CN107798246A - One kind is based on the credible detection method and device of server - Google Patents
One kind is based on the credible detection method and device of server Download PDFInfo
- Publication number
- CN107798246A CN107798246A CN201711139657.6A CN201711139657A CN107798246A CN 107798246 A CN107798246 A CN 107798246A CN 201711139657 A CN201711139657 A CN 201711139657A CN 107798246 A CN107798246 A CN 107798246A
- Authority
- CN
- China
- Prior art keywords
- server
- bmc
- cpld
- credible
- signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 23
- 238000000034 method Methods 0.000 claims description 8
- 230000005540 biological transmission Effects 0.000 claims description 4
- 230000006378 damage Effects 0.000 description 2
- 230000002427 irreversible effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Power Sources (AREA)
Abstract
The invention provides one kind to be based on the credible detection method and device of server, power on request is sent to server, server MB CPLD receive starting-up signal, judge whether system is in trusted status by the credible input/output interface signals of BMC simultaneously, if being in insincere state, the MB CPLD refuse power on request;If being in trusted status, server system boots up operation.For the present invention in BMC detection service device systems in the case of believable, server system can just carry out start-up operation, so as to avoid server from starting under dangerous environment, enhance the reliability of server system, and cost has been saved to system encryption using software.
Description
Technical field
The present invention relates to the technical field of server, and in particular to one kind is based on the credible detection method and device of server.
Background technology
In server field, when system is in insincere state, server system carries out the behaviour of any form start
Work can all cause either large or small destruction to server, even cause great irreversible destruction sometimes.As server is to being
The requirement more and more higher for reliability of uniting, this problem is also urgently to be resolved hurrily, and in currently available technology, server is all on used hardware
System is encrypted, cost is higher.
The content of the invention
Based on above mentioned problem, the present invention proposes one kind and is based on the credible detection method and device of server, can in BMC detections
During letter or when BMC detecting systems are in insincere state, server system will be unable to carry out any form start
Operation, so as to drastically increase the reliability of server system.
The present invention provides following technical scheme:
On the one hand, the invention provides one kind to be based on the credible detection method of server, and methods described includes:
Power on request is sent to server, the server MB CPLD receive starting-up signal, while credible defeated by BMC
Enter output interface signal and judge whether system is in trusted status, if being in insincere state, the MB CPLD refusals start please
Ask;If being in trusted status, server system boots up operation.
Wherein, it is described by the credible input/output interface signals of BMC judge system whether in trusted status be by
The credible input/output interfaces of BMC between BMC and MB CPLD are realized.
Wherein, server system boots up operation and is specially:Server MB CPLD send system boot signal to platform
Control unit, after the platform control unit is connected to starting-up signal, transmission timing signal to the MB CPLD, control system is pressed
Sequential normal boot-strap.
Wherein, when system is in normal operating condition, BMC detects that system is insincere, then passes through the credible input and output of BMC
Interface notification MB CPLD, power-off operation is carried out to server system.
In addition, present invention also offers one kind to be based on the credible detection means of server, described device includes:BMC、MB
CPLD and platform control unit PCH;The credible input/output interfaces of BMC are set between BMC and MB CPLD;Server MB CPLD
Starting-up signal is received, while judges whether system is in trusted status by the credible input/output interface signals of BMC, if described
BMC is in insincere state, and the MB CPLD refuse power on request;If the BMC is in trusted status, server system enters
Row power-on operation.
Wherein, server system boots up operation and is specially:Server MB CPLD send system boot signal to platform
Control unit, after the platform control unit is connected to starting-up signal, transmission timing signal to MB CPLD, control system is chronologically
Normal boot-strap.
The invention provides one kind to be based on the credible detection method and device of server, sends power on request to server, clothes
Business device MB CPLD receive starting-up signal, while judge whether system is in credible shape by the credible input/output interface signals of BMC
State, if being in insincere state, the MB CPLD refuse power on request;If being in trusted status, server system boots up
Operation.For the present invention in BMC detection service device systems in the case of believable, server system can just carry out start-up operation, from
And avoid server from starting under dangerous environment, the reliability of server system is enhanced, using software to system encryption
Cost is saved.
Brief description of the drawings
Fig. 1 is the structure drawing of device of the present invention;
Embodiment
Technical scheme in order to illustrate the embodiments of the present invention more clearly, it will use below required in embodiment
Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for ability
For the those of ordinary skill of domain, on the premise of not paying creative work, it can also be obtained according to these accompanying drawings other attached
Figure.
On the one hand, embodiments of the present invention provide one kind and are based on the credible detection method of server, and accompanying drawing 1 is the present invention
Structure drawing of device, methods described includes:
Power on request is sent to server, the server MB CPLD receive starting-up signal, while credible defeated by BMC
Enter output interface signal and judge whether system is in trusted status, if being in insincere state, the MB CPLD refusals start please
Ask;If being in trusted status, server system boots up operation.
