WO2020088516A1 - Firmware security authentication method, device and payment terminal - Google Patents

Firmware security authentication method, device and payment terminal Download PDF

Info

Publication number
WO2020088516A1
WO2020088516A1 PCT/CN2019/114321 CN2019114321W WO2020088516A1 WO 2020088516 A1 WO2020088516 A1 WO 2020088516A1 CN 2019114321 W CN2019114321 W CN 2019114321W WO 2020088516 A1 WO2020088516 A1 WO 2020088516A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
security level
firmware
downloaded
boot
Prior art date
Application number
PCT/CN2019/114321
Other languages
French (fr)
Chinese (zh)
Inventor
刘绍海
李坚强
Original Assignee
百富计算机技术(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 百富计算机技术(深圳)有限公司 filed Critical 百富计算机技术(深圳)有限公司
Publication of WO2020088516A1 publication Critical patent/WO2020088516A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]

Definitions

  • the invention belongs to the technical field of terminal processing, and particularly relates to a firmware security authentication method, device and payment terminal.
  • POS Point Of Sale, payment terminal
  • China UnionPay has proposed an authorization scheme. After adding the authorization function, it brings high cost to after-sales maintenance, debugging and repair when upgrading the software, and some customers will choose unauthorized software. Because unauthorized software and authorized software coexist for a long time, it provides a switch for illegal personnel The possibility of firmware reduces the security of POS.
  • the embodiments of the present invention provide a firmware security authentication method, device, and payment terminal, to solve the problem that the firmware in the POS is easily switched in the prior art, resulting in low POS security.
  • a first aspect of the embodiments of the present invention provides a firmware security authentication method, including:
  • firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file;
  • firmware security authentication method further includes:
  • the firmware file is written into the Flash area.
  • the downloading of the firmware file when the security level of the firmware file to be downloaded meets the preset security level includes:
  • the security level of the BOOT file is written into the Fuse area, and the security level in the Fuse area is set to the preset security level.
  • firmware security authentication method further includes:
  • a second aspect of an embodiment of the present invention provides a firmware security authentication device, including:
  • the security level judgment module is used to obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level;
  • a firmware download module configured to download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file;
  • BOOT file startup module used to start the BOOT file and obtain the security level of the BOOT file
  • the OS file startup module is used to determine whether the security level of the OS file meets the security level of the BOOT file, and if it is satisfied, start the OS file according to the BOOT file.
  • firmware download module is also used to:
  • the firmware file is written into the Flash area.
  • firmware download module is specifically used to:
  • the security level of the BOOT file is written into the Fuse area, and the security level in the Fuse area is set to the preset security level.
  • firmware download module is also used to:
  • a third aspect of the embodiments of the present invention provides a payment terminal, including a memory, a processor, and a computer program stored in the memory and executable on the processor, when the processor executes the computer program Steps to implement the firmware security authentication method as described in any one of the above.
  • a fourth aspect of the embodiments of the present invention provides a computer-readable storage medium that stores a computer program, and when the computer program is executed by a processor, implements the firmware security authentication method described in any one of the above A step of.
  • the beneficial effects of the embodiments of the present invention are: obtaining the security level of the firmware file to be downloaded, and comparing the security level of the firmware file to be downloaded with the preset security level, only when the first security level is greater than or equal to
  • the firmware file is downloaded when the security level is preset, which ensures that the firmware file can be switched from the low version to the high version, and cannot be rolled back from the high version to the low version; then, when the firmware file is started, it is judged whether the security level of the OS file meets the BOOT file
  • the security level can only start the OS file according to the BOOT file if it meets the requirement, avoiding the firmware file being tampered and unable to start the system, which improves the security of the machine.
  • FIG. 1 is a schematic diagram of an implementation process of a firmware security authentication method provided by an embodiment of the present invention
  • step S103 and step S104 in FIG. 1 is a schematic flowchart of a specific implementation of step S103 and step S104 in FIG. 1;
  • FIG. 3 is a schematic structural diagram of a firmware security authentication device provided by an embodiment of the present invention.
  • FIG. 4 is a schematic diagram of a payment terminal provided by an embodiment of the present invention.
  • the POS mainly includes a firmware file and a central processor (Central Processing Unit, CPU), etc.
  • the central processor may include a Fuse (fuse) area and a Flash (flash memory) area, but is not limited to include a Fuse area and a Flash area.
  • the Fuse area is a one-time program writing area, and subsequent modification is not allowed.
  • Step S101 Obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level.
  • Each system file in the firmware file defines a corresponding security level variable.
  • the security level variable represents the security level of the firmware file. When the security level variable of the firmware file is 0, it represents an unauthorized version of the firmware file.
  • the firmware file When the security level variable is greater than 0, it indicates an authorized version of the firmware file. The larger the security level variable value, the higher the security level of the firmware file.
  • the software system in POS mainly includes: BOOTROM file, BOOT file, OS file and application program (APP), etc.
  • the firmware file BOOTROM file, BOOT file and OS file
  • Verification BOOTROM file verification BOOT file signature, after verification, load BOOT file to run
  • BOOT file verification OS file signature after verification pass, load OS file to run
  • OS file verification APP signature verification can only run APP.
  • Step S102 When the security level of the firmware file to be downloaded meets the preset security level, download the firmware file, where the firmware file includes a BOOT file or an OS file.
  • the security level in the Fuse area is set to the preset security level, and the initial value of the security level in the Fuse area is set to 0 or 1.
  • the security level in the Fuse area of the POS is 1, the security level 1 in the Fuse area is used as the preset security level, so that the POS can only download the BOOT file that is not less than the security level 1; or in the POS In the factory setting state, the security level in the Fuse area is 0, so as long as the security level of the firmware file to be downloaded is greater than 0, the firmware file is allowed to be downloaded.
  • the security level in the Fuse area is set to the preset security level, which can prevent tampering with the security level in the Fuse area, and ensure that the firmware file can be switched from the low version (low security level) to the high version (high security level), and cannot be returned from the high version Back to the lower version.
  • the system when the firmware security level does not meet the preset security level, the system will pop up a window warning that the firmware file to be downloaded is illegal.
  • the firmware file when the security level of the firmware file to be downloaded meets the preset security level, the firmware file is written into the Flash area.
  • the security level of the BOOT file meets the preset security level
  • write the BOOT file to the Flash area or when the security level of the OS file meets the preset security level, write the OS file Flash area.
  • Writing the firmware file to the Flash area can ensure that even if an illegal person downloads a firmware of a low version by writing the Flash and causes a loophole, the system cannot be started normally.
  • the specific implementation process of downloading the firmware file when the security level of the firmware file to be downloaded meets the preset security level in step S102 may include:
  • the security level of the BOOT file is written into the Fuse area, and the security level in the Fuse area is set to the preset security level.
  • the preset security level is written in the Fuse area.
  • the initial value of the preset security level may be 0.
  • the preset security level can only be written from 0 to 1, not from 1 to 0.
  • the format of the preset security level stored in the Fuse area is as follows:
  • Value of preset security level (decimal) Fuse area stores data of preset security level (binary) 0 00000000 1 00000001 2 00000011 3 00000111 4 00001111
  • the security level of the BOOT file is greater than the preset security level, it means that the version of the BOOT file to be downloaded is higher than the version of the downloaded BOOT file.
  • the security level of the BOOT file is written into the Fuse area, the FUSE area
  • the security level is the preset security level.
  • the download of the BOOT file to be downloaded is prohibited at this time, that is, the download of the BOOT file fails; when the security level of the BOOT file is greater than or equal to the preset security level, the The BOOT file to be downloaded is written into the Flash area and started.
  • Step S103 Start the BOOT file to obtain the security level of the BOOT file.
  • step S104 it is determined whether the security level of the OS file meets the security level of the BOOT file, and if it is satisfied, the OS file is started according to the BOOT file.
  • the security level of the OS file to be started is greater than or equal to the security level of the BOOT file, and if it is greater than or equal to the security level of the BOOT file, it indicates that the OS file is to be started Is higher than the security level of the booted BOOT file, or the security level of the OS file to be started is equal to the security level of the booted BOOT file, then the OS file is started, if it is less than the security level of the BOOT file, Then the startup fails.
  • FIG. 2 is a schematic diagram of a specific implementation process of step S103 and step S104 in FIG. 1, wherein SecLevel is a preset security level variable, BootSecLevel is a security level variable of a BOOT file, and OsSecLevel is the security of an OS file Level variables, detailed as follows:
  • Step S201 start.
  • the startup program of the downloaded firmware file is entered.
  • step S202 the SecLevel parameter of the Fuse area is loaded.
  • step S203 it is determined whether BootSecLevel is greater than SecLevel; if BootSecLevel is greater than SecLevel, go to step S204; if BootSecLevel is not greater than SecLevel, go to step S205 to step S204, write BootSecLevel to the Fuse area, and then go to step S207.
  • Step S205 when BootSecLevel is not greater than SecLevel, it is determined whether BootSecLevel is less than SecLevel; if BootSecLevel is equal to SecLevel, go to step S207; if BootSecLevel is less than SecLevel, go to step S206.
  • Step S206 the startup fails.
  • step S207 BOOT is started, and step S208 is entered.
  • step S208 OsSecLevel is read.
  • step S209 it is determined whether BootSecLevel is greater than OsSecLevel; if BootSecLevel is greater than OsSecLevel, proceed to step S206; if BootSecLevel is not greater than OsSecLevel, proceed to step S210.
  • Step S210 start the OS.
  • the preset security level of the Fuse area in this process may be the security level of the downloaded firmware file, for example, the security level of the BOOT file.
  • the OS file when the OS file is started, it is verified whether the security level of the OS file meets the security level of the BOOT file. This is to prevent unauthorized persons from tampering with the firmware file downloaded to the Flash area to achieve the purpose of running a firmware file of a low version, which effectively eliminates The risk of the POS firmware file being rolled back to a non-secure version further improves the security of the POS.
  • the firmware security authentication method further includes: if the downloaded firmware file has vulnerabilities, increase the security level of the firmware file to be downloaded currently.
  • the security level variable of the firmware file originally downloaded in the POS is 1, and when a firmware file with a security level variable of 1 is found to be vulnerable, the security level of the firmware file to be downloaded is upgraded to 2 , So that the POS will not download or run the firmware file with security level variable 1.
  • the above firmware security authentication method compares the security level of the firmware file to be downloaded with the preset security level, completes the download of the firmware when the conditions are met, and writes the security level of the BOOT file to the Fuse area to indicate the current system
  • the security level of the running firmware file is the preset security level, write the downloaded firmware into the Flash area, and compare the security level of the OS file with the security level of the BOOT file when starting the OS file, start the OS file after passing, pass
  • FIG. 3 shows a structural block diagram of the firmware security authentication device in Embodiment 2 of the present invention. For ease of explanation, only parts related to this embodiment are shown.
  • the device includes: a security level judgment module 110, a firmware download module 120, a BOOT file startup module 130, and an OS file startup module 140.
  • the security level judgment module 110 is used to obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level.
  • the firmware download module 120 is configured to download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file.
  • the BOOT file starting module 130 is used to start the BOOT file and obtain the security level of the BOOT file.
  • the OS file starting module 140 is used to judge whether the security level of the OS file meets the security level of the BOOT file, and if it meets, start the OS file according to the BOOT file.
  • the firmware download module 120 is further configured to: when the security level of the firmware file to be downloaded meets the preset security level, write the firmware file into the Flash area.
  • firmware download module 120 is specifically configured to: when the security level of the BOOT file is greater than the preset security level, write the security level of the BOOT file into the Fuse area, and the security level in the Fuse area Set to the preset security level.
  • the firmware download module 120 is also used to: if the downloaded firmware file has a vulnerability, increase the security level of the firmware file currently to be downloaded.
  • the safety level judgment module 110 compares the safety level of the firmware file to be downloaded with the preset safety level, and the firmware download module 120 completes the download of the firmware when the conditions are met, and compares the safety level of the BOOT file Write to the Fuse area to indicate that the security level of the firmware file currently running on the system is the preset security level, and the downloaded firmware is written to the Flash area.
  • the OS file startup module 140 writes the security level and BOOT of the OS file when starting the OS file The security level of the file is compared. After the OS file is started, the mechanism can ensure that even if the illegal person downloads the firmware of the low version by writing the Flash to create a loophole, the system cannot be started normally, effectively preventing the machine from being rolled back. The risk of going to a non-secure version improves the security of the machine.
  • the payment terminal 100 described in this embodiment includes: a processor 150, a memory 160, and a computer program 161 stored in the memory 160 and executable on the processor 150, such as firmware security certification Method of procedure.
  • the processor 150 executes the computer program 161
  • the steps in the above embodiments of the firmware security authentication method are implemented, for example, steps S101 to S104 shown in FIG. 1.
  • the processor 150 executes the computer program 161
  • the functions of each module / unit in the foregoing device embodiments are realized, for example, the functions of the modules 110 to 140 shown in FIG. 3.
  • the computer program 161 may be divided into one or more modules / units, and the one or more modules / units are stored in the memory 160 and executed by the processor 150 to complete this invention.
  • the one or more modules / units may be a series of computer program instruction segments capable of performing specific functions, and the instruction segments are used to describe the execution process of the computer program 161 in the payment terminal 100.
  • the computer program 161 may be divided into a security level judgment module, a firmware download module, a BOOT file startup module, and an OS file startup module.
  • the specific functions of each module are as follows:
  • the security level judgment module is used to obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level.
  • the firmware download module is used to download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file.
  • the BOOT file starting module is used to start the BOOT file and obtain the security level of the BOOT file.
  • the OS file startup module is used to determine whether the security level of the OS file meets the security level of the BOOT file, and if it meets the requirement, the OS file is started according to the BOOT file.
  • the firmware download module is further used to: when the security level of the firmware file to be downloaded meets the preset security level, write the firmware file into the Flash area.
  • the firmware download module is specifically configured to: when the security level of the BOOT file is greater than the preset security level, write the security level of the BOOT file into the Fuse area, and set the security level in the Fuse area Is the preset security level.
  • the firmware download module is also used to increase the security level of the firmware file to be downloaded if the downloaded firmware file has vulnerabilities.
  • the payment terminal 100 may be a computing device such as a desktop computer, a notebook, a palmtop computer and a cloud server.
  • the payment terminal 100 may include, but is not limited to, the processor 150 and the memory 160.
  • FIG. 4 is only an example of the payment terminal 100, and does not constitute a limitation on the payment terminal 100, and may include more or less components than shown, or combine certain components, or different components.
  • the payment terminal 100 may also include input and output devices, network access devices, buses, and the like.
  • the so-called processor 150 may be a central processing unit (Central Processing Unit (CPU), can also be other general-purpose processors, digital signal processors (DSP), application-specific integrated circuits (Application Specific Integrated Circuit (ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components, etc.
  • the general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
  • the memory 160 may be an internal storage unit of the payment terminal 100, such as a hard disk or a memory of the payment terminal 100.
  • the memory 160 may also be an external storage device of the payment terminal 100, such as a plug-in hard disk equipped on the payment terminal 100, a smart memory card (Smart Media Card, SMC), a secure digital (SD) card, or a flash memory card (Flash Card) etc.
  • the memory 160 may also include both an internal storage unit of the payment terminal 100 and an external storage device.
  • the memory 160 is used to store the computer program and other programs and data required by the payment terminal 100.
  • the memory 160 may also be used to temporarily store data that has been or will be output.
  • the disclosed device / payment terminal and method may be implemented in other ways.
  • the device / payment terminal embodiments described above are only schematic.
  • the division of the module or unit is only a logical function division.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
  • each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the above integrated unit may be implemented in the form of hardware or software functional unit.
  • the integrated module / unit is implemented in the form of a software functional unit and sold or used as an independent product, it may be stored in a computer-readable storage medium.
  • the present invention can implement all or part of the processes in the methods of the above embodiments, and can also be completed by a computer program instructing relevant hardware.
  • the computer program can be stored in a computer-readable storage medium. When the program is executed by the processor, the steps of the foregoing method embodiments may be implemented.
  • the computer program includes computer program code, and the computer program code may be in the form of source code, object code, executable file, or some intermediate form.
  • the computer-readable medium may include: any entity or system capable of carrying the computer program code, a recording medium, a USB flash drive, a mobile hard disk, a magnetic disk, an optical disk, a computer memory, a read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electrical carrier signals, telecommunication signals, and software distribution media.
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • electrical carrier signals telecommunication signals
  • software distribution media software distribution media.
  • the content included in the computer-readable medium can be appropriately increased or decreased according to the requirements of legislation and patent practice in jurisdictions. For example, in some jurisdictions, according to legislation and patent practice, computer-readable media Does not include electrical carrier signals and telecommunications signals.

Abstract

A firmware security authentication method, device and payment terminal, which are applicable to the technical field of terminal processing. The method comprises: acquiring the security level of a firmware file to be downloaded, and determining whether the security level of the firmware file to be downloaded satisfies a preset security level (S101); downloading the firmware file when the security level of the firmware file to be downloaded satisfies the preset security level, wherein the firmware file comprises a BOOT file or an OS file (S102); starting the BOOT file, and acquiring the security level of the BOOT file (S103); determining whether the security level of the OS file satisfies the security level of the BOOT file, and if so, starting the OS file according to the BOOT file (S104). The described solution may guarantee that a firmware file may be switched from a lower version to a higher version, and that the firmware file cannot be downgraded from a higher version to a lower version; moreover, the described solution may prevent the firmware file from being tampered with, thereby improving the security of a system.

Description

固件安全认证方法、装置和支付终端Firmware safety authentication method, device and payment terminal 技术领域Technical field
本发明属于终端处理技术领域,尤其涉及一种固件安全认证方法、装置和支付终端。The invention belongs to the technical field of terminal processing, and particularly relates to a firmware security authentication method, device and payment terminal.
背景技术Background technique
随着大家刷卡习惯的养成,POS(Point Of Sale,支付终端)获得了越来越广泛的使用。同时,也有越来越多的人开始研究POS,利用POS的漏洞获取非法利益。为了提高整个POS的安全性,中国银联提出了授权方案。由于加入授权功能后,在升级软件时给售后维护、调试和维修带来了很高的成本,而且部分客户会选择非授权软件,由于非授权软件和授权软件长期并存,给非法人员提供了切换固件的可能,降低了POS的安全性。With the development of the habit of swiping cards, POS (Point Of Sale, payment terminal) has become more and more widely used. At the same time, more and more people are beginning to study POS and use POS loopholes to obtain illegal benefits. In order to improve the security of the entire POS, China UnionPay has proposed an authorization scheme. After adding the authorization function, it brings high cost to after-sales maintenance, debugging and repair when upgrading the software, and some customers will choose unauthorized software. Because unauthorized software and authorized software coexist for a long time, it provides a switch for illegal personnel The possibility of firmware reduces the security of POS.
技术问题technical problem
有鉴于此,本发明实施例提供了一种固件安全认证方法、装置和支付终端,以解决现有技术中POS中的固件容易被切换,使得POS安全性低的问题。In view of this, the embodiments of the present invention provide a firmware security authentication method, device, and payment terminal, to solve the problem that the firmware in the POS is easily switched in the prior art, resulting in low POS security.
技术解决方案Technical solution
本发明实施例的第一方面提供了一种固件安全认证方法,包括:A first aspect of the embodiments of the present invention provides a firmware security authentication method, including:
获取待下载固件文件的安全等级,判断所述待下载固件文件的安全等级是否满足预设安全等级;Obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level;
在所述待下载固件文件的安全等级满足所述预设安全等级时,下载所述固件文件,其中,所述固件文件包括BOOT文件或OS文件;Download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file;
启动所述BOOT文件,获取所述BOOT文件的安全等级;Start the BOOT file to obtain the security level of the BOOT file;
判断所述OS文件的安全等级是否满足所述BOOT文件的安全等级,若满足,则根据所述BOOT文件启动所述OS文件。It is determined whether the security level of the OS file meets the security level of the BOOT file, and if it is satisfied, the OS file is started according to the BOOT file.
可选的,所述固件安全认证方法还包括:Optionally, the firmware security authentication method further includes:
在所述待下载固件文件的安全等级满足所述预设安全等级时,将所述固件文件写入Flash区。When the security level of the firmware file to be downloaded meets the preset security level, the firmware file is written into the Flash area.
可选的,所述在所述待下载固件文件的安全等级满足所述预设安全等级时下载所述固件文件,包括:Optionally, the downloading of the firmware file when the security level of the firmware file to be downloaded meets the preset security level includes:
在所述BOOT文件的安全等级大于所述预设安全等级时,将所述BOOT文件的安全等级写入Fuse区,所述Fuse区内的安全等级设置为所述预设安全等级。When the security level of the BOOT file is greater than the preset security level, the security level of the BOOT file is written into the Fuse area, and the security level in the Fuse area is set to the preset security level.
可选的,所述固件安全认证方法还包括:Optionally, the firmware security authentication method further includes:
若已下载的固件文件存在漏洞,增加当前待下载的所述固件文件的安全等级。If the downloaded firmware file has vulnerabilities, increase the security level of the firmware file to be downloaded currently.
本发明实施例的第二方面提供了一种固件安全认证装置,包括:A second aspect of an embodiment of the present invention provides a firmware security authentication device, including:
安全等级判断模块,用于获取待下载固件文件的安全等级,判断所述待下载固件文件的安全等级是否满足预设安全等级;The security level judgment module is used to obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level;
固件下载模块,用于在所述待下载固件文件的安全等级满足所述预设安全等级时,下载所述固件文件,其中,所述固件文件包括BOOT文件或OS文件;A firmware download module, configured to download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file;
BOOT文件启动模块,用于启动所述BOOT文件,获取所述BOOT文件的安全等级;BOOT file startup module, used to start the BOOT file and obtain the security level of the BOOT file;
OS文件启动模块,用于判断所述OS文件的安全等级是否满足所述BOOT文件的安全等级,若满足,则根据所述BOOT文件启动所述OS文件。The OS file startup module is used to determine whether the security level of the OS file meets the security level of the BOOT file, and if it is satisfied, start the OS file according to the BOOT file.
可选的,所述固件下载模块还用于:Optionally, the firmware download module is also used to:
在所述待下载固件文件的安全等级满足所述预设安全等级时,将所述固件文件写入Flash区。When the security level of the firmware file to be downloaded meets the preset security level, the firmware file is written into the Flash area.
可选的,所述固件下载模块具体用于:Optionally, the firmware download module is specifically used to:
在所述BOOT文件的安全等级大于所述预设安全等级时,将所述BOOT文件的安全等级写入Fuse区,所述Fuse区内的安全等级设置为所述预设安全等级。When the security level of the BOOT file is greater than the preset security level, the security level of the BOOT file is written into the Fuse area, and the security level in the Fuse area is set to the preset security level.
可选的,所述固件下载模块还用于:Optionally, the firmware download module is also used to:
若已下载的固件文件存在漏洞,增加当前待下载的所述固件文件的安全等级。If the downloaded firmware file has vulnerabilities, increase the security level of the firmware file to be downloaded currently.
本发明实施例的第三方面提供了一种支付终端,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现如上述任一项所述固件安全认证方法的步骤。A third aspect of the embodiments of the present invention provides a payment terminal, including a memory, a processor, and a computer program stored in the memory and executable on the processor, when the processor executes the computer program Steps to implement the firmware security authentication method as described in any one of the above.
本发明实施例的第四方面提供了一种计算机可读存储介质,所述计算机可读存储介质存储计算机程序,所述计算机程序被处理器执行时实现如上述任一项所述固件安全认证方法的步骤。A fourth aspect of the embodiments of the present invention provides a computer-readable storage medium that stores a computer program, and when the computer program is executed by a processor, implements the firmware security authentication method described in any one of the above A step of.
有益效果Beneficial effect
本发明实施例与现有技术相比存在的有益效果是:获取待下载固件文件的安全等级,将待下载固件文件的安全等级与预设安全等级进行对比,只有在第一安全等级大于或等于预设安全等级时下载固件文件,确保了固件文件可以从低版本切换到高版本,不能从高版本回退到低版本;然后在启动固件文件时,判断OS文件的安全等级是否满足BOOT文件的安全等级,若满足才可以根据BOOT文件启动OS文件,避免固件文件被篡改不能启动系统,提高了机器的安全性。Compared with the prior art, the beneficial effects of the embodiments of the present invention are: obtaining the security level of the firmware file to be downloaded, and comparing the security level of the firmware file to be downloaded with the preset security level, only when the first security level is greater than or equal to The firmware file is downloaded when the security level is preset, which ensures that the firmware file can be switched from the low version to the high version, and cannot be rolled back from the high version to the low version; then, when the firmware file is started, it is judged whether the security level of the OS file meets the BOOT file The security level can only start the OS file according to the BOOT file if it meets the requirement, avoiding the firmware file being tampered and unable to start the system, which improves the security of the machine.
附图说明BRIEF DESCRIPTION
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly explain the technical solutions in the embodiments of the present invention, the following will briefly introduce the drawings required in the embodiments or the description of the prior art. Obviously, the drawings in the following description are only for the invention. In some embodiments, for those of ordinary skill in the art, without paying creative labor, other drawings may be obtained based on these drawings.
图1是本发明实施例提供的固件安全认证方法的实现流程示意图;1 is a schematic diagram of an implementation process of a firmware security authentication method provided by an embodiment of the present invention;
图2是图1中步骤S103和步骤S104的具体实现流程示意图;2 is a schematic flowchart of a specific implementation of step S103 and step S104 in FIG. 1;
图3是本发明实施例提供的固件安全认证装置的结构示意图;3 is a schematic structural diagram of a firmware security authentication device provided by an embodiment of the present invention;
图4是本发明实施例提供的支付终端的示意图。4 is a schematic diagram of a payment terminal provided by an embodiment of the present invention.
本发明的实施方式Embodiments of the invention
以下描述中,为了说明而不是为了限定,提出了诸如特定系统结构、技术之类的具体细节,以便透彻理解本发明实施例。然而,本领域的技术人员应当清楚,在没有这些具体细节的其它实施例中也可以实现本发明。在其它情况中,省略对众所周知的系统、装置、电路以及方法的详细说明,以免不必要的细节妨碍本发明的描述。In the following description, for the purpose of illustration rather than limitation, specific details such as a specific system structure and technology are proposed to thoroughly understand the embodiments of the present invention. However, those skilled in the art should understand that the present invention can also be implemented in other embodiments without these specific details. In other cases, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary details.
为了说明本发明所述的技术方案,下面通过具体实施例来进行说明。In order to explain the technical solutions of the present invention, the following will be described with specific embodiments.
实施例一Example one
本实施例提供了一种固件安全认证方法,适用于POS,所述POS主要包括固件文件、中央处理器(Central Processing Unit,CPU)等。所述中央处理器可以包括Fuse(熔丝)区和Flash(闪存)区,但不仅限于包括Fuse区和Flash区。其中,Fuse区为一次性程序写入区域,后续不允许进行修改。This embodiment provides a firmware security authentication method, which is applicable to POS. The POS mainly includes a firmware file and a central processor (Central Processing Unit, CPU), etc. The central processor may include a Fuse (fuse) area and a Flash (flash memory) area, but is not limited to include a Fuse area and a Flash area. Among them, the Fuse area is a one-time program writing area, and subsequent modification is not allowed.
参见图1,固件安全认证方法的一个实现流详述如下:Referring to Figure 1, an implementation flow of the firmware security authentication method is detailed as follows:
步骤S101,获取待下载固件文件的安全等级,判断所述待下载固件文件的安全等级是否满足预设安全等级。Step S101: Obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level.
所述固件文件中每种系统文件均定义了对应的安全等级变量,安全等级变量代表该固件文件的安全等级,固件文件的安全等级变量为0时,表示为非授权版本的固件文件,固件文件的安全等级变量大于0时,表示为授权版本的固件文件,安全等级变量值越大,表示固件文件的安全等级越高。Each system file in the firmware file defines a corresponding security level variable. The security level variable represents the security level of the firmware file. When the security level variable of the firmware file is 0, it represents an unauthorized version of the firmware file. The firmware file When the security level variable is greater than 0, it indicates an authorized version of the firmware file. The larger the security level variable value, the higher the security level of the firmware file.
实际应用中,POS中的软件系统主要包括:BOOTROM文件、BOOT文件、OS文件和应用程序(APP)等,在下载应用程序之前,需要对固件文件(BOOTROM文件、BOOT文件和OS文件)进行签名验证,BOOTROM文件验证BOOT文件签名,验证通过后加载BOOT文件运行;BOOT文件验证OS文件签名,验证通过后加载OS文件运行;OS文件验证APP签名,验证通过后才能运行APP。In practical applications, the software system in POS mainly includes: BOOTROM file, BOOT file, OS file and application program (APP), etc. Before downloading the application program, the firmware file (BOOTROM file, BOOT file and OS file) needs to be signed Verification, BOOTROM file verification BOOT file signature, after verification, load BOOT file to run; BOOT file verification OS file signature, after verification pass, load OS file to run; OS file verification APP signature, verification can only run APP.
步骤S102,在所述待下载固件文件的安全等级满足所述预设安全等级时,下载所述固件文件,其中,所述固件文件包括BOOT文件或OS文件。Step S102: When the security level of the firmware file to be downloaded meets the preset security level, download the firmware file, where the firmware file includes a BOOT file or an OS file.
其中,Fuse区内的安全等级设置为预设安全等级,并设置Fuse区内的安全等级的初始值为0或1。Among them, the security level in the Fuse area is set to the preset security level, and the initial value of the security level in the Fuse area is set to 0 or 1.
例如,POS的Fuse区内的安全等级为1,则将Fuse区内的安全等级1作为所述预设安全等级,这样就会使POS只能下载不小于安全等级1的BOOT文件;或者在POS为出厂设置状态时Fuse区内的安全等级为0,所以只要待下载固件文件的安全等级大于0,则允许该固件文件下载。Fuse区内的安全等级设置为预设安全等级,可以防止篡改Fuse区内的安全等级,保证固件文件可以从低版本(低安全等级)切换到高版本(高安全等级),不能从高版本回退到低版本。For example, if the security level in the Fuse area of the POS is 1, the security level 1 in the Fuse area is used as the preset security level, so that the POS can only download the BOOT file that is not less than the security level 1; or in the POS In the factory setting state, the security level in the Fuse area is 0, so as long as the security level of the firmware file to be downloaded is greater than 0, the firmware file is allowed to be downloaded. The security level in the Fuse area is set to the preset security level, which can prevent tampering with the security level in the Fuse area, and ensure that the firmware file can be switched from the low version (low security level) to the high version (high security level), and cannot be returned from the high version Back to the lower version.
本实施例还可以,在固件安全等级不满足预设安全等级时,系统会弹出窗口警告,提示该待下载固件文件非法。In this embodiment, when the firmware security level does not meet the preset security level, the system will pop up a window warning that the firmware file to be downloaded is illegal.
一个实施例中,在所述待下载固件文件的安全等级满足所述预设安全等级时,将所述固件文件写入Flash区。In one embodiment, when the security level of the firmware file to be downloaded meets the preset security level, the firmware file is written into the Flash area.
例如,在BOOT文件的安全等级满足所述预设安全等级时,将所述BOOT文件写入Flash区;或在OS文件的安全等级满足所述预设安全等级时,将所述OS文件写入Flash区。将固件文件写入Flash区,可以保证,即使非法人员通过烧录Flash的方式,下载低版本固件造成漏洞,也不能正常启动系统。For example, when the security level of the BOOT file meets the preset security level, write the BOOT file to the Flash area; or when the security level of the OS file meets the preset security level, write the OS file Flash area. Writing the firmware file to the Flash area can ensure that even if an illegal person downloads a firmware of a low version by writing the Flash and causes a loophole, the system cannot be started normally.
一个实施例中,步骤S102中在所述待下载固件文件的安全等级满足所述预设安全等级时下载所述固件文件的具体实现流程可以包括:In an embodiment, the specific implementation process of downloading the firmware file when the security level of the firmware file to be downloaded meets the preset security level in step S102 may include:
在所述BOOT文件的安全等级大于所述预设安全等级时,将所述BOOT文件的安全等级写入Fuse区,所述Fuse区内的安全等级设置为所述预设安全等级。When the security level of the BOOT file is greater than the preset security level, the security level of the BOOT file is written into the Fuse area, and the security level in the Fuse area is set to the preset security level.
在实际应用中,所述预设安全等级写在Fuse区中。预设安全等级的初始值可以为0,根据上述过程可知,预设安全等级只能从0写成1,不能从1写成0。Fuse区域存储预设安全等级的格式如下表:In practical applications, the preset security level is written in the Fuse area. The initial value of the preset security level may be 0. According to the above process, the preset security level can only be written from 0 to 1, not from 1 to 0. The format of the preset security level stored in the Fuse area is as follows:
预设安全等级的取值 (十进制) Value of preset security level (decimal) Fuse区域存储预设安全等级的数据(二进制) Fuse area stores data of preset security level (binary)
0 0 00000000 00000000
1 1 00000001 00000001
2 2 00000011 00000011
3 3 00000111 00000111
4 4 00001111 00001111
以此类推,安全等级有多少,就有多少个1, 本实施例采用了两个字节的存储空间,故本实施例可以支持16个安全等级。By analogy, there are as many 1s as there are security levels. This embodiment uses two bytes of storage space, so this embodiment can support 16 security levels.
具体的,BOOT文件的安全等级大于预设安全等级时,说明该待下载的BOOT文件的版本高于已下载的BOOT文件的版本,此时将BOOT文件的安全等级写入Fuse区,FUSE区的安全等级即为预设安全等级。Specifically, when the security level of the BOOT file is greater than the preset security level, it means that the version of the BOOT file to be downloaded is higher than the version of the downloaded BOOT file. At this time, the security level of the BOOT file is written into the Fuse area, the FUSE area The security level is the preset security level.
另外,在BOOT文件的安全等级小于预设安全等级时,此时禁止下载该待下载的BOOT文件,即下载所述BOOT文件失败;在BOOT文件的安全等级大于或等于预设安全等级时,将该待下载的BOOT文件写入Flash区并启动。In addition, when the security level of the BOOT file is less than the preset security level, the download of the BOOT file to be downloaded is prohibited at this time, that is, the download of the BOOT file fails; when the security level of the BOOT file is greater than or equal to the preset security level, the The BOOT file to be downloaded is written into the Flash area and started.
步骤S103,启动所述BOOT文件,获取所述BOOT文件的安全等级。Step S103: Start the BOOT file to obtain the security level of the BOOT file.
步骤S104,判断所述OS文件的安全等级是否满足所述BOOT文件的安全等级,若满足,则根据所述BOOT文件启动所述OS文件。In step S104, it is determined whether the security level of the OS file meets the security level of the BOOT file, and if it is satisfied, the OS file is started according to the BOOT file.
具体的,在启动BOOT文件之后,判断待启动所述OS文件的安全等级是否大于或等于所述BOOT文件的安全等级,若大于或等于所述BOOT文件的安全等级,说明待启动所述OS文件的安全等级比启动的BOOT文件的安全等级高,或待启动所述OS文件的安全等级与启动的BOOT文件的安全等级相等,则启动所述OS文件,若小于所述BOOT文件的安全等级,则启动失败。Specifically, after starting the BOOT file, it is determined whether the security level of the OS file to be started is greater than or equal to the security level of the BOOT file, and if it is greater than or equal to the security level of the BOOT file, it indicates that the OS file is to be started Is higher than the security level of the booted BOOT file, or the security level of the OS file to be started is equal to the security level of the booted BOOT file, then the OS file is started, if it is less than the security level of the BOOT file, Then the startup fails.
一个实施例中,参见图2,是图1中步骤S103和步骤S104的一个具体实现流程示意图,其中,SecLevel为预设安全等级变量,BootSecLevel为BOOT文件的安全等级变量,OsSecLevel为OS文件的安全等级变量,详述如下:In an embodiment, referring to FIG. 2 is a schematic diagram of a specific implementation process of step S103 and step S104 in FIG. 1, wherein SecLevel is a preset security level variable, BootSecLevel is a security level variable of a BOOT file, and OsSecLevel is the security of an OS file Level variables, detailed as follows:
步骤S201,启动。即进入已下载固件文件的启动程序。Step S201, start. The startup program of the downloaded firmware file is entered.
步骤S202,加载Fuse区的SecLevel参数。In step S202, the SecLevel parameter of the Fuse area is loaded.
步骤S203,判断BootSecLevel是否大于SecLevel;若BootSecLevel大于SecLevel,进入步骤S204;若BootSecLevel不大于SecLevel,进入步骤S205步骤S204,将BootSecLevel写入Fuse区,然后进入步骤S207。In step S203, it is determined whether BootSecLevel is greater than SecLevel; if BootSecLevel is greater than SecLevel, go to step S204; if BootSecLevel is not greater than SecLevel, go to step S205 to step S204, write BootSecLevel to the Fuse area, and then go to step S207.
步骤S205,当BootSecLevel不大于SecLevel时,判断BootSecLevel是否小于SecLevel;若BootSecLevel等于SecLevel,进入步骤S207;若BootSecLevel小于SecLevel,进入步骤S206。Step S205, when BootSecLevel is not greater than SecLevel, it is determined whether BootSecLevel is less than SecLevel; if BootSecLevel is equal to SecLevel, go to step S207; if BootSecLevel is less than SecLevel, go to step S206.
步骤S206,启动失败。Step S206, the startup fails.
步骤S207,启动BOOT,进入步骤S208。In step S207, BOOT is started, and step S208 is entered.
步骤S208,读取OsSecLevel。In step S208, OsSecLevel is read.
步骤S209,判断BootSecLevel是否大于OsSecLevel;若BootSecLevel大于OsSecLevel,进入步骤S206;若BootSecLevel不大于OsSecLevel,进入步骤S210。In step S209, it is determined whether BootSecLevel is greater than OsSecLevel; if BootSecLevel is greater than OsSecLevel, proceed to step S206; if BootSecLevel is not greater than OsSecLevel, proceed to step S210.
步骤S210,启动OS。Step S210, start the OS.
其中,该过程中Fuse区的预设安全等级可以为下载的固件文件的安全等级,例如BOOT文件的安全等级。本实施例在启动OS文件时,验证OS文件的安全等级是否满足BOOT文件的安全等级,是为了防止非法人员篡改下载到Flash区的固件文件达到运行低版本的固件文件的目的,有效的杜绝了POS的固件文件被回退到非安全版本的风险,进一步提高了POS的安全性。The preset security level of the Fuse area in this process may be the security level of the downloaded firmware file, for example, the security level of the BOOT file. In this embodiment, when the OS file is started, it is verified whether the security level of the OS file meets the security level of the BOOT file. This is to prevent unauthorized persons from tampering with the firmware file downloaded to the Flash area to achieve the purpose of running a firmware file of a low version, which effectively eliminates The risk of the POS firmware file being rolled back to a non-secure version further improves the security of the POS.
一个实施例中,所述固件安全认证方法还包括:若已下载的固件文件存在漏洞,增加当前待下载的所述固件文件的安全等级。In one embodiment, the firmware security authentication method further includes: if the downloaded firmware file has vulnerabilities, increase the security level of the firmware file to be downloaded currently.
例如,POS中原先下载的固件文件的安全等级变量取值为1,当发现安全等级变量为1的固件文件存在漏洞后,将当前待下载的所述固件文件的安全等级的取值升级为2,这样该POS就不会下载或者运行安全等级变量为1的固件文件了。For example, the security level variable of the firmware file originally downloaded in the POS is 1, and when a firmware file with a security level variable of 1 is found to be vulnerable, the security level of the firmware file to be downloaded is upgraded to 2 , So that the POS will not download or run the firmware file with security level variable 1.
上述固件安全认证方法,将待下载固件文件的安全等级与预设安全等级进行比对,在满足条件的情况下完成固件的下载,并将BOOT文件的安全等级写入Fuse区,来表明系统当前运行的固件文件的安全等级为预设安全等级,将下载后的固件写入Flash区,并在启动OS文件时将OS文件的安全等级与BOOT文件的安全等级对比,通过后启动OS文件,通过这种机制可以保证,即使非法人员通过烧录Flash的方式,下载低版本固件造成漏洞,也不能正常启动系统,有效的杜绝了机器被回退到非安全版本的风险,提高了机器的安全性。The above firmware security authentication method compares the security level of the firmware file to be downloaded with the preset security level, completes the download of the firmware when the conditions are met, and writes the security level of the BOOT file to the Fuse area to indicate the current system The security level of the running firmware file is the preset security level, write the downloaded firmware into the Flash area, and compare the security level of the OS file with the security level of the BOOT file when starting the OS file, start the OS file after passing, pass This mechanism can ensure that even if the illegal person downloads the firmware of the low version through the flash to create a loophole, the system cannot be started normally, effectively eliminating the risk of the machine being returned to the non-secure version, and improving the safety of the machine .
本领域技术人员可以理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本发明实施例的实施过程构成任何限定。Those skilled in the art may understand that the size of the sequence numbers of the steps in the above embodiments does not mean that the execution order is sequential, and the execution order of each process should be determined by its function and inherent logic, and should not correspond to the implementation process of the embodiments of the present invention Constitute any limitation.
实施例二Example 2
对应于上述实施例一所述的固件安全认证方法,图3中示出了本发明实施例二中固件安全认证装置的结构框图。为了便于说明,仅示出了与本实施例相关的部分。Corresponding to the firmware security authentication method described in Embodiment 1 above, FIG. 3 shows a structural block diagram of the firmware security authentication device in Embodiment 2 of the present invention. For ease of explanation, only parts related to this embodiment are shown.
该装置包括:安全等级判断模块110、固件下载模块120、BOOT文件启动模块130和OS文件启动模块140。The device includes: a security level judgment module 110, a firmware download module 120, a BOOT file startup module 130, and an OS file startup module 140.
其中,安全等级判断模块110用于获取待下载固件文件的安全等级,并判断所述待下载固件文件的安全等级是否满足预设安全等级。The security level judgment module 110 is used to obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level.
固件下载模块120用于在所述待下载固件文件的安全等级满足所述预设安全等级时,下载所述固件文件,其中,所述固件文件包括BOOT文件或OS文件。The firmware download module 120 is configured to download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file.
BOOT文件启动模块130用于启动所述BOOT文件,获取所述BOOT文件的安全等级。The BOOT file starting module 130 is used to start the BOOT file and obtain the security level of the BOOT file.
OS文件启动模块140用于判断所述OS文件的安全等级是否满足所述BOOT文件的安全等级,若满足,则根据所述BOOT文件启动所述OS文件。The OS file starting module 140 is used to judge whether the security level of the OS file meets the security level of the BOOT file, and if it meets, start the OS file according to the BOOT file.
可选的,固件下载模块120还用于:在所述待下载固件文件的安全等级满足所述预设安全等级时,将所述固件文件写入Flash区。Optionally, the firmware download module 120 is further configured to: when the security level of the firmware file to be downloaded meets the preset security level, write the firmware file into the Flash area.
可选的,固件下载模块120具体用于:在所述BOOT文件的安全等级大于所述预设安全等级时,将所述BOOT文件的安全等级写入Fuse区,所述Fuse区内的安全等级设置为所述预设安全等级。Optionally, the firmware download module 120 is specifically configured to: when the security level of the BOOT file is greater than the preset security level, write the security level of the BOOT file into the Fuse area, and the security level in the Fuse area Set to the preset security level.
可选的,固件下载模块120还用于:若已下载的固件文件存在漏洞,增加当前待下载的所述固件文件的安全等级。Optionally, the firmware download module 120 is also used to: if the downloaded firmware file has a vulnerability, increase the security level of the firmware file currently to be downloaded.
上述固件安全认证装置,安全等级判断模块110将待下载固件文件的安全等级与预设安全等级进行比对,固件下载模块120在满足条件的情况下完成固件的下载,并将BOOT文件的安全等级写入Fuse区,来表明系统当前运行的固件文件的安全等级为预设安全等级,将下载后的固件写入Flash区,OS文件启动模块140在启动OS文件时将OS文件的安全等级与BOOT文件的安全等级对比,通过后启动OS文件,通过这种机制可以保证,即使非法人员通过烧录Flash的方式,下载低版本固件造成漏洞,也不能正常启动系统,有效的杜绝了机器被回退到非安全版本的风险,提高了机器的安全性。In the above firmware safety certification device, the safety level judgment module 110 compares the safety level of the firmware file to be downloaded with the preset safety level, and the firmware download module 120 completes the download of the firmware when the conditions are met, and compares the safety level of the BOOT file Write to the Fuse area to indicate that the security level of the firmware file currently running on the system is the preset security level, and the downloaded firmware is written to the Flash area. The OS file startup module 140 writes the security level and BOOT of the OS file when starting the OS file The security level of the file is compared. After the OS file is started, the mechanism can ensure that even if the illegal person downloads the firmware of the low version by writing the Flash to create a loophole, the system cannot be started normally, effectively preventing the machine from being rolled back. The risk of going to a non-secure version improves the security of the machine.
实施例三Example Three
图4是本发明实施例三提供的支付终端100的示意图。如图4所示,该实施例所述的支付终端100包括:处理器150、存储器160以及存储在所述存储器160中并可在所述处理器150上运行的计算机程序161,例如固件安全认证方法的程序。所述处理器150在执行所述计算机程序161时实现上述各个固件安全认证方法实施例中的步骤,例如图1所示的步骤S101至S104。或者,所述处理器150执行所述计算机程序161时实现上述各装置实施例中各模块/单元的功能,例如图3所示模块110至140的功能。4 is a schematic diagram of a payment terminal 100 provided in Embodiment 3 of the present invention. As shown in FIG. 4, the payment terminal 100 described in this embodiment includes: a processor 150, a memory 160, and a computer program 161 stored in the memory 160 and executable on the processor 150, such as firmware security certification Method of procedure. When the processor 150 executes the computer program 161, the steps in the above embodiments of the firmware security authentication method are implemented, for example, steps S101 to S104 shown in FIG. 1. Alternatively, when the processor 150 executes the computer program 161, the functions of each module / unit in the foregoing device embodiments are realized, for example, the functions of the modules 110 to 140 shown in FIG. 3.
示例性的,所述计算机程序161可以被分割成一个或多个模块/单元,所述一个或者多个模块/单元被存储在所述存储器160中,并由所述处理器150执行,以完成本发明。所述一个或多个模块/单元可以是能够完成特定功能的一系列计算机程序指令段,该指令段用于描述所述计算机程序161在所述支付终端100中的执行过程。例如,所述计算机程序161可以被分割成安全等级判断模块、固件下载模块、BOOT文件启动模块和OS文件启动模块,各模块具体功能如下:Exemplarily, the computer program 161 may be divided into one or more modules / units, and the one or more modules / units are stored in the memory 160 and executed by the processor 150 to complete this invention. The one or more modules / units may be a series of computer program instruction segments capable of performing specific functions, and the instruction segments are used to describe the execution process of the computer program 161 in the payment terminal 100. For example, the computer program 161 may be divided into a security level judgment module, a firmware download module, a BOOT file startup module, and an OS file startup module. The specific functions of each module are as follows:
安全等级判断模块用于获取待下载固件文件的安全等级,并判断所述待下载固件文件的安全等级是否满足预设安全等级。The security level judgment module is used to obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level.
固件下载模块用于在所述待下载固件文件的安全等级满足所述预设安全等级时,下载所述固件文件,其中,所述固件文件包括BOOT文件或OS文件。The firmware download module is used to download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file.
BOOT文件启动模块用于启动所述BOOT文件,获取所述BOOT文件的安全等级。The BOOT file starting module is used to start the BOOT file and obtain the security level of the BOOT file.
OS文件启动模块用于判断所述OS文件的安全等级是否满足所述BOOT文件的安全等级,若满足,则根据所述BOOT文件启动所述OS文件。The OS file startup module is used to determine whether the security level of the OS file meets the security level of the BOOT file, and if it meets the requirement, the OS file is started according to the BOOT file.
可选的,固件下载模块还用于:在所述待下载固件文件的安全等级满足所述预设安全等级时,将所述固件文件写入Flash区。Optionally, the firmware download module is further used to: when the security level of the firmware file to be downloaded meets the preset security level, write the firmware file into the Flash area.
可选的,固件下载模块具体用于:在所述BOOT文件的安全等级大于所述预设安全等级时,将所述BOOT文件的安全等级写入Fuse区,所述Fuse区内的安全等级设置为所述预设安全等级。Optionally, the firmware download module is specifically configured to: when the security level of the BOOT file is greater than the preset security level, write the security level of the BOOT file into the Fuse area, and set the security level in the Fuse area Is the preset security level.
可选的,固件下载模块还用于:若已下载的固件文件存在漏洞,增加当前待下载的所述固件文件的安全等级。Optionally, the firmware download module is also used to increase the security level of the firmware file to be downloaded if the downloaded firmware file has vulnerabilities.
所述支付终端100可以是桌上型计算机、笔记本、掌上电脑及云端服务器等计算设备。所述支付终端100可包括,但不仅限于处理器150、存储器160。本领域技术人员可以理解,图4仅仅是支付终端100的示例,并不构成对支付终端100的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件,例如支付终端100还可以包括输入输出设备、网络接入设备、总线等。The payment terminal 100 may be a computing device such as a desktop computer, a notebook, a palmtop computer and a cloud server. The payment terminal 100 may include, but is not limited to, the processor 150 and the memory 160. Those skilled in the art can understand that FIG. 4 is only an example of the payment terminal 100, and does not constitute a limitation on the payment terminal 100, and may include more or less components than shown, or combine certain components, or different components. For example, the payment terminal 100 may also include input and output devices, network access devices, buses, and the like.
所称处理器150可以是中央处理单元(Central Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器 (Digital Signal Processor,DSP)、专用集成电路 (Application Specific Integrated Circuit,ASIC)、现成可编程门阵列 (Field-Programmable Gate Array,FPGA) 或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The so-called processor 150 may be a central processing unit (Central Processing Unit (CPU), can also be other general-purpose processors, digital signal processors (DSP), application-specific integrated circuits (Application Specific Integrated Circuit (ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components, etc. The general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
所述存储器160可以是支付终端100的内部存储单元,例如支付终端100的硬盘或内存。所述存储器160也可以是支付终端100的外部存储设备,例如支付终端100上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。进一步地,所述存储器160还可以既包括支付终端100的内部存储单元也包括外部存储设备。所述存储器160用于存储所述计算机程序以及支付终端100所需的其他程序和数据。所述存储器160还可以用于暂时地存储已经输出或者将要输出的数据。The memory 160 may be an internal storage unit of the payment terminal 100, such as a hard disk or a memory of the payment terminal 100. The memory 160 may also be an external storage device of the payment terminal 100, such as a plug-in hard disk equipped on the payment terminal 100, a smart memory card (Smart Media Card, SMC), a secure digital (SD) card, or a flash memory card (Flash Card) etc. Further, the memory 160 may also include both an internal storage unit of the payment terminal 100 and an external storage device. The memory 160 is used to store the computer program and other programs and data required by the payment terminal 100. The memory 160 may also be used to temporarily store data that has been or will be output.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述或记载的部分,可以参见其它实施例的相关描述。In the above embodiments, the description of each embodiment has its own emphasis. For a part that is not detailed or recorded in an embodiment, you can refer to the related descriptions of other embodiments.
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。Those of ordinary skill in the art may realize that the units and algorithm steps of the examples described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are executed in hardware or software depends on the specific application of the technical solution and design constraints. Professional technicians can use different methods to implement the described functions for each specific application, but such implementation should not be considered beyond the scope of the present invention.
在本发明所提供的实施例中,应该理解到,所揭露的装置/支付终端和方法,可以通过其它的方式实现。例如,以上所描述的装置/支付终端实施例仅仅是示意性的,例如,所述模块或单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通讯连接可以是通过一些接口,装置或单元的间接耦合或通讯连接,可以是电性,机械或其它的形式。In the embodiments provided by the present invention, it should be understood that the disclosed device / payment terminal and method may be implemented in other ways. For example, the device / payment terminal embodiments described above are only schematic. For example, the division of the module or unit is only a logical function division. In actual implementation, there may be other division modes, such as multiple units Or components can be combined or integrated into another system, or some features can be ignored or not implemented. In addition, the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit. The above integrated unit may be implemented in the form of hardware or software functional unit.
所述集成的模块/单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明实现上述实施例方法中的全部或部分流程,也可以通过计算机程序来指令相关的硬件来完成,所述的计算机程序可存储于一计算机可读存储介质中,该计算机程序在被处理器执行时,可实现上述各个方法实施例的步骤。其中,所述计算机程序包括计算机程序代码,所述计算机程序代码可以为源代码形式、对象代码形式、可执行文件或某些中间形式等。所述计算机可读介质可以包括:能够携带所述计算机程序代码的任何实体或系统、记录介质、U盘、移动硬盘、磁碟、光盘、计算机存储器、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、电载波信号、电信信号以及软件分发介质等。需要说明的是,所述计算机可读介质包括的内容可以根据司法管辖区内立法和专利实践的要求进行适当的增减,例如在某些司法管辖区,根据立法和专利实践,计算机可读介质不包括电载波信号和电信信号。If the integrated module / unit is implemented in the form of a software functional unit and sold or used as an independent product, it may be stored in a computer-readable storage medium. Based on this understanding, the present invention can implement all or part of the processes in the methods of the above embodiments, and can also be completed by a computer program instructing relevant hardware. The computer program can be stored in a computer-readable storage medium. When the program is executed by the processor, the steps of the foregoing method embodiments may be implemented. Wherein, the computer program includes computer program code, and the computer program code may be in the form of source code, object code, executable file, or some intermediate form. The computer-readable medium may include: any entity or system capable of carrying the computer program code, a recording medium, a USB flash drive, a mobile hard disk, a magnetic disk, an optical disk, a computer memory, a read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electrical carrier signals, telecommunication signals, and software distribution media. It should be noted that the content included in the computer-readable medium can be appropriately increased or decreased according to the requirements of legislation and patent practice in jurisdictions. For example, in some jurisdictions, according to legislation and patent practice, computer-readable media Does not include electrical carrier signals and telecommunications signals.
以上所述实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围,均应包括在本发明的保护范围之内。The above-mentioned embodiments are only used to illustrate the technical solutions of the present invention, not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that they can still implement the foregoing The technical solutions described in the examples are modified, or some of the technical features are equivalently replaced; and these modifications or replacements do not deviate from the essence and scope of the technical solutions of the embodiments of the present invention, and should be included in Within the protection scope of the present invention.

Claims (10)

  1. 一种固件安全认证方法,其特征在于,包括:A firmware safety authentication method, which is characterized by including:
    获取待下载固件文件的安全等级,判断所述待下载固件文件的安全等级是否满足预设安全等级;Obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level;
    在所述待下载固件文件的安全等级满足所述预设安全等级时,下载所述固件文件,其中,所述固件文件包括BOOT文件或OS文件;Download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file;
    启动所述BOOT文件,获取所述BOOT文件的安全等级;Start the BOOT file to obtain the security level of the BOOT file;
    判断所述OS文件的安全等级是否满足所述BOOT文件的安全等级,若满足,则根据所述BOOT文件启动所述OS文件。It is determined whether the security level of the OS file meets the security level of the BOOT file, and if it is satisfied, the OS file is started according to the BOOT file.
  2. 如权利要求1所述的固件安全认证方法,其特征在于,还包括:The firmware security authentication method of claim 1, further comprising:
    在所述待下载固件文件的安全等级满足所述预设安全等级时,将所述固件文件写入Flash区。When the security level of the firmware file to be downloaded meets the preset security level, the firmware file is written into the Flash area.
  3. 如权利要求2所述的固件安全认证方法,其特征在于,所述在所述待下载固件文件的安全等级满足所述预设安全等级时下载所述固件文件,包括:The firmware security authentication method according to claim 2, wherein the downloading of the firmware file when the security level of the firmware file to be downloaded meets the preset security level includes:
    在所述BOOT文件的安全等级大于所述预设安全等级时,将所述BOOT文件的安全等级写入Fuse区,所述Fuse区内的安全等级设置为所述预设安全等级。When the security level of the BOOT file is greater than the preset security level, the security level of the BOOT file is written into the Fuse area, and the security level in the Fuse area is set to the preset security level.
  4. 如权利要求1至3任一项所述的固件安全认证方法,其特征在于,还包括:The firmware security authentication method according to any one of claims 1 to 3, further comprising:
    若已下载的固件文件存在漏洞,增加当前待下载的所述固件文件的安全等级。If the downloaded firmware file has vulnerabilities, increase the security level of the firmware file to be downloaded currently.
  5. 一种固件安全认证装置,其特征在于,包括:A firmware safety authentication device, characterized in that it includes:
    安全等级判断模块,用于获取待下载固件文件的安全等级,判断所述待下载固件文件的安全等级是否满足预设安全等级;The security level judgment module is used to obtain the security level of the firmware file to be downloaded, and determine whether the security level of the firmware file to be downloaded meets the preset security level;
    固件下载模块,用于在所述待下载固件文件的安全等级满足所述预设安全等级时,下载所述固件文件,其中,所述固件文件包括BOOT文件或OS文件;A firmware download module, configured to download the firmware file when the security level of the firmware file to be downloaded meets the preset security level, where the firmware file includes a BOOT file or an OS file;
    BOOT文件启动模块,用于启动所述BOOT文件,获取所述BOOT文件的安全等级;BOOT file startup module, used to start the BOOT file and obtain the security level of the BOOT file;
    OS文件启动模块,用于判断所述OS文件的安全等级是否满足所述BOOT文件的安全等级,若满足,则根据所述BOOT文件启动所述OS文件。The OS file startup module is used to determine whether the security level of the OS file meets the security level of the BOOT file, and if it is satisfied, start the OS file according to the BOOT file.
  6. 如权利要求5所述的固件安全认证装置,其特征在于,所述固件下载模块还用于:The firmware security authentication device according to claim 5, wherein the firmware download module is further used to:
    在所述待下载固件文件的安全等级满足所述预设安全等级时,将所述固件文件写入Flash区。When the security level of the firmware file to be downloaded meets the preset security level, the firmware file is written into the Flash area.
  7. 如权利要求6所述的固件安全认证装置,其特征在于,所述固件下载模块具体用于:The firmware security authentication device according to claim 6, wherein the firmware download module is specifically used for:
    在所述BOOT文件的安全等级大于所述预设安全等级时,将所述BOOT文件的安全等级写入Fuse区,所述Fuse区内的安全等级设置为所述预设安全等级。When the security level of the BOOT file is greater than the preset security level, the security level of the BOOT file is written into the Fuse area, and the security level in the Fuse area is set to the preset security level.
  8. 如权利要求5至7任一项所述的固件安全认证装置,其特征在于,所述固件下载模块还用于:The firmware security authentication device according to any one of claims 5 to 7, wherein the firmware download module is further used to:
    若已下载的固件文件存在漏洞,增加当前待下载的所述固件文件的安全等级。If the downloaded firmware file has vulnerabilities, increase the security level of the firmware file to be downloaded currently.
  9. 一种支付终端,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现如权利要求1至4任一项所述方法的步骤。A payment terminal, including a memory, a processor, and a computer program stored in the memory and runable on the processor, characterized in that, when the processor executes the computer program, it is implemented as claimed in claims 1 to 4. The steps of any of the methods.
  10. 一种计算机可读存储介质,所述计算机可读存储介质存储计算机程序,其特征在于,所述计算机程序被处理器执行时实现如权利要求1至4任一项所述方法的步骤。A computer-readable storage medium storing a computer program, characterized in that, when the computer program is executed by a processor, the steps of the method according to any one of claims 1 to 4 are implemented.
PCT/CN2019/114321 2018-10-30 2019-10-30 Firmware security authentication method, device and payment terminal WO2020088516A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811277132.3A CN109508535B (en) 2018-10-30 2018-10-30 Firmware security authentication method and device and payment terminal
CN201811277132.3 2018-10-30

Publications (1)

Publication Number Publication Date
WO2020088516A1 true WO2020088516A1 (en) 2020-05-07

Family

ID=65747174

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/114321 WO2020088516A1 (en) 2018-10-30 2019-10-30 Firmware security authentication method, device and payment terminal

Country Status (2)

Country Link
CN (1) CN109508535B (en)
WO (1) WO2020088516A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109508535B (en) * 2018-10-30 2021-07-13 百富计算机技术(深圳)有限公司 Firmware security authentication method and device and payment terminal
CN111966970B (en) 2020-07-31 2021-05-07 深圳比特微电子科技有限公司 Method and device for preventing firmware of digital currency mining machine from backing and digital currency mining machine

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102105883A (en) * 2008-06-23 2011-06-22 Nxp股份有限公司 Electronic device and method of software or firmware updating of an electronic device
CN102981881A (en) * 2012-12-10 2013-03-20 中兴通讯股份有限公司 Method and system for preventing mobile terminal from being updated to illegal firmware version
CN104956374A (en) * 2013-03-01 2015-09-30 意法爱立信有限公司 A method for software anti-rollback recovery
CN105549974A (en) * 2015-12-09 2016-05-04 合肥联宝信息技术有限公司 Chip firmware updating method and system
US20170308705A1 (en) * 2016-04-22 2017-10-26 Qualcomm Incorporated System, device and method for anti-rollback protection of over-the-air updated device images
CN109508535A (en) * 2018-10-30 2019-03-22 百富计算机技术(深圳)有限公司 Firmware safety certifying method, device and payment terminal

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101034991B (en) * 2007-04-06 2011-05-11 中兴通讯股份有限公司 Secure guiding system, method, code signature construction method and authentication method
CN101470610B (en) * 2007-12-25 2011-07-20 英业达股份有限公司 Updating method of program used for test
CN101826026A (en) * 2010-04-12 2010-09-08 中兴通讯股份有限公司 Embedded equipment and on-line updating system and method of firmware in embedded equipment
CN102662714B (en) * 2012-04-17 2015-10-07 中标软件有限公司 A kind of (SuSE) Linux OS and starting method thereof
US9262155B2 (en) * 2012-06-04 2016-02-16 Oracle International Corporation System and method for supporting in-band/side-band firmware upgrade of input/output (I/O) devices in a middleware machine environment
CN103530150B (en) * 2013-10-10 2017-03-01 上海爱数信息技术股份有限公司 A kind of long-range method updating of (SuSE) Linux OS
CN103927490A (en) * 2014-04-25 2014-07-16 华为技术有限公司 OS secure startup method and device
CN104008342B (en) * 2014-06-06 2017-12-15 山东超越数控电子股份有限公司 A kind of method that secure and trusted certification is realized by BIOS and kernel
CN105183529A (en) * 2015-10-29 2015-12-23 浪潮(北京)电子信息产业有限公司 Method for refreshing server firmware, target server, source server and system
CN106201640A (en) * 2016-09-19 2016-12-07 杭州迪普科技有限公司 A kind of method and device of BootLoader program of upgrading
CN108228222A (en) * 2017-12-27 2018-06-29 努比亚技术有限公司 A kind of upgrade method of firmware data, mobile terminal and computer storage media
CN107908416A (en) * 2017-12-28 2018-04-13 惠州Tcl家电集团有限公司 Microcontroller firmware upgrade method, device and computer-readable recording medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102105883A (en) * 2008-06-23 2011-06-22 Nxp股份有限公司 Electronic device and method of software or firmware updating of an electronic device
CN102981881A (en) * 2012-12-10 2013-03-20 中兴通讯股份有限公司 Method and system for preventing mobile terminal from being updated to illegal firmware version
CN104956374A (en) * 2013-03-01 2015-09-30 意法爱立信有限公司 A method for software anti-rollback recovery
CN105549974A (en) * 2015-12-09 2016-05-04 合肥联宝信息技术有限公司 Chip firmware updating method and system
US20170308705A1 (en) * 2016-04-22 2017-10-26 Qualcomm Incorporated System, device and method for anti-rollback protection of over-the-air updated device images
CN109508535A (en) * 2018-10-30 2019-03-22 百富计算机技术(深圳)有限公司 Firmware safety certifying method, device and payment terminal

Also Published As

Publication number Publication date
CN109508535A (en) 2019-03-22
CN109508535B (en) 2021-07-13

Similar Documents

Publication Publication Date Title
US11080405B2 (en) Securing operating system configuration using hardware
CN107330333B (en) Method and device for ensuring safety of firmware of POS (point-of-sale) machine
KR101702289B1 (en) Continuation of trust for platform boot firmware
US9424431B2 (en) Protecting operating system configuration values using a policy identifying operating system configuration settings
KR100299954B1 (en) Secure bios
US20150199521A1 (en) Secure boot administration
US9881158B2 (en) Secure option ROM control
US20150074387A1 (en) System and method for auto-enrolling option roms in a uefi secure boot database
US20170289193A1 (en) Secure smart terminal and an information processing method
US20160342790A1 (en) Protecting anti-malware processes
US10592661B2 (en) Package processing
US11914682B2 (en) Software verification device
WO2017133559A1 (en) Secure boot method and device
US20140149730A1 (en) Systems and methods for enforcing secure boot credential isolation among multiple operating systems
CN108229144B (en) Verification method of application program, terminal equipment and storage medium
US9659171B2 (en) Systems and methods for detecting tampering of an information handling system
US20130227262A1 (en) Authentication device and authentication method
WO2020088516A1 (en) Firmware security authentication method, device and payment terminal
CN105335197A (en) Starting control method and device for application program in terminal
US10019577B2 (en) Hardware hardened advanced threat protection
CN111160879A (en) Hardware wallet and security improving method and device thereof
US20170286665A1 (en) Devices and methods for facilitating software signing by more than one signing authority
US20230342472A1 (en) Computer System, Trusted Function Component, and Running Method
CN110971741A (en) Management method and management device for screen locking password and terminal
WO2019037340A1 (en) Data copyright protection method and storage device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19878189

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19878189

Country of ref document: EP

Kind code of ref document: A1