android operating system as an example. When the tablet is powered on, the liquid crystal display (LCD) is lit (driving the LCD, Mipi DSI interface, Framebuffer). After the operating system manufacturer logo is displayed. , running Android bootloader Before, the data corresponding to the display password box is directly written into the framebuffer, so that the password input box can be displayed on the illuminated liquid crystal display to prompt the user to input the password, and the user can input the power-on password through the physical key of the tablet. For example, the user can use the "power", "volumn" keys to achieve digital input, volumn +, used to achieve a digital increase of 1, volumn - used to achieve a digital reduction of 1, the initial value of 0, power is used to achieve confirmation, when input and After confirming a password number, the cursor moves to the next character position. After the number of digits of the power-on password input by the user reaches a predetermined length, the power-on password input by the user is obtained.
在另一些可行的实施方式中, 在步骤 S110, 可在终端上电启动并加载 终端触摸屏驱动后, 加载操作系统内核 Kernel之前, 获取用户在终端界面 上输入的开机密码。 仍以装载有 Android操作系统的平板电脑为例, 平板 电脑上电启动时, 在液晶显示屏( Liquid Crystal Display , LCD )点亮, 显 示完操作系统厂商 logo后,加载完触摸屏 touch panel驱动后 ,在加载 Android 操作系统内核 Kernel之前, 显示密码输入框, 提示用户输入密码, 同时在 LCD上显示软键盘, 供用户输入密码, 用户通过软键盘输入密码点击确定 后, 获取用户输入的开机密码。  In another possible implementation manner, in step S110, after the terminal starts and loads the terminal touch screen driver, the power-on password input by the user on the terminal interface is obtained before the operating system kernel Kernel is loaded. Still taking a tablet computer loaded with an Android operating system as an example, when the tablet is powered on, the liquid crystal display (LCD) is lit, after the operating system manufacturer logo is displayed, after the touch screen touch panel driver is loaded, Before loading the Kernel of the Android operating system kernel, the password input box is displayed, prompting the user to input a password, and displaying a soft keyboard on the LCD for the user to input a password. After the user enters the password through the soft keyboard, the user obtains the power-on password.
步骤 S111 , 当所述用户输入的开机密码与所述终端中预先存储的验证 密码相同时, 加载所述终端的操作系统。  Step S111: When the power-on password input by the user is the same as the verification password pre-stored in the terminal, the operating system of the terminal is loaded.
步骤 S112 , 当所述用户输入的开机密码与所述终端中预先存储的验证 密码不相同次数达到预设次数时, 则停止加载所述终端的操作系统。  Step S112: When the power-on password input by the user is different from the pre-stored verification password in the terminal, the operating system of the terminal is stopped.
具体实现中, 可预先将所述验证密码存储在所述终端的存储区域中, 所述存储区域包括中央控制芯片内的存储区域(比如, 中央控制芯片内的 只读存储区域 ROM )和终端内置的嵌入式多媒体卡 eMMC。 这样, 在步骤 S111和步骤 S112 ,则可通过存储区域的调用接口调用预先存储的验证密码, 比如, 对于 ROM, 则可通过回调函数获取 ROM中存储的验证密码; 而对 于 eMMC, 则可通过 eMMC读写接口获取 eMMC中存储的验证密码; 将 获取的用户输入的开机密码与预先存储的验证密码进行比较, 当所述用户 输入的开机密码与所述终端中预先存储的验证密码相同时, 加载所述终端 的操作系统; 当所述用户输入的开机密码与所述终端中预先存储的验证密 码不相同次数达到预设次数时, 则停止加载所述终端的操作系统。 具体实 现中, 所述预设次数可为大于或者等于两次。 In a specific implementation, the verification password may be stored in a storage area of the terminal, where the storage area includes a storage area in the central control chip (for example, a read-only storage area ROM in the central control chip) and a built-in terminal. Embedded multimedia card eMMC. In this way, in step S111 and step S112, the pre-stored verification password can be called through the calling interface of the storage area. For example, for the ROM, the verification password stored in the ROM can be obtained through the callback function; and for the eMMC, the eMMC can be passed. The read/write interface obtains the verification password stored in the eMMC; compares the obtained power-on password input by the user with the pre-stored verification password, and loads when the power-on password input by the user is the same as the pre-stored verification password in the terminal. The operating system of the terminal stops loading the operating system of the terminal when the power-on password input by the user is different from the pre-stored verification password in the terminal by a preset number of times. Concrete In the present, the preset number of times may be greater than or equal to two times.
具体实现中, 在步骤 S112, 每当所述用户输入的开机密码与所述终端 中预先存储的验证密码不相同时, 则在所述终端中记录一次密码错误(比 如, 可存储在用于存储验证密码的存储区域中);  In a specific implementation, in step S112, whenever the power-on password input by the user is different from the verification password pre-stored in the terminal, a password error is recorded in the terminal (for example, it can be stored in the storage for storage). Verify the password in the storage area);
当记录的密码错误的次数达到预设次数时, 则停止加载所述终端的操 作系统。  When the number of recorded password errors reaches a preset number of times, the operation system of the terminal is stopped.
具体实现中,在步骤 S112 , 当记录的密码错误的次数达到预设次数时, 则停止加载所述终端的操作系统的同时, 还可输出上电提示给用户, 比如, 可输出 "平板锁定, 请返厂维修" 的提示信息。  In a specific implementation, in step S112, when the number of recorded password errors reaches a preset number of times, the operating system of the terminal is stopped, and a power-on prompt is also output to the user, for example, a tablet lock may be output. Please return to the factory for repairs.
具体实现中, 停止加载所述终端的操作系统可为: 自动关闭终端的中 央控制芯片, 以实现芯片级别的安全保护, 这样即使芯片被安装到其他的 终端上, 也无法继续使用, 保证了终端数据的安全性。  In a specific implementation, the operating system that stops loading the terminal may be: automatically shutting down the central control chip of the terminal to implement chip-level security protection, so that even if the chip is installed on another terminal, the terminal cannot be used continuously, and the terminal is guaranteed. The security of the data.
具体实现中, 停止加载所述终端的操作系统可为: 自动关闭终端。 这 样下次终端上电检测到终端开机密码错误的次数为预设次数, 则自动关闭, 有效保障了终端数据的安全性。  In a specific implementation, the operating system that stops loading the terminal may be: automatically shutting down the terminal. When the terminal detects that the number of times the terminal power-on password is incorrect for the preset number of times, it automatically turns off, which effectively protects the security of the terminal data.
由上可见, 通过本发明提供的技术方案, 在终端上电启动后, 加载操 作系统之前, 便通过开机密码验证来确定是否加载所述终端的操作系统, 由此, 可在操作系统运行之前便对终端的访问加以保护, 实现了终端操作 系统启动的安全性, 降低了终端泄密的风险。 图 2为本发明的通过开机密码保护终端的装置的第一实施例的结构组 成示意图。 如图 2所示, 本发明通过开机密码保护终端的装置可包括: 开机 密码获取单元 21、 验证单元 22、 处理单元 23 , 其中:  It can be seen that, by using the technical solution provided by the present invention, after the terminal is powered on, before the operating system is loaded, the power-on password verification is used to determine whether to load the operating system of the terminal, thereby before the operating system is run. The access of the terminal is protected, the security of the terminal operating system is activated, and the risk of terminal leakage is reduced. Fig. 2 is a block diagram showing the structure of a first embodiment of the apparatus for protecting a terminal by a power-on password according to the present invention. As shown in FIG. 2, the device for protecting a terminal by using a power-on password may include: a power-on password acquisition unit 21, a verification unit 22, and a processing unit 23, where:
开机密码获取单元 21 , 用于在终端上电启动后, 加载操作系统之前, 获取用户在终端界面上输入的开机密码;  The power-on password obtaining unit 21 is configured to obtain, after the terminal is powered on, the power-on password input by the user on the terminal interface before loading the operating system;
验证单元 22 ,用于验证所述开机密码获取单元 21所获取的用户输入的 开机密码是否与所述终端中预先存储的验证密码相同;  The verification unit 22 is configured to verify whether the power-on password input by the user acquired by the power-on password acquisition unit 21 is the same as the verification password pre-stored in the terminal;
处理单元 23 ,用于当所述验证单元 22验证所述用户输入的开机密码与 所述终端中预先存储的验证密码相同时, 加载所述终端的操作系统; 当所 述验证单元验证所述用户输入的开机密码与所述终端中预先存储的验证密 码不相同次数达到预设次数时, 则停止加载所述终端的操作系统。 The processing unit 23 is configured to: when the verification unit 22 verifies that the power-on password input by the user is the same as the verification password pre-stored in the terminal, loading the operating system of the terminal; When the verification unit verifies that the power-on password input by the user is not the same as the pre-stored verification password in the terminal reaches a preset number of times, the operating system of the terminal is stopped.
具体实现中, 开机密码获取单元 21可在终端上电启动后, 运行操作系 统的引导加载程序 bootloader之前, 获取用户在终端界面上输入的开机密 码。 以装载有 Android操作系统的平板电脑为例, 平板电脑上电启动时, 在液晶显示屏( Liquid Crystal Display , LCD )点亮(驱动 LCD、 Mipi DSI 接口、 Framebuffer ),显示完操作系统厂商 logo后 ,在运行 Android bootloader 之前, 将显示密码框所对应的数据直接写入 framebuffer, 从而可在点亮的 液晶显示屏上显示密码输入框, 提示用户输入密码, 用户可通过平板电脑 的物理键输入开机密码, 比如, 用户可通过 "power" , "volumn"键实现 数字输入, volumn +, 用于实现数字增加 1 , volumn -用于实现数字减少 1 , 初始值为 0, power用于实现确认, 当输入并确认一个密码数字后, 光标移 动到下一个字符位置。 当用户输入的开机密码的位数达到预定长度后, 获 取用户输入的开机密码。  In a specific implementation, the power-on password obtaining unit 21 can obtain the boot password input by the user on the terminal interface before the boot loader of the operating system is run after the terminal is powered on. Take the tablet with the Android operating system as an example. When the tablet is powered on, the liquid crystal display (LCD) is lit (driving LCD, Mipi DSI interface, Framebuffer), after displaying the operating system manufacturer logo. Before running the Android bootloader, the data corresponding to the display password box is directly written into the framebuffer, so that the password input box can be displayed on the illuminated liquid crystal display, prompting the user to input a password, and the user can input the physical key through the tablet. Password, for example, the user can use the "power", "volumn" key to achieve digital input, volumn +, used to achieve a digital increase of 1, volumn - used to achieve a digital reduction of 1, the initial value of 0, power is used to achieve confirmation, when After entering and confirming a password number, the cursor moves to the next character position. After the number of digits of the power-on password entered by the user reaches a predetermined length, the power-on password input by the user is obtained.
具体实现中, 开机密码获取单元 21可在终端上电启动并加载终端触摸 屏驱动后, 加载操作系统内核 Kernel之前, 获取用户在终端界面上输入的 开机密码。 仍以装载有 Android操作系统的平板电脑为例, 平板电脑上电 启动时, 在液晶显示屏(Liquid Crystal Display , LCD )点亮, 显示完操作 系统厂商 logo后 , 加载完触摸屏 touch panel驱动后 , 在加载 Android操作 系统内核 Kernel之前, 开机密码获取单元 21显示密码输入框, 提示用户 输入密码, 同时在 LCD上显示软键盘, 供用户输入密码, 用户通过软键盘 输入密码点击确定后, 获取用户输入的开机密码。  In a specific implementation, the power-on password obtaining unit 21 can obtain the power-on password input by the user on the terminal interface before the terminal is loaded and loaded with the touch screen driver. Still taking a tablet computer loaded with an Android operating system as an example, when the tablet is powered on, the liquid crystal display (LCD) is lit, after the operating system manufacturer logo is displayed, after the touch screen touch panel driver is loaded, Before loading the Android operating system kernel Kernel, the power-on password obtaining unit 21 displays a password input box, prompting the user to input a password, and simultaneously displaying a soft keyboard on the LCD for the user to input a password, and the user inputs the password through the soft keyboard and clicks to determine the user input. Power-on password.
仍参考图 2 , 具体实现中, 本发明实施例的装置还可包括预处理单元 20 , 用于预先将所述验证密码存储在所述终端的存储区域中, 所述存储区 域包括中央控制芯片内的存储区域(比如, 中央控制芯片内的只读存储区 域 ROM )和终端内置的嵌入式多媒体卡 eMMC。  Still referring to FIG. 2, in an implementation, the apparatus of the embodiment of the present invention may further include a pre-processing unit 20, configured to pre-store the verification password in a storage area of the terminal, where the storage area includes a central control chip. The storage area (for example, the read-only storage area ROM in the central control chip) and the embedded multimedia card eMMC built in the terminal.
这样, 验证单元 22则可通过存储区域的调用接口调用预先存储的验证 密码, 比如, 对于 ROM, 则可通过回调函数获取 ROM中存储的验证密码; 而对于 eMMC, 则可通过 eMMC读写接口获取 eMMC中存储的验证密码; 并将获取的用户输入的开机密码与预先存储的验证密码进行比较。 In this way, the verification unit 22 can call the pre-stored verification password through the calling interface of the storage area. For example, for the ROM, the verification password stored in the ROM can be obtained through the callback function; and for the eMMC, the eMMC can be obtained through the eMMC read/write interface. The verification password stored in the eMMC; The obtained power-on password input by the user is compared with the pre-stored verification password.
结合图 2和图 3 , 具体实现中, 所述处理单元 23可包括:  With reference to FIG. 2 and FIG. 3, in a specific implementation, the processing unit 23 may include:
第一处理子单元 231 , 用于当所述验证单元 22验证所述用户输入的开 机密码与所述终端中预先存储的验证密码相同时, 加载所述终端的操作系 统;  a first processing sub-unit 231, configured to: when the verification unit 22 verifies that the user-entered open password is the same as the pre-stored verification password in the terminal, loading the operating system of the terminal;
记录单元 232 , 用于每当所述验证单元 22验证出所述用户输入的开机 密码与所述终端中预先存储的验证密码不相同时, 则在所述终端中记录一 次密码错误;  The recording unit 232 is configured to record a password error in the terminal whenever the verification unit 22 verifies that the power-on password input by the user is different from the verification password pre-stored in the terminal;
第二处理子单元 233 ,用于当所述记录单元 232在所述终端中记录的密 码错误的次数达到预设次数时, 则停止加载所述终端的操作系统。 具体实 现中, 所述预设次数可为大于或者等于两次。  The second processing sub-unit 233 is configured to stop loading the operating system of the terminal when the number of times the password error recorded by the recording unit 232 in the terminal reaches a preset number of times. In a specific implementation, the preset number of times may be greater than or equal to two times.
具体实现中, 每当所述用户输入的开机密码与所述终端中预先存储的 验证密码不相同时, 所述记录单元 232 则在所述终端中记录一次密码错误 (比如, 可存储在用于存储验证密码的存储区域中);  In a specific implementation, when the power-on password input by the user is different from the verification password pre-stored in the terminal, the recording unit 232 records a password error in the terminal (for example, can be stored in the password for Store the storage password in the storage area);
当记录单元 232记录的密码错误的次数达到预设次数时, 第二处理子 单元 233则停止加载所述终端的操作系统。  When the number of password errors recorded by the recording unit 232 reaches a preset number of times, the second processing sub-unit 233 stops loading the operating system of the terminal.
具体实现中, 当第二处理子单元 233停止加载所述终端的操作系统的 同时, 还可通过终端的显示屏输出上电提示给用户, 比如, 可输出 "平板 锁定, 请返厂维修" 的提示信息。  In a specific implementation, when the second processing sub-unit 233 stops loading the operating system of the terminal, the user may also output a power-on prompt to the user through the display screen of the terminal. For example, the device may output "plate lock, please return to the factory for maintenance". Prompt message.
具体实现中, 第二处理子单元 233停止加载所述终端的操作系统具体 可为: 自动关闭终端的中央控制芯片, 以实现芯片级别的安全保护, 这样 即使芯片被安装到其他的终端上, 也无法继续使用, 保证了终端数据的安 全性。  In a specific implementation, the operating system that stops the loading of the terminal by the second processing sub-unit 233 may specifically: automatically shut down the central control chip of the terminal to implement chip-level security protection, so that even if the chip is installed on other terminals, Can not continue to use, to ensure the security of the terminal data.
具体实现中, 第二处理子单元 233停止加载所述终端的操作系统具体 可为: 自动关闭终端。 这样下次终端上电检测到终端开机密码错误的次数 为预设次数, 则自动关闭, 有效保障了终端数据的安全性。  In a specific implementation, the operating system that stops the loading of the terminal by the second processing sub-unit 233 may specifically: automatically shut down the terminal. In this way, the next time the terminal detects that the terminal power-on password is incorrect for the preset number of times, it automatically shuts down, which effectively protects the security of the terminal data.
由上可见, 通过本发明提供的技术方案, 在终端上电启动后, 加载操 作系统之前, 便通过开机密码验证来确定是否加载所述终端的操作系统, 由此, 可在操作系统运行之前便对终端的访问加以保护, 实现了终端操作 系统启动的安全性, 降低了终端泄密的风险。 It can be seen that, by using the technical solution provided by the present invention, after the terminal is powered on, before the operating system is loaded, the power-on password verification is used to determine whether to load the operating system of the terminal, thereby before the operating system is run. Protect terminal access and implement terminal operations The security of the system startup reduces the risk of terminal compromise.
图 4为本发明的通过开机密码保护终端的装置的第二实施例的结构组 成示意图。 如图 4所示, 其可包括: 存储器 41和处理器 42 , 其中, 所述存 储器 41中存储有特定程序, 所述处理器 42可调用所述存储器 41中存储的 所述特定程序, 并执行如下操作:  Fig. 4 is a block diagram showing the structure of a second embodiment of the apparatus for protecting a terminal by a power-on password according to the present invention. As shown in FIG. 4, it may include: a memory 41 and a processor 42, wherein the memory 41 stores a specific program, and the processor 42 may call the specific program stored in the memory 41 and execute Do the following:
在终端上电启动后, 加载操作系统之前, 获取用户在终端界面上输入 的开机密码。  After the terminal is powered on, obtain the power-on password entered by the user on the terminal interface before loading the operating system.
当所述用户输入的开机密码与所述终端中预先存储的验证密码相同 时, 加载所述终端的操作系统。  When the power-on password input by the user is the same as the verification password pre-stored in the terminal, the operating system of the terminal is loaded.
当所述用户输入的开机密码与所述终端中预先存储的验证密码不相同 次数达到预设次数时, 则停止加载所述终端的操作系统。  When the power-on password input by the user is different from the pre-stored verification password in the terminal by a preset number of times, the operating system of the terminal is stopped.
具体实现中, 处理器 42可在终端上电启动后, 运行操作系统的引导加 载程序 bootloader之前, 获取用户在终端界面上输入的开机密码。 以装载有 Android操作系统的平板电脑为例, 平板电脑上电启动时, 在液晶显示屏 In a specific implementation, the processor 42 can obtain the power-on password input by the user on the terminal interface before the boot loader of the operating system is run after the terminal is powered on. Take a tablet with an Android operating system as an example. When the tablet is powered on, on the LCD screen.
( Liquid Crystal Display , LCD ) 点亮 (驱动 LCD、 Mipi DSI 接口、 Framebuffer ) , 显示完操作系统厂商 logo后 , 在运行 Android bootloader之 前, 将显示密码框所对应的数据直接写入 framebuffer, 从而可在点亮的液 晶显示屏上显示密码输入框, 提示用户输入密码, 用户可通过平板电脑的 物理键输入开机密码, 比如, 用户可通过 "power" , "volumn"键实现数 字输入, volumn +, 用于实现数字增加 1 , volumn -用于实现数字减少 1 , 初始值为 0, power用于实现确认, 当输入并确认一个密码数字后, 光标移 动到下一个字符位置。 当用户输入的开机密码的位数达到预定长度后, 获 取用户输入的开机密码。 (Liquid Crystal Display, LCD) Lights up (drives LCD, Mipi DSI interface, Framebuffer). After displaying the operating system manufacturer logo, before running the Android bootloader, the data corresponding to the display password box is directly written into the framebuffer, so that The illuminated LCD display shows the password input box, prompting the user to enter the password. The user can input the power-on password through the physical key of the tablet. For example, the user can use the "power" and "volumn" keys to implement digital input, volumn +, In the implementation of the number increase 1, volumn - used to achieve a digital reduction of 1, the initial value of 0, power is used to achieve confirmation, when a password number is entered and confirmed, the cursor moves to the next character position. After the number of digits of the power-on password entered by the user reaches a predetermined length, the power-on password input by the user is obtained.
具体实现中, 处理器 42可在终端上电启动并加载终端触摸屏驱动后, 加载操作系统内核 Kernel之前, 获取用户在终端界面上输入的开机密码。 仍以装载有 Android操作系统的平板电脑为例, 平板电脑上电启动时, 在 液晶显示屏( Liquid Crystal Display , LCD )点亮,显示完操作系统厂商 logo 后 ,加载完触摸屏 touch panel驱动后 ,在加载 Android操作系统内核 Kernel 之前, 显示密码输入框, 提示用户输入密码, 同时在 LCD上显示软键盘, 供用户输入密码, 用户通过软键盘输入密码点击确定后, 获取用户输入的 开机密码。 In a specific implementation, the processor 42 can obtain the power-on password input by the user on the terminal interface before the operating system kernel Kernel is loaded after the terminal starts and loads the terminal touch screen driver. Still taking a tablet computer loaded with an Android operating system as an example, when the tablet is powered on, the liquid crystal display (LCD) is lit, after the operating system manufacturer logo is displayed, after the touch screen touch panel driver is loaded, Before loading the Android kernel Kernel, the password input box is displayed, prompting the user to enter a password, and displaying a soft keyboard on the LCD. For the user to enter a password, the user enters the password through the soft keyboard and clicks OK to obtain the power-on password input by the user.
具体实现中, 可预先将所述验证密码存储在所述终端的存储区域中, 所述存储区域包括中央控制芯片内的存储区域(比如, 中央控制芯片内的 只读存储区域 ROM )和终端内置的嵌入式多媒体卡 eMMC。 这样, 处理器 42 则可通过存储区域的调用接口调用预先存储的验证密码, 比如, 对于 ROM, 则可通过回调函数获取 ROM中存储的验证密码; 而对于 eMMC, 则可通过 eMMC读写接口获取 eMMC中存储的验证密码;将获取的用户输 入的开机密码与预先存储的验证密码进行比较, 当所述用户输入的开机密 码与所述终端中预先存储的验证密码相同时, 加载所述终端的操作系统; 当所述用户输入的开机密码与所述终端中预先存储的验证密码不相同次数 达到预设次数时, 则停止加载所述终端的操作系统。 具体实现中, 所述预 设次数可为大于或者等于两次。  In a specific implementation, the verification password may be stored in a storage area of the terminal, where the storage area includes a storage area in the central control chip (for example, a read-only storage area ROM in the central control chip) and a built-in terminal. Embedded multimedia card eMMC. In this way, the processor 42 can call the pre-stored verification password through the calling interface of the storage area. For example, for the ROM, the verification password stored in the ROM can be obtained through the callback function; and for the eMMC, the eMMC can be obtained through the eMMC read/write interface. a verification password stored in the eMMC; comparing the obtained power-on password input by the user with a pre-stored verification password, and loading the terminal when the power-on password input by the user is the same as the verification password pre-stored in the terminal The operating system is configured to stop loading the operating system of the terminal when the power-on password input by the user is different from the pre-stored verification password in the terminal by a preset number of times. In a specific implementation, the preset number of times may be greater than or equal to two times.
具体实现中, 每当所述用户输入的开机密码与所述终端中预先存储的 验证密码不相同时, 处理器 42则在所述终端中记录一次密码错误(比如, 可存储在用于存储验证密码的存储区域中);  In a specific implementation, when the power-on password input by the user is different from the verification password pre-stored in the terminal, the processor 42 records a password error in the terminal (for example, can be stored in the storage for verification). In the storage area of the password);
当记录的密码错误的次数达到预设次数时, 则停止加载所述终端的操 作系统。  When the number of recorded password errors reaches a preset number of times, the operation system of the terminal is stopped.
具体实现中, 当记录的密码错误的次数达到预设次数时, 处理器 42则 停止加载所述终端的操作系统的同时, 还可通过终端的显示屏输出上电提 示给用户, 比如, 可输出 "平板锁定, 请返厂维修" 的提示信息。  In a specific implementation, when the number of recorded password errors reaches a preset number of times, the processor 42 stops loading the operating system of the terminal, and can also output a power-on prompt to the user through the display screen of the terminal, for example, outputting "Platform lock, please return to factory for repair" message.
具体实现中, 处理器 42执行停止加载所述终端的操作系统具体可为: 自动关闭终端的中央控制芯片, 以实现芯片级别的安全保护, 这样即使芯 片被安装到其他的终端上, 也无法继续使用, 保证了终端数据的安全性。  In a specific implementation, the operating system of the processor 42 to stop loading the terminal may specifically: automatically shut down the central control chip of the terminal to implement chip-level security protection, so that the chip cannot be continued even if the chip is installed on another terminal. Use, to ensure the security of the terminal data.
具体实现中, 处理器 42执行停止加载所述终端的操作系统具体可为: 自动关闭终端。 这样下次终端上电检测到终端开机密码错误的次数为预设 次数, 则自动关闭, 有效保障了终端数据的安全性。  In a specific implementation, the operating system of the processor 42 to stop loading the terminal may specifically: automatically shut down the terminal. In this way, the next time the terminal detects that the terminal power-on password is incorrect for the preset number of times, it will automatically shut down, which effectively protects the security of the terminal data.
由上可见, 通过本发明提供的技术方案, 在终端上电启动后, 加载操 作系统之前, 便通过开机密码验证来确定是否加载所述终端的操作系统, 由此, 可在操作系统运行之前便对终端的访问加以保护, 实现了终端操作 系统启动的安全性, 降低了终端泄密的风险。 It can be seen that, by using the technical solution provided by the present invention, after the terminal is powered on, before the operating system is loaded, the power-on password verification is used to determine whether to load the operating system of the terminal. Therefore, the access of the terminal can be protected before the operating system is run, the security of the terminal operating system startup is realized, and the risk of the terminal leaking is reduced.
以上所列举的仅为本发明较佳实施例而已, 当然不能以此来限定本发 明之权利范围, 因此依本发明权利要求所作的等同变化, 仍属本发明所涵 盖的范围。  The above are only the preferred embodiments of the present invention, and the scope of the present invention is not limited thereto, and the equivalent changes made by the claims of the present invention are still within the scope of the present invention.

Claims

权利要求 Rights request
1、 一种通过开机密码保护终端的方法, 其特征在于, 包括: 1. A method of protecting a terminal through a power-on password, which is characterized by including:
在终端上电启动后, 加载操作系统之前, 获取用户在终端界面上输入 的开机密码; After the terminal is powered on and started, before loading the operating system, obtain the power-on password entered by the user on the terminal interface;
当所述用户输入的开机密码与所述终端中预先存储的验证密码相同 时, 加载所述终端的操作系统; When the power-on password input by the user is the same as the verification password pre-stored in the terminal, load the operating system of the terminal;
当所述用户输入的开机密码与所述终端中预先存储的验证密码不相同 次数达到预设次数时, 则停止加载所述终端的操作系统。 When the power-on password input by the user is different from the verification password pre-stored in the terminal for a preset number of times, loading of the operating system of the terminal is stopped.
2、 如权利要求 1所述的通过开机密码保护终端的方法, 其特征在于, 在终端上电启动后, 加载操作系统之前, 获取用户在终端界面上输入的开 机密码, 包括: 2. The method of protecting a terminal through a power-on password as claimed in claim 1, characterized in that after the terminal is powered on and started and before the operating system is loaded, the power-on password input by the user on the terminal interface is obtained, including:
在终端上电启动后,运行操作系统的引导加载程序 bootloader之前, 获 取用户在终端界面上输入的开机密码。 After the terminal is powered on and started, before running the bootloader of the operating system, the power-on password entered by the user on the terminal interface is obtained.
3、 如权利要求 1所述的通过开机密码保护终端的方法, 其特征在于, 在终端上电启动后, 加载操作系统之前, 获取用户在终端界面上输入的开 机密码, 包括: 3. The method of protecting a terminal through a power-on password as claimed in claim 1, characterized in that after the terminal is powered on and started and before the operating system is loaded, the power-on password input by the user on the terminal interface is obtained, including:
在终端上电启动并加载终端触摸屏驱动后, 加载操作系统内核 Kernel 之前, 获取用户在终端界面上输入的开机密码。 After the terminal is powered on and the terminal touch screen driver is loaded, and before the operating system kernel Kernel is loaded, the power-on password entered by the user on the terminal interface is obtained.
4、 如权利要求 1-3中任一项所述的通过开机密码保护终端的方法, 其 特征在于, 当所述用户输入的开机密码与所述终端中预先存储的验证密码 不相同次数达到预设次数时, 则停止加载所述终端的操作系统, 包括: 每当所述用户输入的开机密码与所述终端中预先存储的验证密码不相 同时, 则在所述终端中记录一次密码错误; 4. The method of protecting a terminal through a power-on password according to any one of claims 1 to 3, characterized in that when the power-on password input by the user is different from the verification password pre-stored in the terminal for a predetermined number of times, When the number of times is set, stop loading the operating system of the terminal, including: whenever the power-on password input by the user is different from the verification password pre-stored in the terminal, recording a password error in the terminal;
当记录的密码错误的次数达到预设次数时, 则停止加载所述终端的操 作系统。 When the number of recorded password errors reaches a preset number of times, loading of the operating system of the terminal is stopped.
5、 如权利要求 1-3中任一项所述的通过开机密码保护终端的方法, 其 特征在于, 进一步包括: 5. The method of protecting a terminal through a power-on password as described in any one of claims 1-3, further comprising:
预先将所述验证密码存储在所述终端的存储区域中, 所述存储区域包 括中央控制芯片内的存储区域和终端内置的嵌入式多媒体卡 eMMC。 The verification password is stored in the storage area of the terminal in advance. The storage area includes the storage area in the central control chip and the embedded multimedia card eMMC built into the terminal.
6、 一种通过开机密码包含终端的装置, 其特征在于, 包括: 开机密码获取单元, 用于在终端上电启动后, 加载操作系统之前, 获 取用户在终端界面上输入的开机密码; 6. A device containing a terminal through a power-on password, characterized by including: a power-on password acquisition unit, used to obtain the power-on password entered by the user on the terminal interface after the terminal is powered on and started before the operating system is loaded;
验证单元, 用于验证所述开机密码获取单元所获取的用户输入的开机 密码是否与所述终端中预先存储的验证密码相同; 终端中预先存储的验证密码相同时, 加载所述终端的操作系统; 当所述验 证单元验证所述用户输入的开机密码与所述终端中预先存储的验证密码不 相同次数达到预设次数时, 则停止加载所述终端的操作系统。 Verification unit, used to verify whether the user-entered power-on password obtained by the power-on password acquisition unit is the same as the verification password pre-stored in the terminal; when the verification password pre-stored in the terminal is the same, load the operating system of the terminal ; When the verification unit verifies that the power-on password input by the user is different from the verification password pre-stored in the terminal for a preset number of times, it stops loading the operating system of the terminal.
7、 如权利要求 6所述的通过开机密码保护终端的装置, 其特征在于, 所述获取单元具体用于在终端上电启动后, 运行操作系统的引导加载程序 bootloader之前, 获取用户在终端界面上输入的开机密码。 7. The device for protecting a terminal through a power-on password as claimed in claim 6, wherein the acquisition unit is specifically configured to obtain the user's information on the terminal interface after the terminal is powered on and before running the bootloader of the operating system. The power-on password entered on.
8、 如权利要求 6所述的通过开机密码保护终端的装置, 其特征在于, 所述获取单元具体用于在终端上电启动并加载终端触摸屏驱动后, 加载操 作系统内核 Kernel之前, 获取用户在终端界面上输入的开机密码。 8. The device for protecting a terminal through a power-on password as claimed in claim 6, wherein the acquisition unit is specifically configured to obtain the user's information after the terminal is powered on and started and the terminal touch screen driver is loaded, and before the operating system kernel Kernel is loaded. The power-on password entered on the terminal interface.
9、 如权利要求 6-8中任一项所述的通过开机密码保护终端的装置, 其 特征在于, 所述处理单元包括: 与所述终端中预先存储的验证密码相同时, 加载所述终端的操作系统; 记录单元, 用于每当所述验证单元验证出所述用户输入的开机密码与 所述终端中预先存储的验证密码不相同时, 则在所述终端中记录一次密码 错误; 9. The device for protecting a terminal through a power-on password according to any one of claims 6 to 8, characterized in that the processing unit includes: when the verification password is the same as the verification password pre-stored in the terminal, load the terminal operating system; a recording unit, configured to record a password in the terminal whenever the verification unit verifies that the power-on password input by the user is different from the verification password pre-stored in the terminal mistake;
第二处理子单元, 用于当所述记录单元在所述终端中记录的密码错误 的次数达到预设次数时, 则停止加载所述终端的操作系统。 The second processing subunit is configured to stop loading the operating system of the terminal when the number of password errors recorded by the recording unit in the terminal reaches a preset number.
10、如权利要求 6-8中任一项所述的通过开机密码保护终端的装置,其 特征在于, 进一步包括: 10. The device for protecting a terminal through a power-on password as claimed in any one of claims 6 to 8, further comprising:
预处理单元, 用于预先将所述验证密码存储在所述终端的存储区域中, 所述存储区域包括中央控制芯片内的存储区域和终端内置的嵌入式多媒体 卡 eMMC。 A preprocessing unit, configured to store the verification password in a storage area of the terminal in advance. The storage area includes a storage area in a central control chip and an embedded multimedia card eMMC built into the terminal.
11、 一种通过开机密码保护终端的装置, 其特征在于, 包括: 存储器 和处理器, 所述存储器中存储有特定程序, 所述处理器调用所述存储器中 存储的所述特定程序, 并执行如下操作: 11. A device for protecting a terminal through a power-on password, characterized in that it includes: a memory and a processor, where a specific program is stored in the memory, and the processor calls the specific program stored in the memory and executes it. Proceed as follows:
在终端上电启动后, 加载操作系统之前, 获取用户在终端界面上输入 的开机密码; After the terminal is powered on and started, before loading the operating system, obtain the power-on password entered by the user on the terminal interface;
当所述用户输入的开机密码与所述终端中预先存储的验证密码相同 时, 加载所述终端的操作系统; When the power-on password input by the user is the same as the verification password pre-stored in the terminal, load the operating system of the terminal;
当所述用户输入的开机密码与所述终端中预先存储的验证密码不相同 次数达到预设次数时, 则停止加载所述终端的操作系统。 When the power-on password input by the user is different from the verification password pre-stored in the terminal for a preset number of times, loading of the operating system of the terminal is stopped.
12、如权利要求 11所述的通过开机密码保护终端的装置,其特征在于, 所述处理器具体在终端上电启动后, 运行操作系统的引导加载程序 bootloader之前, 获取用户在终端界面上输入的开机密码。 12. The device for protecting a terminal through a power-on password as claimed in claim 11, wherein the processor obtains user input on the terminal interface after the terminal is powered on and before running the bootloader of the operating system. power-on password.
13、如权利要求 11所述的通过开机密码保护终端的装置,其特征在于, 所述处理器具体在终端上电启动并加载终端触摸屏驱动后, 加载操作系统 内核 Kernel之前, 获取用户在终端界面上输入的开机密码。 13. The device for protecting a terminal through a power-on password as claimed in claim 11, wherein the processor obtains the user's information on the terminal interface after the terminal is powered on and started and the terminal touch screen driver is loaded, and before the operating system kernel Kernel is loaded. The power-on password entered on.
14、 如权利要求 11-13中任一项所述的通过开机密码保护终端的装置, 其特征在于, 所述处理器执行所述用户输入的开机密码与所述终端中预先 存储的验证密码不相同次数达到预设次数时, 则停止加载所述终端的操作 系统时, 具体执行如下操作: 14. The device for protecting a terminal through a power-on password as claimed in any one of claims 11-13, It is characterized in that, when the processor executes the power-on password input by the user and the verification password pre-stored in the terminal to be different for a preset number of times, when it stops loading the operating system of the terminal, the following operations are specifically performed: :
每当所述用户输入的开机密码与所述终端中预先存储的验证密码不相 同时, 则在所述终端中记录一次密码错误; Whenever the power-on password entered by the user is different from the verification password pre-stored in the terminal, a password error is recorded in the terminal;
当记录的密码错误的次数达到预设次数时, 则停止加载所述终端的操 作系统。 When the number of recorded password errors reaches a preset number of times, loading of the operating system of the terminal is stopped.
15、 如权利要求 11-13中任一项所述的通过开机密码保护终端的装置, 其特征在于, 所述处理器还执行如下操作: 15. The device for protecting a terminal through a power-on password according to any one of claims 11 to 13, characterized in that the processor also performs the following operations:
预先将所述验证密码存储在所述终端的存储区域中, 所述存储区域包 括中央控制芯片内的存储区域和终端内置的嵌入式多媒体卡 eMMC。 The verification password is stored in the storage area of the terminal in advance. The storage area includes the storage area in the central control chip and the embedded multimedia card eMMC built into the terminal.
PCT/CN2014/078424 2013-05-30 2014-05-26 Method and apparatus for protecting terminal by using power-on password WO2014190884A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310209609.5 2013-05-30
CN201310209609.5A CN104217142B (en) 2013-05-30 2013-05-30 The method and device of terminal is protected by startup password

Publications (1)

Publication Number Publication Date
WO2014190884A1 true WO2014190884A1 (en) 2014-12-04

Family

ID=51987996

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/078424 WO2014190884A1 (en) 2013-05-30 2014-05-26 Method and apparatus for protecting terminal by using power-on password

Country Status (2)

Country Link
CN (1) CN104217142B (en)
WO (1) WO2014190884A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109245043A (en) * 2018-09-17 2019-01-18 余姚市嘉荣电子电器有限公司 A kind of safe leakage protection system

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105631259A (en) * 2015-04-28 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Power-on verification method, power-on verification device and terminal
CN106295268B (en) * 2015-06-12 2020-01-31 联想(北京)有限公司 Information processing method and electronic device
CN106485105A (en) * 2015-09-02 2017-03-08 成都鼎桥通信技术有限公司 A kind of method for security protection of terminal system and equipment
CN105740677B (en) * 2016-02-29 2018-09-14 宇龙计算机通信科技(深圳)有限公司 A kind of method for start-up and shutdown, system and intelligent mobile terminal
CN105975283A (en) * 2016-05-27 2016-09-28 北京小米移动软件有限公司 Starting method and device for operating system
CN107766914B (en) * 2016-08-23 2021-04-13 华大恒芯科技有限公司 Safety protection method for limited operation of electronic tag
CN106534479B (en) * 2016-09-12 2019-12-20 上海凌翼动力科技有限公司 Mobile phone password protection system based on hidden code identification and hidden transformation
CN106446629A (en) * 2016-09-13 2017-02-22 中国电子科技集团公司第三十二研究所 Security encryption method and system for intelligent mobile terminal
CN108319848B (en) * 2017-01-17 2020-09-29 深圳兆日科技股份有限公司 Starting-up control method and device
CN107197373A (en) * 2017-06-06 2017-09-22 深圳前海茂佳软件科技有限公司 TV access right management method, TV and computer-readable recording medium
CN113221082A (en) * 2021-05-26 2021-08-06 东营安顺电气有限公司 Data encryption method, system and computer

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH07200129A (en) * 1993-12-28 1995-08-04 Nec Corp Secrecy protection system for pen input terminal device
CN1602464A (en) * 2001-12-12 2005-03-30 英特尔公司 Providing a user input interface prior to initiation of an operating system
CN201397508Y (en) * 2009-05-13 2010-02-03 北京鼎普科技股份有限公司 Stand-alone terminal secure login and monitoring device
CN102650944A (en) * 2011-02-28 2012-08-29 国民技术股份有限公司 Operation system security bootstrap device and bootstrap device
CN102883026A (en) * 2012-09-07 2013-01-16 广东欧珀移动通信有限公司 Method for implementing start-up protection on mobile terminal
CN103164644A (en) * 2011-12-19 2013-06-19 联想(北京)有限公司 Terminal device and starting machine controlling method thereof

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101887496A (en) * 2009-05-12 2010-11-17 深圳富泰宏精密工业有限公司 Portable electronic device and password input method thereof
CN102054146A (en) * 2009-11-06 2011-05-11 深圳市研祥通讯终端技术有限公司 Power on password protection method and device
CN102262719A (en) * 2011-08-30 2011-11-30 青岛海信智能商用设备有限公司 Method for protecting computer safety based on BIOS (Basic Input/Output System) password and computer
TW201315194A (en) * 2011-09-23 2013-04-01 jian-gang Yang Security verification method of mobile device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH07200129A (en) * 1993-12-28 1995-08-04 Nec Corp Secrecy protection system for pen input terminal device
CN1602464A (en) * 2001-12-12 2005-03-30 英特尔公司 Providing a user input interface prior to initiation of an operating system
CN201397508Y (en) * 2009-05-13 2010-02-03 北京鼎普科技股份有限公司 Stand-alone terminal secure login and monitoring device
CN102650944A (en) * 2011-02-28 2012-08-29 国民技术股份有限公司 Operation system security bootstrap device and bootstrap device
CN103164644A (en) * 2011-12-19 2013-06-19 联想(北京)有限公司 Terminal device and starting machine controlling method thereof
CN102883026A (en) * 2012-09-07 2013-01-16 广东欧珀移动通信有限公司 Method for implementing start-up protection on mobile terminal

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109245043A (en) * 2018-09-17 2019-01-18 余姚市嘉荣电子电器有限公司 A kind of safe leakage protection system
CN109245043B (en) * 2018-09-17 2023-09-12 余姚市嘉荣电子电器有限公司 Safe electric leakage protection system

Also Published As

Publication number Publication date
CN104217142B (en) 2017-12-05
CN104217142A (en) 2014-12-17

Similar Documents

Publication Publication Date Title
WO2014190884A1 (en) Method and apparatus for protecting terminal by using power-on password
US11520894B2 (en) Verifying controller code
US9292302B2 (en) Allowing bypassing of boot validation in a computer system having secure boot enabled by default only under certain circumstances
US9098301B2 (en) Electronic device and booting method
TWI559167B (en) A unified extensible firmware interface(uefi)-compliant computing device and a method for administering a secure boot in the uefi-compliant computing device
JP6054908B2 (en) Method for repairing variable sets, computer program and computer
US9292300B2 (en) Electronic device and secure boot method
JP5889933B2 (en) Method for preventing malfunction of computer, computer program, and computer
US7769993B2 (en) Method for ensuring boot source integrity of a computing system
TWI499911B (en) Methods and systems to selectively scrub a system memory
US10671731B2 (en) Method, apparatus, and medium for using a stored pre-boot authentication password to skip a pre-boot authentication step
US8621195B2 (en) Disabling communication ports
KR102227263B1 (en) System and Method for Changing of Secure Boot and Electronic Apparatus Equipped the System Thereof
TW201506788A (en) Secure boot override in a computing device equipped with unified-extensible firmware interface (UEFI)-compliant firmware
JP2008287505A (en) Information processor and legacy emulation processing stop control method
CN110598384B (en) Information protection method, information protection device and mobile terminal
CN110674494B (en) Process protection method, system and data processing method
US8255712B2 (en) Computing device and method for protecting a power button of the computing device
JP2014010492A (en) Information processing device and start control method
CN103617128A (en) Embedded system and implementation method of secure operating system
TWI503697B (en) Portable computer and operating method thereof
CN109710292B (en) Mobile terminal machine brushing control processing method, mobile terminal and storage medium
JP2002041176A (en) Computer management method, information equipment, computer and storage medium
JP2011081770A (en) Electronic device, and control method and program therefor
US11669614B2 (en) Electronic device and control method therefor

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14803990

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14803990

Country of ref document: EP

Kind code of ref document: A1