Credible detecting system is not increased, server switching on and shutting down process is:After server receives power on request, server MB
CPLD will send system boot signal SYSTEM POWER ON and be connected to starting-up signal to platform control unit (south bridge) PCH, PCH
Afterwards, SLP S4 clock signals can be sent and give MB CPLD, and then MB CPLD control systems chronologically normal boot-strap.
After credible detecting system is increased, a credible detection GPIO can be increased between BMC and MB CPLD, for BMC
Notify the result of credible detection to MB CPLD, MB CPLD can be by BMC TRUSTED GPIO while receiving starting-up signal
(BMC is credible input/output interface) signal judges whether system is in trusted status, if BMC is in insincere state, MB
CPLD will refuse any request of starting shooting, and only be in trusted status in BMC, server system can just boot up operation.
When system normal operation, BMC detects that system is insincere, it will is notified by BMC TRUSTED GPIO
MB CPLD, while MB CPLD will carry out power-off operation to server system.
The present invention can be applied in any server product and Related product.
The invention provides one kind to be based on the credible detection method of server, sends power on request to server, server MB
CPLD receives starting-up signal, while judges whether system is in trusted status by the credible input/output interface signals of BMC, if place
In insincere state, the MB CPLD refuse power on request;If being in trusted status, server system boots up operation.This
In BMC detection service device systems in the case of believable, server system can just carry out start-up operation for invention, so as to avoid taking
Business device start under dangerous environment, enhance the reliability of server system, system encryption has been saved using software into
This.
On the other hand, embodiments of the present invention provide one kind and are based on the credible detection means of server, described device bag
Include:BMC, MB CPLD and platform control unit PCH;The credible input/output interfaces of BMC are set between BMC and MB CPLD;Clothes
Business device MB CPLD receive starting-up signal, while judge whether system is in credible shape by the credible input/output interface signals of BMC
State, if the BMC is in insincere state, the MB CPLD refuse power on request;If the BMC is in trusted status, service
Device system boots up operation.
Credible detecting system is not increased, server switching on and shutting down process is:After server receives power on request, server MB
CPLD will send system boot signal SYSTEM POWER ON and be connected to starting-up signal to platform control unit (south bridge) PCH, PCH
Afterwards, SLP S4 clock signals can be sent and give MB CPLD, and then MB CPLD control systems chronologically normal boot-strap.
After credible detecting system is increased, a credible detection GPIO can be increased between BMC and MB CPLD, for BMC
Notify the result of credible detection to MB CPLD, MB CPLD can be by BMC TRUSTED GPIO while receiving starting-up signal
(BMC is credible input/output interface) signal judges whether system is in trusted status, if BMC is in insincere state, MB
CPLD will refuse any request of starting shooting, and only be in trusted status in BMC, server system can just boot up operation.
When system normal operation, BMC detects that system is insincere, it will is notified by BMC TRUSTED GPIO
MB CPLD, while MB CPLD will carry out power-off operation to server system.
The present invention can be applied in any server product and Related product.
The invention provides one kind to be based on the credible detection means of server, including BMC, MB CPLD and platform courses list
First PCH, power on request is sent to server, server MB CPLD receive starting-up signal, while pass through the credible input and output of BMC
Interface signal judges whether system is in trusted status, if being in insincere state, the MB CPLD refuse power on request;If
In trusted status, server system boots up operation.The present invention in BMC detection service device systems in the case of believable,
Server system can just carry out start-up operation, so as to avoid server from starting under dangerous environment, enhance server
The reliability of system, cost is saved to system encryption using software.
The foregoing description of the disclosed embodiments, those skilled in the art are enable to realize or using the present invention.To this
A variety of modifications of a little embodiments will be apparent for a person skilled in the art, and generic principles defined herein can
Without departing from the spirit or scope of the present invention, to realize in other embodiments.Therefore, the present invention will not be limited
The embodiments shown herein is formed on, but meets the most wide model consistent with principles disclosed herein and features of novelty
Enclose.
Claims (6)
1. one kind is based on the credible detection method of server, it is characterised in that methods described includes:
Power on request is sent to server, the server MB CPLD receive starting-up signal, while defeated by the credible inputs of BMC
Outgoing interface signal judges whether system is in trusted status, if being in insincere state, the MB CPLD refuse power on request;
If being in trusted status, server system boots up operation.
2. according to the method for claim 1, it is characterised in that:It is described to be judged by the credible input/output interface signals of BMC
Whether system in trusted status is realized by the credible input/output interfaces of BMC between BMC and MB CPLD.
3. according to the method for claim 1, it is characterised in that:Server system boots up operation:Server
MB CPLD send system boot signal to platform control unit, after the platform control unit is connected to starting-up signal, transmission timing
Signal is to MB CPLD, control system chronologically normal boot-strap.
4. according to the method for claim 1, it is characterised in that:When system is in normal operating condition, BMC detects system
It is insincere, then MB CPLD are notified by the credible input/output interfaces of BMC, power-off operation is carried out to server system.
5. one kind is based on the credible detection means of server, it is characterised in that:Described device includes:BMC, MB CPLD and platform
Control unit PCH;The credible input/output interfaces of BMC are set between BMC and MB CPLD;
Server MB CPLD receive starting-up signal, while judge whether system is in by the credible input/output interface signals of BMC
Trusted status, if the BMC is in insincere state, the MB CPLD refuse power on request;If the BMC is in credible shape
State, server system boot up operation.
6. device according to claim 5, it is characterised in that:Server system boots up operation:Server
MB CPLD send system boot signal to platform control unit, after the platform control unit is connected to starting-up signal, transmission timing
Signal is to MB CPLD, control system chronologically normal boot-strap.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711139657.6A CN107798246A (en) | 2017-11-16 | 2017-11-16 | One kind is based on the credible detection method and device of server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711139657.6A CN107798246A (en) | 2017-11-16 | 2017-11-16 | One kind is based on the credible detection method and device of server |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107798246A true CN107798246A (en) | 2018-03-13 |
Family
ID=61535255
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711139657.6A Pending CN107798246A (en) | 2017-11-16 | 2017-11-16 | One kind is based on the credible detection method and device of server |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107798246A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108804952A (en) * | 2018-05-29 | 2018-11-13 | 郑州云海信息技术有限公司 | A kind of server start-up control device and control method |
CN109583212A (en) * | 2018-11-16 | 2019-04-05 | 郑州云海信息技术有限公司 | A kind of firmware file guard method and system based on Intel Whitley platform |
CN109670349A (en) * | 2018-12-13 | 2019-04-23 | 英业达科技有限公司 | The hardware structure of trusted computer and the credible starting method of computer |
CN110837632A (en) * | 2019-09-29 | 2020-02-25 | 深圳市火乐科技发展有限公司 | Safety detection method, intelligent projector and related product |
CN117235004A (en) * | 2023-10-10 | 2023-12-15 | 合芯科技(苏州)有限公司 | Control method and device of server, terminal equipment and readable storage medium |
-
2017
- 2017-11-16 CN CN201711139657.6A patent/CN107798246A/en active Pending
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108804952A (en) * | 2018-05-29 | 2018-11-13 | 郑州云海信息技术有限公司 | A kind of server start-up control device and control method |
CN108804952B (en) * | 2018-05-29 | 2021-06-25 | 郑州云海信息技术有限公司 | Server startup control device and control method |
CN109583212A (en) * | 2018-11-16 | 2019-04-05 | 郑州云海信息技术有限公司 | A kind of firmware file guard method and system based on Intel Whitley platform |
CN109583212B (en) * | 2018-11-16 | 2021-11-02 | 郑州云海信息技术有限公司 | Firmware file protection method and system based on Intel Whitley platform |
CN109670349A (en) * | 2018-12-13 | 2019-04-23 | 英业达科技有限公司 | The hardware structure of trusted computer and the credible starting method of computer |
CN109670349B (en) * | 2018-12-13 | 2021-10-01 | 英业达科技有限公司 | Hardware architecture of trusted computer and trusted starting method of computer |
CN110837632A (en) * | 2019-09-29 | 2020-02-25 | 深圳市火乐科技发展有限公司 | Safety detection method, intelligent projector and related product |
CN117235004A (en) * | 2023-10-10 | 2023-12-15 | 合芯科技(苏州)有限公司 | Control method and device of server, terminal equipment and readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107798246A (en) | One kind is based on the credible detection method and device of server | |
CN100504740C (en) | Remote control method, device and computer switcher | |
CN107783849B (en) | Event processing method and client | |
CN101542444B (en) | Security features in interconnect centric architectures | |
CN104657228B (en) | A kind of system exception processing method and processing device of mobile terminal | |
CN110690985A (en) | Network function virtualization architecture with device isolation | |
US20220292228A1 (en) | Alert Handling | |
CN109670319A (en) | A kind of server flash method for managing security and its system | |
CN104809400A (en) | Process protection method and device | |
CN109361542A (en) | The fault handling method of client, device, system, terminal and server | |
CN114329496A (en) | Trusted starting method of operating system and electronic equipment | |
CN106371938A (en) | Automatic intelligent delaying shutdown system and method | |
US20190289524A1 (en) | Circuit for monitoring a data processing system | |
CN104199517A (en) | Heterogeneous trusted redundant server system based on domestic processor | |
US20090228696A1 (en) | Method, system, and device for resetting network elements | |
US20170147440A1 (en) | Chip Initialization System and Method for Initializing Chip by Using Reset Pin | |
CN110069922B (en) | System interface hijacking detection method and device and terminal | |
CN105467870A (en) | Synchronous operation method and system thereof | |
CN104834845A (en) | Implementation method for credible industrial camera | |
CN104850522B (en) | A kind of signal output method and device | |
CN106856481A (en) | A kind of Network Isolation method based on lucidification disposal, system, network interface card and application | |
CN101131644A (en) | Computer system and starting method thereof | |
CN103092711A (en) | Power-off control method and system for electronic equipment and start control method and system for electronic equipment | |
CN104598789A (en) | Protection method of hot-plugging functional module device and electronic device | |
KR102290796B1 (en) | Method of automatically restarting ecu upon occurrence of lin communicatin errors |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180313 |
|
RJ01 | Rejection of invention patent application after publication |