CN106095468B - A kind of computer starting method and device - Google Patents
A kind of computer starting method and device Download PDFInfo
- Publication number
- CN106095468B CN106095468B CN201610576050.3A CN201610576050A CN106095468B CN 106095468 B CN106095468 B CN 106095468B CN 201610576050 A CN201610576050 A CN 201610576050A CN 106095468 B CN106095468 B CN 106095468B
- Authority
- CN
- China
- Prior art keywords
- computer
- operating system
- electronic signature
- signature information
- hard drive
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/4406—Loading of operating system
- G06F9/441—Multiboot arrangements, i.e. selecting an operating system to be loaded
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of computer starting method and devices.The electronic signature information for computer is stored in advance in external mobile storage equipment, in computer to be used, computer is connect with external mobile storage equipment.Method includes the following steps: in the electric power starting of computer, by the first os starting computer for being installed on Primary Hard Drive in advance;After computer starting, the electronic signature information in external mobile storage equipment is read, and authenticate to the electronic signature information read;If certification passes through, correct key is obtained, so that the Primary Hard Drive of computer enters encryption and decryption operating mode;Computer is restarted by the second operating system, so that computer is based on the second operating system and enters normal operating conditions.In this way, being authenticated automatically when computer starting to electronic signature information, does not need user and input identity information progress associated authentication operation, it is easy to operate, it is user-friendly.
Description
Technical field
The present invention relates to computer application technologies, more particularly to a kind of computer starting method and device.
Background technique
Computer, as the common tool of people's work and life, problem of data safety is got growing concern for.
In the prior art, be reinforce computer hard disk data safety, if will to computer Primary Hard Drive data into
Row read-write operation needs user to input preset identity information, and computer after the authentication is passed, calculates the identity information
Machine could normally start, and user could execute read-write operation to Primary Hard Drive data, and complicated operation, it has not been convenient to which user uses.
Summary of the invention
In order to solve the above technical problems, the present invention provides a kind of computer starting method and device.
The electronic signature letter for computer is stored in advance in a kind of computer starting method in external mobile storage equipment
Breath, the Primary Hard Drive of the computer are provided at least two logical partitions, and the Primary Hard Drive of the computer is equipped with the in advance
It is hard that one operating system and the second operating system, first operating system and second operating system are respectively arranged in the master
In the Different Logic subregion of disk, the data of the logical partition where first operating system are clear data, except described the
The data of other logical partitions outside logical partition where one operating system are encryption data, to use the computer
When, the computer is connect with the external mobile storage equipment, which comprises
In the electric power starting of the computer, pass through computer described in first os starting;
After the computer starting, the electronic signature information in the external mobile storage equipment is read, and right
The electronic signature information read is authenticated;
If certification passes through, the correct key of the Primary Hard Drive data for computer described in encryption and decryption is obtained, so that institute
The Primary Hard Drive for stating computer is successfully entered encryption and decryption operating mode;
Restarting instruction is generated by first operating system;
In described restart the computer, the computer is restarted by second operating system, so that institute
It states computer and normal operating conditions is entered based on second operating system.
It include first key, described pair of reading in the electronic signature information in a kind of specific embodiment of the invention
The electronic signature information got is authenticated, comprising:
Extract the first key for including in the electronic signature information;
The encryption data in the Primary Hard Drive is decrypted by the first key;
Determine whether the identification information of the master boot record of logical partition where capable of reading second operating system;
Electronic signature information certification is passed through if it is, determining;
Correspondingly, the correct key for obtaining the Primary Hard Drive data for computer described in encryption and decryption, comprising:
The first key for including in the electronic signature information is determined as being used for the Primary Hard Drive of computer described in encryption and decryption
The correct key of data.
In a kind of specific embodiment of the invention, the described pair of electronic signature information read is authenticated, comprising:
The electronic signature information is matched with the signing messages in the Primary Hard Drive for being pre-stored within the computer;
If the two matches, it is determined that pass through to electronic signature information certification.
In a kind of specific embodiment of the invention, the Primary Hard Drive data obtained for computer described in encryption and decryption
Correct key, comprising:
According to the electronic signature information, the Primary Hard Drive number for computer described in encryption and decryption is generated according to the algorithm of setting
According to correct key.
In a kind of specific embodiment of the invention, referred to described by first operating system generation restarting
After order, the method also includes:
Logical partition where first operating system is hidden processing.
In a kind of specific embodiment of the invention, the starting priority of second operating system is higher than described first
The starting priority of operating system.
In a kind of specific embodiment of the invention, the method also includes:
Electronic signature information in the external mobile storage equipment is by encryption and to hide the information handled.
In a kind of specific embodiment of the invention, the external mobile storage equipment is USB flash disk, has general serial total
The mobile hard disk of line USB interface, has external series advanced technology attachment at the mobile hard disk with thunder and lightning thunderbolt interface
One of the mobile hard disk of part eSATA interface and the card reader with storage card.
The electronic signature letter for computer is stored in advance in a kind of computer starting device in external mobile storage equipment
Breath, the Primary Hard Drive of the computer are provided at least two logical partitions, and the Primary Hard Drive of the computer is equipped with the in advance
It is hard that one operating system and the second operating system, first operating system and second operating system are respectively arranged in the master
In the Different Logic subregion of disk, the data of the logical partition where first operating system are clear data, except described the
The data of other logical partitions outside logical partition where one operating system are encryption data, to use the computer
When, the computer is connect with the external mobile storage equipment, described device includes:
Computer starting module, for passing through first os starting in the electric power starting of the computer
The computer;
Electron underwriting authentication module, for reading in the external mobile storage equipment after the computer starting
The electronic signature information, and the electronic signature information read is authenticated, if certification passes through, trigger correct key
Obtain module;
The correct key obtains module, for obtaining the correct close of the Primary Hard Drive data for computer described in encryption and decryption
Key, so that the Primary Hard Drive of the computer is successfully entered encryption and decryption operating mode;
Instruction of restarting generation module, for generating restarting instruction by first operating system;
Module is restarted, for being restarted by second operating system in described restart the computer
The computer, so that the computer is based on second operating system and enters normal operating conditions.
It include first key, the electronics in the electronic signature information in a kind of specific embodiment of the invention
Signature verification module is specifically used for:
Extract the first key for including in the electronic signature information;
The encryption data in the Primary Hard Drive is decrypted by the first key;
Determine whether the identification information of the master boot record of logical partition where capable of reading second operating system;
Electronic signature information certification is passed through if it is, determining;
Correspondingly, the correct key obtains module, it is specifically used for:
The first key for including in the electronic signature information is determined as being used for the Primary Hard Drive of computer described in encryption and decryption
The correct key of data.
Using technical solution provided by the embodiment of the present invention, the first behaviour of the Primary Hard Drive by being installed on computer in advance
After making system starting computer, the pre-stored electronic signature for computer in external mobile storage equipment can be read and believed
Breath, authenticates the electronic signature information, if certification passes through, obtains the Primary Hard Drive data for encryption and decryption computer
Correct key, so that the Primary Hard Drive of computer is successfully entered encryption and decryption operating mode, by be installed on Primary Hard Drive in advance second
Operating system restarts computer, so that computer is based on the second operating system and enters normal operating conditions.Computer starting
When, electronic signature information is authenticated automatically, user is not needed and inputs identity information progress associated authentication operation, operation letter
It is single, it is user-friendly.
Detailed description of the invention
It, below will be to embodiment or existing for the clearer technical solution for illustrating the embodiment of the present invention or the prior art
Attached drawing needed in technical description is briefly described, it should be apparent that, the accompanying drawings in the following description is only this hair
Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is a kind of implementation flow chart of computer starting method in the embodiment of the present invention;
Fig. 2 is a kind of structural schematic diagram of computer starting device in the embodiment of the present invention.
Specific embodiment
In order to enable those skilled in the art to better understand the solution of the present invention, with reference to the accompanying drawings and detailed description
The present invention is described in further detail.Obviously, described embodiments are only a part of the embodiments of the present invention, rather than
Whole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise
Under every other embodiment obtained, shall fall within the protection scope of the present invention.
The embodiment of the invention provides a kind of computer starting methods, can accordingly be equipped with outside one in computer factory
Set movable storage device.It needs that the electronic signature information for computer, computer is stored in advance in external mobile storage equipment
Cooperate with external mobile storage equipment, user's normal use computer could be made, it can also Primary Hard Drive data to computer
It plays a protective role.
In embodiments of the present invention, the Primary Hard Drive of computer is provided at least two logical partitions, hard in the master of computer
First operating system and the second operating system are installed in advance, the first operating system and the second operating system are respectively arranged in disk
In the Different Logic subregion of Primary Hard Drive, the data of the logical partition where the first operating system are clear data, except the first behaviour
The data for making other logical partitions outside the logical partition where system are encryption data.
When user will use computer, computer can be connect with external mobile storage equipment.When the electricity of computer
When source is opened, the first os starting computer can be first passed through.After computer starting, external mobile storage can be read
Pre-stored electronic signature information in equipment, and the electronic signature information read is authenticated.It, can be with after certification passes through
The correct key for obtaining the Primary Hard Drive data for encryption and decryption computer, so that the Primary Hard Drive of computer is successfully entered encryption and decryption work
Operation mode, using the correct key operation can be decrypted to Primary Hard Drive data to be read in Primary Hard Drive, hard to master to be written
The data of disk carry out cryptographic operation.Primary Hard Drive can be driven to the second behaviour for being installed on Primary Hard Drive in advance by the first operating system
After making the related data successful decryption of system, the restarting generated for computer is instructed, and the second behaviour for passing through Primary Hard Drive
Make system restarting computer, in this way, computer can enter normal operating conditions based on the second operating system.
The electronic signature information for computer is stored in advance in external mobile storage equipment, in the external mobile storage
When equipment and computer are used cooperatively, do not need user and input identity information again, it is easy to operate, it is user-friendly.And it is external
Electronic signature information is only stored in movable storage device, needed for memory space it is smaller, external mobile storage can be reduced and set
Standby cost of manufacture.
In embodiments of the present invention, external mobile storage equipment is USB flash disk, the movement with general-purpose serial bus USB interface
Hard disk, the mobile hard disk with thunder and lightning thunderbolt interface, the shifting with external series Advanced Technology Attachment eSATA interface
Dynamic one of hard disk and the card reader with storage card.
It is shown in Figure 1, it is a kind of implementation flow chart of computer starting method provided by the embodiment of the present invention, the party
Method may comprise steps of:
S110: in the electric power starting of computer, pass through the first os starting computer.
In practical applications, when user will use computer, the power supply of computer will be opened.It is opened in the power supply of computer
Qi Shi, computer enter startup program.Because of the logical partition where the first operating system for being installed in the Primary Hard Drive of computer
Related data be clear data, the related data of the logical partition where the second operating system is encryption data, so, this
When can pass through the first os starting computer.
S120: after computer starting, reading the electronic signature information in external mobile storage equipment, and to reading
Electronic signature information is authenticated, if certification passes through, thens follow the steps S130.
After computer starting, the electronic signature that can be read in external mobile storage equipment by the first operating system is believed
Breath, and the electronic signature information read is authenticated.If certification passes through, the operation of step S130 is continued to execute.
In a kind of specific embodiment of the invention, the step of authenticating to the electronic signature information read, can be with
The following steps are included:
Step 1: electronic signature information is matched with the signing messages in the Primary Hard Drive for being pre-stored within computer,
If the two matches, two are thened follow the steps;
Step 2: it determines and electronic signature information certification is passed through.
In embodiments of the present invention, signing messages can be stored in advance in the Primary Hard Drive of computer, the signing messages is specific
It can store in the logical partition where the first operating system.After computer starting, external mobile storage equipment is read
In electronic signature information after, the signing messages stored in the electronic signature information and Primary Hard Drive can be matched, if
The two matching, it is determined that the electronic signature information certification read is passed through.
In embodiments of the present invention, the electronic signature information in external mobile storage equipment is to be encrypted and hide
The information of processing.Electronic signature information is encrypted specifically, rivest, shamir, adelman can be used, can pass through by
The invisible area that electronic signature information is stored in external mobile storage equipment is hidden processing to electronic signature information.This
Sample can increase safety of the electronic signature information in external mobile storage equipment, avoid by illegal operation and read-write.Separately
Outside, the data channel of the Primary Hard Drive of external mobile storage equipment and computer can also pass through encryption, further enhance electricity
The safety of sub- signing messages transmission, avoids illegally being stolen.
For the Primary Hard Drive data of computer, in addition to the related data of logical partition where the first operating system, other are patrolled
The data for collecting subregion can use high-speed symmetric Encryption Algorithm, such as use national secret algorithm SM4, AES (Advanced
Encryption Standard, Advanced Encryption Standard), GOST (Gosudarstvennyi Standard, the former Soviet Union design
Block encryption algorithm), one of DES (Data Encryption Standard, data encryption standards).It is, of course, also possible to
Using other enciphering and deciphering algorithms, such as rivest, shamir, adelman, the embodiment of the present invention to this with no restriction.
S130: obtain for encryption and decryption computer Primary Hard Drive data correct key so that the Primary Hard Drive of computer at
Function enters encryption and decryption operating mode.
Authenticated to the electronic signature information read, and authenticate pass through after, can obtain based on encryption and decryption
The correct key of the Primary Hard Drive of calculation machine.The correct key is close used in the enciphering and deciphering algorithm of the Primary Hard Drive data of computer
Key.
In practical applications, key can be stored in advance in the Primary Hard Drive of computer.When computer is to the electricity read
After sub- signing messages certification passes through, correct key can be obtained in itself Primary Hard Drive.
In a kind of specific embodiment of the invention, step S130 be may comprise steps of:
According to electronic signature information, the correct of the Primary Hard Drive data for encryption and decryption computer is generated according to the algorithm of setting
Key.
In embodiments of the present invention, it when passing through the first os starting computer, is set to external mobile storage is read
After electronic signature information certification in standby passes through, it can be generated according to preset key according to the electronic signature information
Algorithm generates the correct key of the Primary Hard Drive data for encryption and decryption computer.
In practical applications, the correct key of generation can be temporarily held in the buffer register of the Primary Hard Drive.
In this way, the correct key will also disappear in buffer register when computer power down.If user reopens
When computer power supply, then after needing to pass through the electronic signature information certification re-read, just according to the electronic signature information
Correct key can be generated.It, can be to avoid illegally being stolen in this way, further ensure the safety of correct key in a computer
It takes.
In a kind of specific embodiment of the invention, first key may include in electronic signature information, to reading
Electronic signature information the step of being authenticated may comprise steps of:
First step: the first key for including in electronic signature information is extracted;
Second step: the encryption data in Primary Hard Drive is decrypted by first key;
Third step: determine whether the mark of the master boot record of logical partition where capable of reading the second operating system
Information is known, if it is, executing the 4th step;
4th step: it determines and electronic signature information certification is passed through.
It is illustrated for ease of description, aforementioned four step is combined.
It may include first key in pre-stored electronic signature information in external mobile storage equipment.When computer opens
It is dynamic, after reading the electronic signature information in the external mobile storage equipment, it can extract in the electronic signature information and include
First key.The encryption data in Primary Hard Drive is decrypted by the first key, it is determined whether the second behaviour can be read
The identification information of the main boot MBR record of logical partition where making system, leads to if it is, determining and authenticating to electronic signature information
It crosses, otherwise, it determines not passing through to electronic signature information certification, computer is no longer restarted by the first operating system, is rested on
Current state.
That is, if the electronic signature information is not tampered with, it includes first key be to be used for encryption and decryption
The correct key of the Primary Hard Drive data of computer can be decrypted the second operating system related data, if the electronics label
Name information be tampered, then by it includes first key can not be to Primary Hard Drive data deciphering.
Correspondingly, directly the first key for including in electronic signature information can be determined as to be used for encryption and decryption computer
The correct key of Primary Hard Drive data.
In practical applications, the correct key of acquisition can be temporarily held in the buffer register of the Primary Hard Drive.
In this way, the correct key will also disappear in buffer register when computer power down.If user reopens
When computer power supply, then after needing to pass through the electronic signature information certification re-read, just according to the electronic signature information
Correct key can be generated.It, can be to avoid illegally being stolen in this way, further ensure the safety of correct key in a computer
It takes.
In practical applications, an application software can be installed in advance in the first operating system.
After passing through the first os starting computer, which accordingly can load and run.This is using soft
Part can be communicated with the Primary Hard Drive of computer and external mobile storage equipment respectively by privately owned order, play one therebetween
A bridge beam action.Computer can read electronic signature information by the application software from external mobile storage equipment.
S140: restarting instruction is generated by the first operating system.
After step S130 computer acquires correct key, Primary Hard Drive can be driven to second by the first operating system
The related data of operating system is decrypted, and after successful decryption, generates opening again for computer by the first operating system
Dynamic instruction, so that computer can restart.
In one embodiment of the invention, after step s 140, this method may also comprise the following steps::
Logical partition where first operating system is hidden processing.
In embodiments of the present invention, the task of the first operating system is to start computer in computer initial start-up,
Generation is instructed for the restarting of computer after obtaining correct key, after generation restarting instructs, the first operation system
The task of system has been completed, and the logical partition where the first operating system can be hidden processing, in this way, working as computer weight
Qi Shi can be restarted by the second operating system.
S150: when restarting the computer, computer is restarted by the second operating system, so that computer is based on
Second operating system enters normal operating conditions.
In embodiments of the present invention, the starting priority that can preset the second operating system is higher than the first operating system
Starting priority.When restarting the computer, because the second operating system related data is decrypted, and the second operation system
The starting priority of system is higher than the starting priority of the first operating system, it is possible to be restarted and be counted by the second operating system
Calculation machine, in this way, computer can enter normal operating conditions based on the second operating system.
So far, the computer can be used normally in user.
User is in normal use computer procedures, and when computer receives data write instruction, Primary Hard Drive can make
Cryptographic operation is carried out with the data that the key pair of acquisition is written;When computer receives data read command, Primary Hard Drive can be with
Output is to user after operation is decrypted using the data that the key pair of acquisition is read.
Using method provided by the embodiment of the present invention, the first operation by the Primary Hard Drive for being installed on computer in advance is
After system starting computer, the pre-stored electronic signature information for computer in external mobile storage equipment can be read,
The electronic signature information is authenticated, if certification passes through, acquisition is being used for the Primary Hard Drive data of encryption and decryption computer just
True key, so that the Primary Hard Drive of computer is successfully entered encryption and decryption operating mode, by the second behaviour for being installed on Primary Hard Drive in advance
Make system restarting computer, so that computer is based on the second operating system and enters normal operating conditions.When computer starting,
Electronic signature information is authenticated automatically, user is not needed and inputs identity information progress associated authentication operation, easy to operate, side
Just user uses.
Corresponding to above method embodiment, the embodiment of the invention also provides a kind of computer starting devices, external
The electronic signature information for computer is stored in advance in movable storage device, the Primary Hard Drive of computer is provided at least two and patrols
Volume subregion, and the Primary Hard Drive of computer is equipped with the first operating system and the second operating system in advance, the first operating system and the
Two operating systems are respectively arranged in the Different Logic subregion of Primary Hard Drive, and the data of the logical partition where the first operating system are
Clear data, the data of other logical partitions in addition to the logical partition where the first operating system are encryption data,
When using computer, computer is connect with external mobile storage equipment.
Shown in Figure 2, the apparatus may include with lower module:
Computer starting module 210, for being calculated by the first os starting in the electric power starting of computer
Machine;
Electron underwriting authentication module 220, for reading the electronics label in external mobile storage equipment after computer starting
Name information, and the electronic signature information read is authenticated, if certification passes through, triggers correct key and obtain module
230;
Correct key obtains module 230, for obtaining the correct key for being used for the Primary Hard Drive data of encryption and decryption computer, with
The Primary Hard Drive of computer is set to be successfully entered encryption and decryption operating mode;
Instruction of restarting generation module 240, for generating restarting instruction by the first operating system;
Module 250 is restarted, for restarting and calculating by the second operating system when restarting the computer
Machine, so that computer is based on the second operating system and enters normal operating conditions.
Using device provided by the embodiment of the present invention, the first operation by the Primary Hard Drive for being installed on computer in advance is
After system starting computer, the pre-stored electronic signature information for computer in external mobile storage equipment can be read,
The electronic signature information is authenticated, if certification passes through, acquisition is being used for the Primary Hard Drive data of encryption and decryption computer just
True key, so that the Primary Hard Drive of computer is successfully entered encryption and decryption operating mode, by the second behaviour for being installed on Primary Hard Drive in advance
Make system restarting computer, so that computer is based on the second operating system and enters normal operating conditions.When computer starting,
Electronic signature information is authenticated automatically, user is not needed and inputs identity information progress associated authentication operation, easy to operate, side
Just user uses.
It include first key, electron underwriting authentication in electronic signature information in a kind of specific embodiment of the invention
Module 220, is specifically used for:
Extract the first key for including in electronic signature information;
The encryption data in Primary Hard Drive is decrypted by first key;
Determine whether the identification information of the master boot record of logical partition where capable of reading the second operating system;
Electronic signature information certification is passed through if it is, determining;
Correspondingly, correct key obtains module 230, it is specifically used for:
The first key for including in electronic signature information is being determined as being used for the Primary Hard Drive data of encryption and decryption computer just
True key.
In a kind of specific embodiment of the invention, electron underwriting authentication module 220 is specifically used for:
Electronic signature information is matched with the signing messages in the Primary Hard Drive for being pre-stored within computer;
If the two matches, it is determined that pass through to electronic signature information certification.
In a kind of specific embodiment of the invention, correct key obtains module 230, is specifically used for:
According to electronic signature information, the correct of the Primary Hard Drive data for encryption and decryption computer is generated according to the algorithm of setting
Key.
In a kind of specific embodiment of the invention, the device further include:
Logical partition hidden module is used for after generating restarting instruction by the first operating system, first is grasped
Logical partition where making system is hidden processing.
In a kind of specific embodiment of the invention, the starting priority of the second operating system is higher than the first operating system
Starting priority.
In a kind of specific embodiment of the invention, the electronic signature information in external mobile storage equipment is by adding
Close processing and the information for hiding processing.
In a kind of specific embodiment of the invention, external mobile storage equipment is USB flash disk, has universal serial bus
The mobile hard disk of USB interface, has external series Advanced Technology Attachment at the mobile hard disk with thunder and lightning thunderbolt interface
One of the mobile hard disk of eSATA interface and the card reader with storage card.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with it is other
The difference of embodiment, same or similar part may refer to each other between each embodiment.For being filled disclosed in embodiment
For setting, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is referring to method part
Explanation.
Professional further appreciates that, unit described in conjunction with the examples disclosed in the embodiments of the present disclosure
And algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clearly demonstrate hardware and
The interchangeability of software generally describes each exemplary composition and step according to function in the above description.These
Function is implemented in hardware or software actually, the specific application and design constraint depending on technical solution.Profession
Technical staff can use different methods to achieve the described function each specific application, but this realization is not answered
Think beyond the scope of this invention.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor
The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit
Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology
In any other form of storage medium well known in field.
A kind of computer starting method provided by the present invention and device are described in detail above.It is used herein
A specific example illustrates the principle and implementation of the invention, and the above embodiments are only used to help understand
Method and its core concept of the invention.It should be pointed out that for those skilled in the art, not departing from this
, can be with several improvements and modifications are made to the present invention under the premise of inventive principle, these improvement and modification also fall into the present invention
In scope of protection of the claims.
Claims (6)
1. a kind of computer starting method, which is characterized in that be only stored in advance in external mobile storage equipment for computer
Electronic signature information, the Primary Hard Drive of the computer is provided at least two logical partitions, and the Primary Hard Drive of the computer
The first operating system and the second operating system are installed in advance, first operating system and second operating system are pacified respectively
In Different Logic subregion loaded on the Primary Hard Drive, the data of the logical partition where first operating system are unencryption number
According to the data of other logical partitions in addition to the logical partition where first operating system are encryption data, to be made
When with the computer, the computer is connect with the external mobile storage equipment, which comprises
In the electric power starting of the computer, pass through computer described in first os starting;
After the computer starting, the electronic signature information in the external mobile storage equipment is read, and to reading
To electronic signature information authenticated;
If certification passes through, the correct key of the Primary Hard Drive data for computer described in encryption and decryption is obtained, so that the meter
The Primary Hard Drive of calculation machine is successfully entered encryption and decryption operating mode;
Restarting instruction is generated by first operating system;
In described restart the computer, the computer is restarted by second operating system, so that the meter
Calculation machine is based on second operating system and enters normal operating conditions;
It wherein, include first key in the electronic signature information, the described pair of electronic signature information read authenticates, and wraps
It includes:
Extract the first key for including in the electronic signature information;
The encryption data in the Primary Hard Drive is decrypted by the first key;
Determine whether the identification information of the master boot record of logical partition where capable of reading second operating system;
Electronic signature information certification is passed through if it is, determining;
Correspondingly, the correct key for obtaining the Primary Hard Drive data for computer described in encryption and decryption, comprising:
The first key for including in the electronic signature information is determined as being used for the Primary Hard Drive data of computer described in encryption and decryption
Correct key.
2. the method according to claim 1, wherein being opened again described by first operating system generation
After dynamic instruction, the method also includes:
Logical partition where first operating system is hidden processing.
3. the method according to claim 1, wherein the starting priority of second operating system is higher than described
The starting priority of first operating system.
4. method according to any one of claims 1 to 3, which is characterized in that the method also includes:
Electronic signature information in the external mobile storage equipment is by encryption and to hide the information handled.
5. according to the method described in claim 4, it is characterized in that, the external mobile storage equipment is USB flash disk, has general string
The mobile hard disk of row bus USB interface, has the advanced skill of external series at the mobile hard disk with thunder and lightning thunderbolt interface
One of the mobile hard disk of art attachment eSATA interface and the card reader with storage card.
6. a kind of computer starting device, which is characterized in that be only stored in advance in external mobile storage equipment for computer
Electronic signature information, the Primary Hard Drive of the computer is provided at least two logical partitions, and the Primary Hard Drive of the computer
The first operating system and the second operating system are installed in advance, first operating system and second operating system are pacified respectively
In Different Logic subregion loaded on the Primary Hard Drive, the data of the logical partition where first operating system are unencryption number
According to the data of other logical partitions in addition to the logical partition where first operating system are encryption data, to be made
When with the computer, the computer is connect with the external mobile storage equipment, described device includes:
Computer starting module, in the electric power starting of the computer, by described in first os starting
Computer;
Electron underwriting authentication module, for reading described in the external mobile storage equipment after the computer starting
Electronic signature information, and the electronic signature information read is authenticated, if certification passes through, triggers correct key and obtain
Module;
The correct key obtains module, for obtaining the correct key for being used for the Primary Hard Drive data of computer described in encryption and decryption,
So that the Primary Hard Drive of the computer is successfully entered encryption and decryption operating mode;
Instruction of restarting generation module, for generating restarting instruction by first operating system;
Module is restarted, in described restart the computer, by described in second operating system restarting
Computer, so that the computer is based on second operating system and enters normal operating conditions;
Wherein, include first key in the electronic signature information, the electron underwriting authentication module is specifically used for:
Extract the first key for including in the electronic signature information;
The encryption data in the Primary Hard Drive is decrypted by the first key;
Determine whether the identification information of the master boot record of logical partition where capable of reading second operating system;
Electronic signature information certification is passed through if it is, determining;
Correspondingly, the correct key obtains module, it is specifically used for:
The first key for including in the electronic signature information is determined as being used for the Primary Hard Drive data of computer described in encryption and decryption
Correct key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610576050.3A CN106095468B (en) | 2016-07-20 | 2016-07-20 | A kind of computer starting method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610576050.3A CN106095468B (en) | 2016-07-20 | 2016-07-20 | A kind of computer starting method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106095468A CN106095468A (en) | 2016-11-09 |
| CN106095468B true CN106095468B (en) | 2019-07-19 |
Family
ID=57449506
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610576050.3A Active CN106095468B (en) | 2016-07-20 | 2016-07-20 | A kind of computer starting method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106095468B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109033848B (en) * | 2018-06-25 | 2020-09-25 | 湖南国科微电子股份有限公司 | Method and system for safely operating stored data |
| CN110502928B (en) * | 2019-08-28 | 2022-03-29 | 上海金卓科技有限公司 | Dual operating system, working state control method, device and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102929674A (en) * | 2012-11-02 | 2013-02-13 | 威盛电子股份有限公司 | Electronic device and starting up method |
| CN103927490A (en) * | 2014-04-25 | 2014-07-16 | 华为技术有限公司 | OS secure startup method and device |
| CN104484625A (en) * | 2014-12-29 | 2015-04-01 | 北京明朝万达科技有限公司 | Computer with dual operating systems and implementation method thereof |
| CN104572093A (en) * | 2014-12-30 | 2015-04-29 | 北京工业大学 | Method for realizing bi-operation system starting of terminal equipment by using USB (universal serial bus) controller |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040107358A1 (en) * | 2003-09-26 | 2004-06-03 | Peter Shiakallis | [DataVault X4 Multi-Network Secure Computer] |
-
2016
- 2016-07-20 CN CN201610576050.3A patent/CN106095468B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102929674A (en) * | 2012-11-02 | 2013-02-13 | 威盛电子股份有限公司 | Electronic device and starting up method |
| CN103927490A (en) * | 2014-04-25 | 2014-07-16 | 华为技术有限公司 | OS secure startup method and device |
| CN104484625A (en) * | 2014-12-29 | 2015-04-01 | 北京明朝万达科技有限公司 | Computer with dual operating systems and implementation method thereof |
| CN104572093A (en) * | 2014-12-30 | 2015-04-29 | 北京工业大学 | Method for realizing bi-operation system starting of terminal equipment by using USB (universal serial bus) controller |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106095468A (en) | 2016-11-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2020192406A1 (en) | Method and apparatus for data storage and verification | |
| CN112560058B (en) | SSD partition encryption storage system based on intelligent password key and implementation method thereof | |
| WO2017041603A1 (en) | Data encryption method and apparatus, mobile terminal, and computer storage medium | |
| CN101650693B (en) | Security control method for mobile hard disk and security mobile hard disk | |
| CN103198247B (en) | A kind of computer safety protective method and system | |
| CN109587164A (en) | A kind of information encrypting transmission method, device, equipment and storage medium | |
| CN106203071A (en) | A kind of firmware upgrade method and device | |
| CN109190401A (en) | A kind of date storage method, device and the associated component of Qemu virtual credible root | |
| CN111008390A (en) | Root key generation protection method and device, solid state disk and storage medium | |
| CN102163267A (en) | Solid state disk as well as method and device for secure access control thereof | |
| CN104901810A (en) | Data encryption storage method based on domestic cryptographic algorithm | |
| EP4300338A1 (en) | Computer file security encryption method, computer file security decryption method, and readable storage medium | |
| CN201518127U (en) | Encrypted mobile memory based on password authentication | |
| CN110401538A (en) | Data ciphering method, system and terminal | |
| CN106100851B (en) | Password management system, intelligent wristwatch and its cipher management method | |
| CN106095468B (en) | A kind of computer starting method and device | |
| CN104346586B (en) | The method of the storage device and type self-destroyed protection data of type self-destroyed protection data | |
| CN106203142A (en) | A kind of method and device of the Primary Hard Drive data protecting computer | |
| CN103346883A (en) | Method and device for initializing electronic signature tool | |
| CN111327429A (en) | Terminal starting processing method and device | |
| CN103020538A (en) | Terminal data protection method and terminal | |
| KR101214899B1 (en) | USB Security Device and Security Method thereof | |
| CN103136489B (en) | Portable and secure automatic password input unit | |
| CN105357005A (en) | Electric power trusted computing cryptographic module for PCI/PCI-E interface | |
| CN115455497A (en) | Computer hard disk data encryption system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |