CN104700023B - A kind of computer system time tamper resistant method and system - Google Patents

A kind of computer system time tamper resistant method and system Download PDF

Info

Publication number
CN104700023B
CN104700023B CN201310647642.6A CN201310647642A CN104700023B CN 104700023 B CN104700023 B CN 104700023B CN 201310647642 A CN201310647642 A CN 201310647642A CN 104700023 B CN104700023 B CN 104700023B
Authority
CN
China
Prior art keywords
time
character string
checkpoint
file
check
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310647642.6A
Other languages
Chinese (zh)
Other versions
CN104700023A (en
Inventor
王�琦
周小淇
符廖峰
汪大海
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Teamsun Technology Co Ltd
China Mobile Group Liaoning Co Ltd
Original Assignee
Beijing Teamsun Technology Co Ltd
China Mobile Group Liaoning Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Teamsun Technology Co Ltd, China Mobile Group Liaoning Co Ltd filed Critical Beijing Teamsun Technology Co Ltd
Priority to CN201310647642.6A priority Critical patent/CN104700023B/en
Publication of CN104700023A publication Critical patent/CN104700023A/en
Application granted granted Critical
Publication of CN104700023B publication Critical patent/CN104700023B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Debugging And Monitoring (AREA)

Abstract

The present invention provides a kind of computer system time tamper resistant method and system, the character string that one group generated according to computer system time to be checked represents time check point determines the computer system time deviation range allowed, the character string group for representing time check point is converted to by not intelligible ciphertext character string group by hashing algorithm, in computer system to be checked, compared with the ciphertext character string group of the time check point of the time deviation scope of the ciphertext character string for the checkpoint time for representing system time and representative that a upper cycle determines this inspection permission and it will periodically search, it is determined that the deviation range allowed whether is changed and exceeded in this week interim system time.Compared with prior art, to artificial deliberately even malicious modification system time, or to keeping the method for computer system time validity to apply Human disturbance so that the situation that computer is in time anomaly state has good monitoring effect.

Description

A kind of computer system time tamper resistant method and system
Technical field
The present invention relates to Communications And Computer technical field, more particularly to a kind of computer system time tamper resistant method and System.
Background technology
With the popularization of computer system, the requirement more and more higher for computer system time.Computer program is just Often operation is possible to the validity dependent on computer system time, and computer system time and the difference of reference time are excessive, I.e. computer system time may cause computer program operation exception not in effective range.
In the prior art, method of the inspection computer system time used in effective range has:
Computer system time is manually obtained by department of computer science's system program, and compared with the reference time, determines computer Whether system time is in effective range.
In the case where computer system A can be communicated with running on the computer system R of reference time by network, lead to Cross certain computer system network application program and keep computer system A and computer system R system time effective poor In different scope.
Computer system A can directly obtain the reference time by external equipment, and keep computer by application program System time is with the reference time in effective disparity range.
Specifically, during the present invention is realized, inventor has found that currently existing scheme has the disadvantage that:
Method of the inspection computer system time widely used at present in effective range is when being based on people to system Between with expectation that the reference time is consistent and design, common mode be by the Network Capture reference time, and adjust from Body system time is allowed to as consistent with the reference time as possible.Such method to artificial deliberately even malicious modification system time, or Person applies Human disturbance to the method for keeping computer system time validity(Such as interrupt network connection)So that at computer Lack enough inspection measures in the situation of time anomaly state.
The content of the invention
The shortcomings that it is an object of the invention to overcome prior art and deficiency, there is provided a kind of computer system time is anti-tamper Method and system.
A kind of computer system time tamper resistant method, methods described include:
Step 1: check for the checkpoint time check character string file of the explanation effective time scope preserved C, if so, content in the file C is write into checkpoint time check character string dimension Z;Otherwise, step 4 is performed;
Step 2: obtaining present system time, the checkpoint time character string of reference format is generated, passes through hashing algorithm F The character string is converted into the checkpoint time check character string s that length is L;
Step 3: check in the array Z whether there is with checkpoint time check character string s identical character strings, if It is, based on the present system time construction character string dimension of checkpoint time check next time Z ';Otherwise, output needs to verify again Temporal information;
Step 4: re-creating the file C, and the content in the array Z ' is stored in the file C;
Step 5: mark or information of the output time deviation in effective range.
The checkpoint time check character string is built according to following manner:
According to present system time, proof cycle p and check starting time structure checkpoint time character string;
Checkpoint time character string is converted to by the checkpoint time check character string that length is L positions according to hashing algorithm F.
It is described that the character string dimension Z ' of checkpoint time check next time is constructed based on present system time, including:
Present system time is obtained, obtains a nearest checkpoint time T ';
All checkpoint times time range for generating and permitting when checking next time in are calculated based on proof cycle p;
All checkpoint times are passed sequentially through into the checkpoint time check character that hashing algorithm F transition lengths are L String is put into array Z ', when making the checkpoint time check character string order each checkpoint of correspondence in array Z ' in each unit Between.
It is described to re-create the file C, including:
Retain the file C and remove the content in the file C.
Methods described also includes:
After postponing proof cycle p, step 2 and subsequent step are performed.
In the step 3, after output needs proving time information again, in addition to:
Delete the checkpoint time check character string file C of the explanation effective time scope;
The prompting update the system time is simultaneously waited to be confirmed;
After validation, step 2 and subsequent step are performed.
A kind of computer system time tamper resistant systems, the system include file C inspection units, checkpoint time check Character string s generation units, comparing unit, file C cell and time bias contribution output unit are rebuild, wherein,
The file C inspection units, for check for preserved explanation effective time scope checkpoint when Between check character string file C, if so, content in the file C is write into checkpoint time check character string dimension Z, and send To the comparing unit;Otherwise, the reconstruction file C cell is notified;
The checkpoint time check character string s generation units, for obtaining present system time, generate reference format Checkpoint time character string, the character string is converted to by the checkpoint time check character string that length is L by hashing algorithm F S, and it is sent to the comparing unit;
The comparing unit, it whether there is and checkpoint time check character string s identicals for checking in the array Z Character string, if so, based on the present system time construction character string dimension of checkpoint time check next time Z ' and being sent to described Rebuild file C cell;
The reconstruction file C cell, is stored in for re-creating the file C, and by the content in the array Z ' In the file C;
The time deviation result output unit, for mark or information of the output time deviation in effective range.
The system also includes checkpoint time check character string construction unit, for according to present system time, inspection Period p and inspection starting time structure checkpoint time character string;Checkpoint time character string is changed according to hashing algorithm F For the checkpoint time check character string that length is L positions.
The checkpoint time check character string s generation units, it is additionally operable to obtain present system time, obtains nearest one Individual checkpoint time T ';All inspections time range for generating and permitting when checking next time in are calculated based on proof cycle p The point time;All checkpoint times are passed sequentially through into the checkpoint time check character string that hashing algorithm F transition lengths are L It is put into array Z ', when making the checkpoint time check character string order each checkpoint of correspondence in array Z ' in each unit Between.
The system also includes authentication unit again, for being not present in checking the array Z in the comparing unit During with checkpoint time check character string s identical character strings, the checkpoint time school of the explanation effective time scope is deleted Test character string file C;The prompting update the system time is simultaneously waited to be confirmed;After validation, the checkpoint time check character is notified String s generation units regenerate checkpoint time check character string s.
The present invention passes through Checkpointing time check character string file C, each computer system power-on operation or fixed When phase is run, the checkpoint time check character string s of reference format is calculated according to present system time.Then character is compared It whether there is identical character string in string s and file C, if, it is believed that it is correct by verification, system time;Otherwise it is assumed that system Time modification mistake.After having checked every time, continue to set the checkpoint time check character string of next checkpoint.With prior art Compare, the present invention determines to permit by one group generated according to the computer system time to be checked character string for representing time check point Perhaps computer system time deviation range, the character string group for representing time check point is converted to by hashing algorithm and is not easy to manage The ciphertext character string group of solution, in computer system to be checked, it will periodically represent the ciphertext word of the checkpoint time of system time The ciphertext character string group of the time check point for the time deviation scope that this inspection of the representative that symbol string determined with a upper cycle allows Compare and search, it is determined that whether being changed and having been exceeded the deviation range allowed in this week interim system time.To artificial intentional Even malicious modification system time, or the method to keeping computer system time validity apply Human disturbance(As interrupted Network connection)So that the situation that computer is in time anomaly state has good monitoring effect.
Brief description of the drawings
Fig. 1 is the computer system time tamper resistant method principle flow chart that the embodiment of the present invention 1 provides;
Fig. 2 is the computer system time tamper resistant systems structural representation that the embodiment of the present invention 2 provides.Specific embodiment party Formula
The embodiment of the present invention is described in detail below in conjunction with the accompanying drawings.But embodiments of the present invention are unlimited In this.
The general principle of each embodiment of the present invention is:Periodicmaintenance one is by effective in computer system to be checked The array of the feature description composition of all checkpoint times of time range, the array describe effective time range, and When review time arrives by the description of system time feature compared with the numerical value in the array, if identical in array be present Feature describes, then illustrates that system time deviation without departing from preset range, otherwise provides prompting.And when the array is established for the first time Or, it is necessary to the temporal characteristics description for carrying out self-referential system be inputted, whether to determine present system time when being established again after failure In effective range.
As shown in figure 1, the computer system time tamper resistant method principle flow chart provided for the embodiment of the present invention 1, tool Body is as follows:
Step 10, the checkpoint time check character string file of the explanation effective time scope preserved is checked for C, if so, content in file C is write into checkpoint time check character string dimension Z;Otherwise, step 40 is performed.
Before the scheme of the present embodiment, various parameters in lower the present embodiment are introduced first.Determine inspection system time phase The parameter and method of pass, including:
Reference time T:As the inspection system time whether the reference in effective range.Reference time T is based on reference System time in system R(Usually using the standard time)Checkpoint corresponding with the current time time obtained, frame of reference R In program Z T is changed into the checkpoint time check character string s of standard time, make for system to be checked in checking process With.In a proof cycle, reference time T will not change with the change of system time, therefore, the corresponding checkpoint time The string s that checks character will not also change.
Checkpoint time T':It is the inspection corresponding with current time obtained based on the system time in system A to be checked The point time, and a series of checkpoint time can be calculated according to T', proof cycle and initial time, with represents permission when Between deviation range.In a proof cycle, the time deviation scope of the permission represented with the beginning and ending time will not be with system time Change and change.
Proof cycle p:It can be integer day, can make for 24 divided evenly integer hours or can make for 60 divided evenly integer minutes. For example, can be 1 day, 1 hour, 2 hours, 3 hours, 4 hours, 6 hours, 8 hours, 12 hours, 1 minute, 2 minutes, 3 minutes, 4 Minute, it is selectable proof cycle within 5 minutes, 6 minutes, 10 minutes, 12 minutes, 15 minutes, 30 minutes.
The time deviation scope t1 to t2 of allowance:It is true in t1 to t2 institutes for proof cycle p Integer n times, wherein n >=1, T In fixed time interval.For example, t1 to t2 is 48 hours, i.e., +/- 24 hours, T is t1 all to the midpoint times between t2, inspection Phase is 10 minutes.
Checkpoint time character string building method S:It is the building method of the checkpoint time character string of reference format, benchmark The construction of format checking point time character string is related to system time, proof cycle p and inspection starting time.When passing through checkpoint Between character string building method S system time can be converted to immediate with system time, have already passed through, with checking starting point Time interval is the time character string of p integral multiple.
For example, present system time is 5 days 7 May in 2013:15, proof cycle is 1 hour, and it is 0 to check starting time Point, then checkpoint time character string is 2013050507.
Here inspection starting time is one of checkpoint time character string building method S parameter, approximate can be understood For the phase angle of periodic function.For ease of calculating, when may be selected daily 0, hourly 0 grade as starting time, now Phase angle be can be regarded as 0.For example, present system time is 5 days 7 May in 2013:15, proof cycle is 1 hour, is checked The point time is 0 point, then checkpoint time character string is 2013050507.Present system time is 5 days 7 May in 2013:15, inspection The cycle is looked into as 1 hour, check starting time be 0 point 09 minute, then checkpoint time character string is 201305050709.
Checkpoint time character string make can be:
a.YYYYMMDD:Corresponding time YYYY MM month DD days, correspondence proving cycle are p days, and corresponding typical case permits the time Disparity range is n*p days.For example, 20130505, the correspondence proving cycle can be 1 day or more days.
b.YYYYMMDDHH:During the corresponding time YYYY MM DD month, HH day, the correspondence proving cycle is p hours, starting time When can be chosen to be daily 0, it is n*p hours that corresponding typical case, which permits time difference scope,.For example, 2013050520, correspondence proving week Phase can be 1 hour or more hours
c.YYYYMMDDHHmm:Mm points during the corresponding time YYYY MM DD month, HH day, the correspondence proving cycle is p minutes, is risen The point time can be chosen to be 0 minute per hour, and it is n*p minutes that corresponding typical case, which permits time difference scope,.For example, 201305052030, The correspondence proving cycle can be 1 minute, 2 minutes, 3 minutes, 5 minutes, 6 minutes, 10 minutes, 15 minutes, 30 minutes.
Hash function F:Checkpoint time character string is converted to by the checkpoint time school that length is L positions by hashing algorithm Test character string s.It is characterized in that the checkpoint time check character string s that different checkpoint time character strings obtains after conversion It is different.For example, by hash function F character string " zVc0 " can be converted to by 2013050520,2013050521 are converted to Character string " Yu8f ".
Simultaneously, it is necessary to periodically construct the checkpoint time check character string s of the checkpoint time based on the reference time, with Just used in checking process.The program Z in the computer system R of reference time, which can be obtained, to be generated by cycle Application way S of p The checkpoint time character string of reference format, then the character string is converted to by the checkpoint time that length is L by hashing algorithm F String of checking character and exports s.The way of output is user interface or Application Program Interface.
The computer system A of system time to be checked startup optimization program B in system starting process, inspection system time Whether in effective range.
Check for the checkpoint time check character string file C of the explanation effective time scope preserved.
The purpose for setting file C is to avoid every subsystem restarting from being required for re-entering the inspection for carrying out self-referential system Point time check character string s.Only just need to verify again when present system time exceeds time range determined by C.
Program B, which is checked in computer system, whether there is checkpoint time check character string file C, if this document is not deposited Then illustrating time check system for first operation, it is necessary to construct checkpoint time check character string dimension Z, and input and come from Program Z checkpoint time check character string s, to verify system time whether in effective range.Now redirect execution step 40。
Step 20, present system time is obtained, generates checkpoint time character string, is turned character string by hashing algorithm F It is changed to the checkpoint time check character string s that length is L.
If checkpoint time check character string file C is present, illustrated the computer system A of system time to be checked once Through running time check program, and save last time operation when effective time range, by file C content write inspection Make an inventory of time check character string dimension Z.At this time, it may be necessary to according to the current time in system, when structure is currently needed for the checkpoint of checking Between check character string s.Present system time, and the checkpoint time character string of Application way S generation reference formats are obtained, then is led to Cross hashing algorithm F and the character string is converted into the checkpoint time check character string s that length is L.
Step 30, check in array Z whether there is with checkpoint time check character string s identical character strings, if so, base In the present system time construction character string dimension of checkpoint time check next time Z ';Otherwise, output needs the proving time again Information.
Check whether there is in array Z with s identical character strings, if it does not exist, then determined by explanation array Z effectively Time range has failed, it is necessary to verify again, and output needs proving time information again, prompts the update the system time and waits Confirm, after validation, re-execute step 20.Namely after time failure, checking again, using from reference time system Checkpoint time check character string as current check point time check character string s.Here frame of reference is voluntarily to run Reference time system is provided, in treat the system time verification process of time verifying, use the time for carrying out self-referential system Verify whether system time to be verified is correct.
If in array Z exist with s identical character strings, illustrate that present system time is not yet determined beyond file C Effective time scope, it is not necessary to the checkpoint time check character string s from reference time system, therefore current system need to be based on Unite time construction checkpoint time check character string dimension Z ', and its process is to obtain present system time, and when passing through checkpoint Between character string conversion method S obtain a nearest checkpoint time T ', and generation is calculated based on proof cycle p and examined next time All checkpoint times in the time range permitted when looking into.
By taking checkpoint time T ' as an example, time range is permitted for exemplified by t1 to t2, i.e. T '-t1=n*p, t2-T '=n*p, n are Positive integer.
In next cyclic check, all checkpoint times in allowance time range have 2n, are followed successively by:
T '-(n-1) * p, T '-(n-2) * p, T '-(n-3) * p ... T '+p......T '+(n-1) * p, T '+n*p
If present system time is 5 days 7 May in 2013:15, the current check point time is 7:00, proof cycle is 1 small When, effective time scope is +/- 4 hours, now n=4, then when checking next time, all effectively checkpoint times are:
2013050504、2013050505、2013050506、2013050507、2013050508、2013050509、 2013050510、2013050511
The above-mentioned checkpoint time is passed sequentially through into the checkpoint time check character string s that hashing algorithm F transition lengths are L to put Enter in array Z ', make checkpoint time check character string s orders corresponding each checkpoint time in array in each unit.
Step 40, the file C is re-created, and the content in array Z ' is stored in the file C.
Remove in file C it is interior perhaps re-create file C, and the content in array Z ' is stored in file C, makes text All the time the effective time scope description based on system time is preserved in part C.
Step 50, mark or information of the output time deviation in effective range.
So far, the checking to computer system time is completed.Further, in order to ensure the power of system time inspection Degree, can periodically carry out system time inspection.Proof cycle is p, after proof cycle p is postponed, can re-execute step Rapid 20, checkpoint time check character string s is built according to the current time in system and carries out follow-up checking step.
The present embodiment checks computer system R of device of the computer system time in effective range by operation program Z With operation program B and preserve file C computer A form.
Program Z-direction system in need provides the time point checkpoint time check character string s based on the standard time.
Program B and file C periodically checked whether the checkpoint time corresponding to present system time is true in a upper cycle In the range of effective time during this fixed cyclic check, and provide output and prompting.
In the present embodiment, pass through the one group of character for representing time check point generated according to computer system time to be checked String determines the computer system time deviation range allowed.The character string group for representing time check point is changed by hashing algorithm For not intelligible ciphertext character string group.In computer system to be checked, the checkpoint time of system time will be periodically represented The representative that determines of ciphertext character string and a upper cycle this check the time deviation scope allowed time check point ciphertext Character string group compares and searched, it is determined that whether being changed and having been exceeded the deviation range allowed in this week interim system time.
Method of the inspection computer system time widely used at present in effective range is when being based on people to system Between with expectation that the reference time is consistent and design, common mode be by the Network Capture reference time, and adjust from Body system time is allowed to as consistent with the reference time as possible.Such method to artificial deliberately even malicious modification system time, or Person applies Human disturbance to the method for keeping computer system time validity(Such as interrupt network connection)So that at computer Lack enough inspection measures in the situation of time anomaly state.
The target of the present embodiment, which is not lain in, enables system time to be consistent as far as possible with the reference time, but establishes one Kind of checking mechanism, make one for the change to system time can be found.It the advantage is that:
Program B is the program of independent operating, is allowed when a time check is immediately determined that after and checked next time Time deviation scope, its running not by system time change influenceed, therefore, if in checking process twice there occurs System time changes and beyond the deviation range of permission, can be found when checking for rear time and provide prompting and output.
Due to program B operation, the offset of modification time is without departing from set deviation model in only every proof cycle It could not be found when enclosing by program B, therefore, if there is larger gap the expectation target time artificially changed with present system time When, it is necessary to repeated multiple times modification system time can be only achieved purpose, so as to add artificial modification computer system time without The difficulty found by program B.
Program B is the program of independent operating, in addition to the current check point time check character string that input carrys out self-referential system, It need not be communicated in the process of running with external program, therefore, there is no network connection in system to be checked and frame of reference When can also be checked.
Furthermore, it is understood that the present embodiment is when system is run for the first time, or system down time exceed close before preserve showing When being again started up after permission time deviation scope determined by the description of field time feature, or inspection result shows system time deviation During more than allowed band, by the description of the feature of reference time with using local zone time generation can describe allow time deviation Whether the description of situ time feature compares, determine local zone time and the deviation of reference time in allowed band.
During systems stay is run, periodically the feature description of local zone time was utilized with a upper cycle local Whether the situ time feature description of time generation compares, it is determined that because significantly the time adjusts and led in a cycle Local zone time was caused beyond tolerance scope determined by a upper cycle.
If local system time generates situ time feature in the deviation range of permission, using local system time Description, as the benchmark checked next time, and provides output result of the system time deviation in allowed band;Otherwise provide and be Output result of the time deviation of uniting outside allowed band, and by above-mentioned when system is run for the first time, or system down time exceedes When being again started up after permission time deviation scope determined by the situ time feature description preserved before closing, or inspection result table Bright system time deviation test mode described when exceeding allowed band is checked.
It is illustrated below:
Assuming that system allows time range to be -4 hours /+4 hours, proof cycle is 1 hour, present system time 7: 15, description effective time scope all checkpoint times be:
3:00、4:00、5:00、6:00、7:00、8:00、9:00:、10:00
I.e. system time is 3:00 to 10:59/it is effective.Above-mentioned each checkpoint time is with checkpoint time school Test when the mode of character string is stored in array and file to check and use.
Now, time check program be delayed a proof cycle, i.e., after 1 hour, start again at new checking process, root According to present system time 7:15 generation checkpoint times were 7:00, due to corresponding 7:The checkpoint time check character string at 00 moment Have been saved in array and file, thus can determine that system time in effective range, output time deviation meets to require letter Breath, while corresponding effective time scope when being next cycle start-up check by the content update in array and file, i.e.,:
4:00、5:00、6:00、7:00、8:00、9:00、10:00、11:00
And entry time length is the delay of the delay, i.e., 1 hour of a proof cycle.
If not changing system time, after a proof cycle, system time 8:15, the checkpoint time is 8:00, its checkpoint time check character string can be found in the data or file that a upper cycle preserves, and thus be can determine that and be The time unite in effective range, output time deviation meets require information, while under being by the content update in array and file Corresponding effective time scope during one cycle start-up check, and it is again introduced into delay of the length for a proof cycle.Above mistake Journey performs repeatedly using a proof cycle as interval, if system time, all the time in effective range, output time is inclined all the time Difference meets require information.
If in next proof cycle arrival forefathers to have modified system time, and closely institute is once checked beyond preceding The effective time scope of determination, it is 3 to be such as again started up system time during checking process:25, the correspondence proving point time is 3:00.And 3:00 checkpoint time check character string s is not stored in effective checkpoint time check character string dimension and file, Therefore output time deviation goes beyond the scope information, and requires that input validation carrys out the checkpoint time check character string of self-referential system s.Now, system operator needs system time being modified to time with the deviation range of reference time in effective range, And verified in the checkpoint time check character string s input systems of self-referential system in future.
When system is run first, due to the checkpoint time check in the absence of previously saved description effective time scope Character string file, then effective time range check point time array is generated on the basis of present system time, and require that input is tested Card carrys out the checkpoint time check character string s of self-referential system.Now, system operator needs the inspection of self-referential system in future Verified in point time check character string s input systems.
If system closes the long period, time when being again started up has been over last time and is stored in the checkpoint time Check character identified time range in string file, then effective time range check point is generated on the basis of present system time Time array, and require that input validation carrys out the checkpoint time check character string of self-referential system.Now, system operator needs Future self-referential system checkpoint time check character string input system in verified.
As shown in Fig. 2 the computer system time tamper resistant systems structural representation provided for the embodiment of the present invention 2, should System includes file C inspection units 100, checkpoint time check character string s generation units 200, comparing unit 300, reconstruction text Part C cell 400 and time bias contribution output unit 500, it is specific as follows:
File C inspection units 100, for checking for the checkpoint time of the explanation effective time scope preserved Check character string file C, if so, content in file C is write into checkpoint time check character string dimension Z, and is sent to comparison Unit 300;Otherwise, notice rebuilds file C cell 400;
Checkpoint time check character string s generation units 200, for obtaining present system time, generate reference format Checkpoint time character string, character string is converted to by the checkpoint time check character string s that length is L by hashing algorithm F, and It is sent to comparing unit 300;
Comparing unit 300, it whether there is and checkpoint time check character string s identical characters for checking in array Z String, if so, based on the present system time construction character string dimension of checkpoint time check next time Z ' and being sent to reconstruction file C Unit 400;
File C cell 400 is rebuild, is stored in for re-creating file C, and by the content in array Z ' in file C;
Time deviation result output unit 500, for mark or information of the output time deviation in effective range.
Further, said system also includes checkpoint time check character string construction unit 600, for according to current system System time, proof cycle p and inspection starting time structure checkpoint time character string;During according to hashing algorithm F by checkpoint Between character string be converted to length be L positions checkpoint time check character string.
Further, above-mentioned checkpoint time check character string s generation units 200, when being additionally operable to obtain current system Between, obtain a nearest checkpoint time T ';The time model for generating and permitting when checking next time is calculated based on proof cycle p Enclose interior all checkpoint times;All checkpoint times are passed sequentially through into the checkpoint time that hashing algorithm F transition lengths are L String of checking character is put into array Z ', makes the checkpoint time check character string order in array Z ' in each unit corresponding each The checkpoint time.
Further, said system also includes authentication unit 700 again, used in checking array Z in comparing unit 300 During in the absence of with checkpoint time check character string s identical character strings, the checkpoint time of explanation effective time scope is deleted Check character string file C;The prompting update the system time is simultaneously waited to be confirmed;After validation, checkpoint time check character string s is notified Generation unit 200 regenerates checkpoint time check character string s.
In above-described embodiment, it is possible to achieve when artificially significantly change computer system time and make system time with reference Time deviation can be found when excessive.Artificially by repeatedly changing computer system time by a small margin to make system time and ginseng Examine the excessive difficulty increase of time deviation.It can also be checked when system to be checked does not have network connection with frame of reference.
When the present embodiment coordinates other times synchronous method or system(As run the clock synchronization system based on Network Time Protocol) During cooperation, i.e., can maintainer system the time it is consistent with the reference time, and can enough find artificial over range time adjust Event.
It should be noted that:The computer system time tamper resistant systems that above-described embodiment provides are in computer system time , can be as needed and by above-mentioned work(only with the division progress of above-mentioned each functional module for example, in practical application during inspection It can distribute and be completed by different functional modules, i.e., the internal structure of system is divided into different functional modules, more than completion The all or part of function of description.In addition, computer system time tamper resistant systems and computer that above-described embodiment provides System time tamper resistant method embodiment belongs to same design, and its specific implementation process refers to embodiment of the method, no longer superfluous here State.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.
To sum up, the present invention is by Checkpointing time check character string file C, each computer system power-on operation or During person's periodic operation, the checkpoint time check character string s of reference format is calculated according to present system time.Then compare It whether there is identical character string in character string s and file C, if, it is believed that it is correct by verification, system time;Otherwise it is assumed that System time was changed.After having checked every time, continue to set the checkpoint time check character string of next checkpoint.With it is existing Technology is compared, and the character string that the present invention represents time check point by one group generated according to computer system time to be checked is true Surely the computer system time deviation range allowed, the character string group for representing time check point is converted to not by hashing algorithm Intelligible ciphertext character string group, in computer system to be checked, will periodically represent system time the checkpoint time it is close The ciphertext character of the time check point for the time deviation scope that this inspection of the representative that Chinese character string determined with a upper cycle allows String group compares and searched, it is determined that whether being changed and having been exceeded the deviation range allowed in this week interim system time.To artificial Deliberately even malicious modification system time, or to keeping the method application Human disturbance of computer system time validity(Such as Interrupt network connection)So that the situation that computer is in time anomaly state has good monitoring effect.
Above-described embodiment is the preferable embodiment of the present invention, but embodiments of the present invention are not by above-described embodiment Limitation, other any Spirit Essences without departing from the present invention with made under principle change, modification, replacement, combine, simplification, Equivalent substitute mode is should be, is included within protection scope of the present invention.

Claims (8)

1. a kind of computer system time tamper resistant method, it is characterised in that methods described includes:
Step 1: the checkpoint time check character string file C of the explanation effective time scope preserved is checked for, if It is that content in the file C is write into checkpoint time check character string dimension Z;Otherwise, step 4 is performed;
Step 2: obtaining present system time, checkpoint time character string is generated, is turned the character string by hashing algorithm F It is changed to the checkpoint time check character string s that length is L;
Step 3: check in the array Z whether there is with checkpoint time check character string s identical character strings, if so, base In the present system time construction character string dimension of checkpoint time check next time Z ';Otherwise, output needs the proving time again Information;
Step 4: re-creating the file C, and the content in the array Z ' is stored in the file C;
Step 5: mark or information of the output time deviation in effective range;
Wherein, it is described based on the present system time construction character string dimension Z ' of checkpoint time check next time, including:
Present system time is obtained, obtains a nearest checkpoint time T ';
All checkpoint times time range for generating and permitting when checking next time in are calculated based on proof cycle p;
All checkpoint times are passed sequentially through into the checkpoint time check character string s that hashing algorithm F transition lengths are L to put Enter in array Z ', make checkpoint time check character string s orders corresponding each checkpoint time in array Z ' in each unit.
2. the method as described in claim 1, it is characterised in that the checkpoint time check character string s is according to following manner Structure:
According to present system time, proof cycle p and check starting time structure checkpoint time character string;
Checkpoint time character string is converted to by the checkpoint time check character string s that length is L positions according to hashing algorithm F.
3. the method as described in claim 1, it is characterised in that it is described to re-create the file C, including:
Retain the file C and remove the content in the file C.
4. the method as described in claim 1, it is characterised in that methods described also includes:
After postponing proof cycle p, step 2 and subsequent step are performed.
5. the method as described in claim 1, it is characterised in that in the step 3, output needs proving time information again Afterwards, in addition to:
Delete the checkpoint time check character string file C of the explanation effective time scope;
The prompting update the system time is simultaneously waited to be confirmed;
After validation, step 2 and subsequent step are performed.
6. a kind of computer system time tamper resistant systems, it is characterised in that the system includes file C inspection units, checked Point time check character string s generation units, comparing unit, file C cell and time bias contribution output unit are rebuild, wherein,
The file C inspection units, for checking for the checkpoint time school of the explanation effective time scope preserved Character string file C is tested, if so, content in the file C is write into checkpoint time check character string dimension Z, and is sent to institute State comparing unit;Otherwise, the reconstruction file C cell is notified;
The checkpoint time check character string s generation units, for obtaining present system time, generate checkpoint time character String, the character string is converted to by length by hashing algorithm F and is L checkpoint time check character string s, and be sent to described Comparing unit;
The comparing unit, it whether there is and checkpoint time check character string s identical characters for checking in the array Z String, if so, based on the present system time construction character string dimension of checkpoint time check next time Z ' and being sent to the reconstruction File C cell;
The reconstruction file C cell, for re-creating the file C, and the content in the array Z ' is stored in described In file C;
The time deviation result output unit, for mark or information of the output time deviation in effective range;
Wherein, the checkpoint time check character string s generation units, it is additionally operable to obtain present system time, obtains nearest One checkpoint time T ';All inspections time range for generating and permitting when checking next time in are calculated based on proof cycle p Make an inventory of the time;All checkpoint times are passed sequentially through into the checkpoint time check character that hashing algorithm F transition lengths are L String s is put into array Z ', makes the corresponding each checkpoint of checkpoint time check character string order in array Z ' in each unit Time.
7. system as claimed in claim 6, it is characterised in that the system also includes checkpoint time check character string and built Unit, for according to present system time, proof cycle p and inspection starting time structure checkpoint time character string;According to Hashing algorithm F is converted to checkpoint time character string the checkpoint time check character string s that length is L positions.
8. system as claimed in claim 6, it is characterised in that the system also includes authentication unit again, for described When comparing unit is checked in the array Z in the absence of with checkpoint time check character string s identical character strings, described in deletion Illustrate the checkpoint time check character string file C of effective time scope;The prompting update the system time is simultaneously waited to be confirmed;Confirming Afterwards, the checkpoint time check character string s generation units are notified to regenerate checkpoint time check character string s.
CN201310647642.6A 2013-12-04 2013-12-04 A kind of computer system time tamper resistant method and system Active CN104700023B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310647642.6A CN104700023B (en) 2013-12-04 2013-12-04 A kind of computer system time tamper resistant method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310647642.6A CN104700023B (en) 2013-12-04 2013-12-04 A kind of computer system time tamper resistant method and system

Publications (2)

Publication Number Publication Date
CN104700023A CN104700023A (en) 2015-06-10
CN104700023B true CN104700023B (en) 2017-11-21

Family

ID=53347127

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310647642.6A Active CN104700023B (en) 2013-12-04 2013-12-04 A kind of computer system time tamper resistant method and system

Country Status (1)

Country Link
CN (1) CN104700023B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105046115A (en) * 2015-09-15 2015-11-11 北京深思数盾科技有限公司 Method and apparatus for detecting tampering with software operation time
CN105488425A (en) * 2015-11-30 2016-04-13 中国科学院国家授时中心 Data security assurance method based on serial port transmission

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7000114B1 (en) * 1999-05-31 2006-02-14 Fujitsu Limited Apparatus to create and/or verify digital signatures having a secure time element and an identifier of the apparatus
CN1829147A (en) * 2005-02-28 2006-09-06 富士通株式会社 Method of supplying power to time-stamping device, security device, and time-correcting device
CN101216870A (en) * 2007-12-28 2008-07-09 北京深思洛克数据保护中心 A method for real time acquisition and remote calibration in software protection device
CN102833259A (en) * 2012-09-03 2012-12-19 中科华核电技术研究院有限公司 Tamper-proof detection method for intersystem data, as well as method and apparatus for generating check code

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7000114B1 (en) * 1999-05-31 2006-02-14 Fujitsu Limited Apparatus to create and/or verify digital signatures having a secure time element and an identifier of the apparatus
CN1829147A (en) * 2005-02-28 2006-09-06 富士通株式会社 Method of supplying power to time-stamping device, security device, and time-correcting device
CN101216870A (en) * 2007-12-28 2008-07-09 北京深思洛克数据保护中心 A method for real time acquisition and remote calibration in software protection device
CN102833259A (en) * 2012-09-03 2012-12-19 中科华核电技术研究院有限公司 Tamper-proof detection method for intersystem data, as well as method and apparatus for generating check code

Also Published As

Publication number Publication date
CN104700023A (en) 2015-06-10

Similar Documents

Publication Publication Date Title
CN108540483A (en) A kind of apparatus monitoring method and device based on block chain
US10831902B2 (en) Data verification methods and systems using a hash tree, such as a time-centric Merkle hash tree
CN109785130B (en) Block chain random consensus method and device, computer equipment and storage medium
CN103595802B (en) The method that home gateway remote software is upgraded automatically
CN112270550B (en) New energy power tracing method and system based on blockchain
EP3731455B1 (en) Verification system and method for chaining data
CN104461743B (en) The automatically generating device and method of resource and configuration
US10176213B2 (en) Method and device for verifying consistency of data of master device and slave device
US9367675B2 (en) Method for verifying and calibrating time
US9753941B2 (en) Storage system and method for processing data operation request
CN106643765A (en) Method for calculating collection abnormality maintenance time
CN103441861B (en) A kind of data record generation method and device
ATE492093T1 (en) METHOD AND SYSTEM FOR CONFIGURATION CONTROL IN TELECOMMUNICATIONS NETWORKS
WO2014040488A1 (en) Method and device for guaranteeing consistency of planning data
CN110944046A (en) Control method of consensus mechanism and related equipment
CN104700023B (en) A kind of computer system time tamper resistant method and system
CN111538637A (en) Method and system for automatically monitoring file synchronization result
CN109949006A (en) A kind of project management method, device and relevant device
CN111654395A (en) Voting information processing method, device, equipment and storage medium
WO2021159749A1 (en) Self-learning online update method and system for multi-classification model, and apparatus
CN104639328B (en) A kind of GOOSE message authentication method and system
CN112199441B (en) Data synchronous processing method, device, equipment and medium based on big data platform
CN111414421B (en) Sectional type block chain storage method and storage device
CN109697218A (en) The more write methods of efficient isomeric data and system based on configuration strategy
CN113542232A (en) Website data safety protection system based on big data

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant