CN109376511A - The method for improving end message safety - Google Patents
The method for improving end message safety Download PDFInfo
- Publication number
- CN109376511A CN109376511A CN201811142611.4A CN201811142611A CN109376511A CN 109376511 A CN109376511 A CN 109376511A CN 201811142611 A CN201811142611 A CN 201811142611A CN 109376511 A CN109376511 A CN 109376511A
- Authority
- CN
- China
- Prior art keywords
- password
- terminal
- state
- end message
- message safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/81—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer by operating on the power supply, e.g. enabling or disabling power-on, sleep or resume operations
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephone Function (AREA)
Abstract
The present invention relates to field of information security technology, specifically disclose a kind of method for improving end message safety, comprising: setting switches to the password of non-locking state from lock state;When the terminal is in non-S0 state, the terminal enters lock state;The terminal is under the lock state: realized by the predetermined function module in triggering BIOS: the power supply for disconnecting all mobile memory medium interfaces is supplied;Shield the key response of all non-password keys;Keep the triggering state of the predetermined function module.The present invention provides a kind of method for improving end message safety, the key response of all non-password keys is supplied and shielded to power supply by cutting off mobile memory medium interface in the locked state, and illegal user can effectively be avoided to carry out unauthorized access to the electronic information in terminal by way of WinPE.
Description
Technical field
The present invention relates to field of information security technology more particularly to a kind of methods for improving end message safety.
Background technique
Generally, when user needs to protect the electronic information in the electric terminals such as laptop, often
Take the mode that system login password is set on an operating system.It is in software that the essence of login password is arranged on an operating system
Layer realizes information protection, and software layer is to rely on operating system and existing.
If other people pass through keyboard operation after being switched on, to BIOS, (Basic Input Output System, inputs defeated substantially
System out, abbreviation BIOS.BIOS is the first software loaded when PC starting.) be configured, then change starts road
Diameter, then modes are started etc. by USB flash disk and enters WinPE (Windows Preinstallation Environment, Windows is pre-
Installation environment is the minimum Win32 subsystem with limited service, based on the Windows XP run with protected mode
Professional and the above kernel.Windows PE is Windows the or Windows Server of simplified version, be placed on it is a piece of can
There is the graphical interfaces of Windows when being activation in the CD or DVD disc directly activated, feature), so that it may it is close to skip input login
The step of code, directly access the file being stored in hard disk.
Therefore, it is necessary to a kind of methods for improving end message safety, effectively can avoid illegal user by way of WinPE
Unauthorized access is carried out to the electronic information in terminal.
Summary of the invention
It is an advantage of the invention to provide a kind of methods for improving end message safety, can effectively avoid illegally using
Family carries out unauthorized access to the electronic information in terminal by way of WinPE.
To achieve these objectives, the present invention provides a kind of method for improving end message safety, comprising:
The password that non-locking state is switched to from lock state is set;
When the terminal is in non-S0 state, the terminal enters lock state;The terminal is in the lock state
Under:
It is realized by the predetermined function module in triggering BIOS:
Disconnect the power supply supply of all mobile memory medium interfaces;
Shield the key response of all non-password keys;
Keep the triggering state of the predetermined function module.
Preferably, further includes:
After the terminal switches to non-locking state from lock state by password authentification, in the non-locking state
Under, the terminal is realized by the way that the predetermined function module is switched to non-toggle state:
Restore the power supply supply of all mobile memory medium interfaces;
Restore the key response of all non-password keys.
Preferably, described when the terminal is in non-S0 state, before the step of terminal enters lock state, also
Include:
Into protected mode.
Preferably, after described the step of entering protected mode, further includes:
Exit the protected mode.
Preferably, described the step of exiting the protected mode specifically:
The password is inputted under non-locking state exits the protected mode after password authentification success.
Preferably, the step of power supply supply for disconnecting all mobile memory medium interfaces specifically:
Make the GPIO port for connecting the power control terminal of SoC chip and USB interface and connection SoC chip and CD-ROM driver interface
The GPIO port of power control terminal export low level signal.
Preferably, the step of power supply supply for restoring all mobile memory medium interfaces specifically:
Make the GPIO port for connecting the power control terminal of SoC chip and USB interface and connection SoC chip and CD-ROM driver interface
The GPIO port of power control terminal export high level signal.
Preferably, when the terminal is in the lock state:
The Password Input frame of the terminal does not show press key contents.
Preferably, the step of Password Input frame of the terminal does not show press key contents include:
When non-password key is pressed, Password Input frame not display button information;
When password key is pressed, Password Input frame not display button information;
When the password mistake of input, Password Input frame not display reminding information;
When the password of input is correct, Password Input frame does not show encrypted message and automatically switches to non-locking state.
Preferably, it before the step of setting switches to the password of non-locking state from lock state, also wraps
It includes: will be in the BIOS of predetermined function module implantation terminal.
The beneficial effects of the present invention are: a kind of method for improving end message safety is provided, by the locked state
The key response of all non-password keys is supplied and shielded to the power supply of cutting mobile memory medium interface, can effectively avoid illegally using
Family carries out unauthorized access to the electronic information in terminal by way of WinPE.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention without any creative labor, may be used also for those of ordinary skill in the art
To obtain other attached drawings according to these attached drawings.
Fig. 1 is the flow chart of the method provided in an embodiment of the present invention for improving end message safety.
Specific embodiment
To enable the purpose of the present invention, feature, advantage more obvious and understandable, implement below in conjunction with the present invention
Attached drawing in example, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that reality disclosed below
Applying example is only a part of the embodiment of the present invention, and not all embodiment.Based on the embodiments of the present invention, this field is common
Technical staff's all other embodiment obtained without making creative work belongs to the model that the present invention protects
It encloses.
In the description of the present invention, it is to be understood that, when a component is considered as " connection " another component, it can
To be directly to another component or may be simultaneously present the component being centrally located.When a component is considered as " setting
Set " another component, it, which can be, is set up directly on another component or may be simultaneously present the component being centrally located.
In addition, the indicating positions such as term " length " " short " "inner" "outside" or positional relationship for the orientation that is shown based on attached drawing or
Person's positional relationship is merely for convenience of the description present invention, rather than the device or original part of indication or suggestion meaning must have this
Specific orientation is operated with specific orientation construction, should not be understood as limitation of the invention with this.
To further illustrate the technical scheme of the present invention below with reference to the accompanying drawings and specific embodiments.
As shown in Figure 1, the present embodiment provides it is a kind of improve end message safety method, can be adapted for tablet computer,
The electric terminals such as desktop computer and notebook.Improve end message safety method the following steps are included:
S10: will be in the BIOS of predetermined function module implantation terminal.
Specifically, predetermined function module includes following functions instruction: the power supply for disconnecting all mobile memory medium interfaces supplies
Answer and shield the key response of all non-password keys.
S20: setting switches to the password of non-locking state from lock state.
Specifically, which can be letter, number, punctuation mark or the combination of three.
S30: enter protected mode.
Specifically, there are lock states and non-locking state two states for the terminal under protected mode, when terminal is in lock
When determining state, non-locking state can be switched to by way of inputting password.
S301: when the terminal is in non-S0 state, the terminal enters lock state.
Specifically, ACPI (Advanced Configuration and Power Interface, advanced configuration and power supply
Interface, abbreviation ACPI, is formulated jointly by Intel, Microsoft, Toshiba and provides operating system application program pipe for 1997
Manage all power-management interfaces) power management has 6 states:
S0: host normal operating conditions;
S1:CPU stops working, wakeup time are as follows: 0s;
S2:CPU is closed, wakeup time are as follows: 0.1s;
S3: other all components all stop working other than memory in host, wakeup time are as follows: 0.5s;
S4: the information in memory is written in hard disk by host, closes all components, wakeup time later are as follows: 30s;
S5: shutdown.
Further, the terminal executes following operation automatically under the lock state: by pre- in triggering BIOS
Determine Implement of Function Module:
(1) the power supply supply of all mobile memory medium interfaces is disconnected;Preferably, connection SoC chip can be made to connect with USB
Mouthful power control terminal GPIO (General Purpose Input Output, universal input/output, referred to as GPIO, or
Bus extender, each GPIO port can be each configured to by software input or export) port and connection SoC chip (SoC
Chip is a kind of chip of integrated circuit, and SoC is referred to as system level chip or system on chip, it is intended that it is a product, is
One has the integrated circuit of application-specific target, wherein including holonomic system and the full content for having embedded software) and CD-ROM driver interface
The GPIO port of power control terminal exports low level signal, when GPIO port export low level signal when, power control terminal without
Power input, mobile memory medium interface are not just available.Preferably, mobile memory medium interface includes USB flash disk interface, moves firmly
Disk interface, floppy disk interface, CD interface and memory card interface etc..
(2) key response of all non-password keys is shielded;Preferably, when the button is pressed, the judgement of control program is worked as
It is preceding whether to be in the lock state, if so, the key request of remaining all keyboard outside password key is intercepted, not to
Higher level reports, and keeps the triggering state of the predetermined function module.
S302: correct password is inputted by unblocked password key in the locked state, terminal is just from locking shape
State is converted to non-locking state.
Further, when the terminal is in the lock state: the Password Input frame of the terminal not to press key contents into
Row display.Preferably:
When non-password key is pressed, Password Input frame not display button information;
When password key is pressed, Password Input frame not display button information;
When the password mistake of input, Password Input frame not display reminding information
When the password of input is correct, Password Input frame does not show encrypted message and automatically switches to non-locking state.
Specifically, press key contents are not shown, is that password key is identified in order to prevent, once password key
A possibility that being identified, the method for exhaustion is used to carry out Brute Force just greatly increases.After inputting password, terminal turns from lock state
Non-locking state is shifted to, meanwhile, terminal enters S0 state from non-S0 state.
Preferably due to terminal will automatically switch to non-locking state and enter S0 state when the password of input is correct,
So in order to avoid being strayed into system caused by accidentalia, the number of characters that password is preferably limited in setting code is no less than 4
It is a, and password cannot be several characters being directly arranged successively according to key position such as " QWERTY ".
S303: after the terminal switches to non-locking state from lock state by password authentification, described non-locking
Under state, the terminal is realized by the way that the predetermined function module is switched to non-toggle state:
(1) restore the power supply supply of all mobile memory medium interfaces;Correspondingly, connection SoC chip can be made to connect with USB
The GPIO port of the power control terminal of the GPIO port and connection SoC chip and CD-ROM driver interface of the power control terminal of mouth exports
High level signal, when GPIO port exports high level signal, power control terminal has power input, and mobile memory medium interface is just
It can be used normally.
(2) restore the key response of all non-password keys.Preferably, when the button is pressed, the judgement of control program is worked as
It is preceding whether to be in the lock state, if it is not, the key request of all keyboards is then no longer intercepted, all key requests are upward
Grade reports.
S40: protected mode is exited.
Preferably, password is inputted under non-locking state exits the protected mode after password authentification success.
Specifically, in order to avoid other users close protected mode under non-locking state, so the closing of protected mode
Take the mode of password authentification.After exiting protected mode, predetermined function module is disabled.Predetermined function module nothing under disabled status
Method is triggered.When terminal is again introduced into protected mode, then the disabled status of predetermined function module is released.
It is illustrated below with specific embodiment:
(1) after being switched on, running protection software, protection software, which is implanted into have in BIOS, " disconnects all mobile memory mediums
The predetermined function module of the power supply supply of interface and the key response for shielding all non-password keys " instruction;
(2) pass through the setting window setting code of protection software;
(3) " starting protection mode " button is clicked on protection software or by shortcut key (such as CTRL+ALT+X
Deng) enter protected mode;
(4) this S0 state is exited by instructions such as " cancellations ", " restarting " or " shutdown ";
(5) when being switched on again, after opening power supply, terminal is in the lock state under non-S0 state, predetermined function module
Instruction be triggered, remove the correct password of non-input, otherwise USB interface, CD-ROM driver interface and non-password key cannot use;
(6) after inputting correct password, terminal switches to non-locking state and enters S0 state, while predetermined function module
Instruction switch to non-toggle state, the power supply supply of all mobile memory medium interfaces and the key of all non-password keys are rung
It should be resumed that (once exiting this non-locking state, predetermined function module, which will come back to, " disconnects all mobile memory mediums
The triggering state of the power supply supply of interface and the key response for shielding all non-password keys ");
(7) after entering S0 state, under this non-locking state, protection software is opened, " exiting protected mode " button is clicked
Or Password Input frame is waken up by shortcut key (such as CTRL+ALT+X etc.), after inputting password, then it can exit protected mode.
When exiting protected mode, predetermined function module is switched to disabled status, and the power supply for restoring all mobile memory medium interfaces supplies
Should with restore the key response of all non-password keys, until being again introduced into protected mode.Once exiting protected mode, S0 is exited
After state, non-password key, mobile memory medium interface are no longer restricted.
The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although with reference to the foregoing embodiments
Invention is explained in detail, those skilled in the art should understand that: it still can be to aforementioned each implementation
Technical solution documented by example is modified or equivalent replacement of some of the technical features;And these modification or
Replacement, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution.
Claims (10)
1. a kind of method for improving end message safety characterized by comprising
The password that non-locking state is switched to from lock state is set;
When the terminal is in non-S0 state, the terminal enters lock state;The terminal is led under the lock state
The predetermined function module crossed in triggering BIOS is realized:
Disconnect the power supply supply of all mobile memory medium interfaces;
Shield the key response of all non-password keys.
2. the method according to claim 1 for improving end message safety, which is characterized in that further include:
After the terminal switches to non-locking state from lock state by password authentification, under the non-locking state, institute
Terminal is stated to realize by the way that the predetermined function module is switched to non-toggle state:
Restore the power supply supply of all mobile memory medium interfaces;
Restore the key response of all non-password keys.
3. the method according to claim 1 or 2 for improving end message safety, which is characterized in that described to work as the terminal
When in non-S0 state, before the step of terminal enters lock state, further includes:
Into protected mode.
4. the method according to claim 3 for improving end message safety, which is characterized in that described into protected mode
After step, further includes:
Exit the protected mode.
5. the method according to claim 4 for improving end message safety, which is characterized in that described to exit the protection mould
The step of formula specifically:
The password is inputted under non-locking state exits the protected mode after password authentification success.
6. the method according to claim 2 for improving end message safety, which is characterized in that all movements of disconnection are deposited
The step of power supply supply of storage media interface specifically:
The electricity for making the GPIO port for connecting the power control terminal of SoC chip and USB interface and connecting SoC chip and CD-ROM driver interface
The GPIO port of source control terminal exports low level signal.
7. the method according to claim 6 for improving end message safety, which is characterized in that all movements of recovery are deposited
The step of power supply supply of storage media interface specifically:
The electricity for making the GPIO port for connecting the power control terminal of SoC chip and USB interface and connecting SoC chip and CD-ROM driver interface
The GPIO port of source control terminal exports high level signal.
8. the method according to claim 1 for improving end message safety, which is characterized in that when the terminal is in locking
When state:
The Password Input frame of the terminal does not show press key contents.
9. the method according to claim 8 for improving end message safety, which is characterized in that the Password Input of the terminal
The step of frame does not show press key contents include:
When non-password key is pressed, Password Input frame not display button information;
When password key is pressed, Password Input frame not display button information;
When the password mistake of input, Password Input frame not display reminding information;
When the password of input is correct, Password Input frame does not show encrypted message and automatically switches to non-locking state.
10. the method according to claim 1 for improving end message safety, which is characterized in that described to be arranged from locking shape
State switched to before the step of password of non-locking state, further includes:
It will be in the BIOS of predetermined function module implantation terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811142611.4A CN109376511A (en) | 2018-09-28 | 2018-09-28 | The method for improving end message safety |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811142611.4A CN109376511A (en) | 2018-09-28 | 2018-09-28 | The method for improving end message safety |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109376511A true CN109376511A (en) | 2019-02-22 |
Family
ID=65402388
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811142611.4A Pending CN109376511A (en) | 2018-09-28 | 2018-09-28 | The method for improving end message safety |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109376511A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111062063A (en) * | 2019-12-13 | 2020-04-24 | 济南大学 | System and method for controlling access of mobile storage equipment based on power supply strategy |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1991661A (en) * | 2005-12-30 | 2007-07-04 | 联想(北京)有限公司 | Method for controlling computer input apparatus |
| CN102314212A (en) * | 2010-07-09 | 2012-01-11 | 联想(北京)有限公司 | Control method, control device and terminal |
| CN103425944A (en) * | 2013-07-16 | 2013-12-04 | 深圳市文鼎创数据科技有限公司 | Information safety input method and information safety device |
| US20170046510A1 (en) * | 2015-08-14 | 2017-02-16 | Qualcomm Incorporated | Methods and Systems of Building Classifier Models in Computing Devices |
-
2018
- 2018-09-28 CN CN201811142611.4A patent/CN109376511A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1991661A (en) * | 2005-12-30 | 2007-07-04 | 联想(北京)有限公司 | Method for controlling computer input apparatus |
| CN102314212A (en) * | 2010-07-09 | 2012-01-11 | 联想(北京)有限公司 | Control method, control device and terminal |
| CN103425944A (en) * | 2013-07-16 | 2013-12-04 | 深圳市文鼎创数据科技有限公司 | Information safety input method and information safety device |
| US20170046510A1 (en) * | 2015-08-14 | 2017-02-16 | Qualcomm Incorporated | Methods and Systems of Building Classifier Models in Computing Devices |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111062063A (en) * | 2019-12-13 | 2020-04-24 | 济南大学 | System and method for controlling access of mobile storage equipment based on power supply strategy |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR100310093B1 (en) | Security method of personal computer using password | |
| US5748888A (en) | Method and apparatus for providing secure and private keyboard communications in computer systems | |
| US7624279B2 (en) | System and method for secure O.S. boot from password-protected HDD | |
| CN101675417B (en) | The system and method for anti-tamper control | |
| CN103207975A (en) | Method for protecting password and computer | |
| US8364138B2 (en) | Remote locking arrangements for electronic devices | |
| US6823463B1 (en) | Method for providing security to a computer on a computer network | |
| CN101535957A (en) | System and method for sharing atrusted platform module | |
| CN101464933B (en) | BIOS write protection method and system | |
| CN101772761A (en) | Electronic device interface control system | |
| US9400896B2 (en) | Portable computer and security operating method thereof | |
| KR101133471B1 (en) | Dual port lan card and computer device capable of supporting dual network | |
| CN109376511A (en) | The method for improving end message safety | |
| US20210117108A1 (en) | Method and portable storage device with internal controller that can self-verify the device and self-convert the device from current mode to renewed mode without communicating with host | |
| US20110131662A1 (en) | Information processor and lock setting method | |
| CN1243312C (en) | Embedded safety module and its safety protection method | |
| US20130132738A1 (en) | Externally Powered System Access | |
| US6948075B2 (en) | Computer controlling method, information apparatus, computer, and storage medium | |
| US6718381B1 (en) | Removal notification for a computer system | |
| CN103970253A (en) | Power-saving operation method and electronic device | |
| US20070088796A1 (en) | System and method for managing console redirection at a remote information handling system | |
| JPH11345205A (en) | Computer system and its wake-up controlling method | |
| JP2005346172A (en) | Computer, method for preventing removal of removable device, and program | |
| TWI473027B (en) | Computer system, integrated chip, super io module and control method of the computer system | |
| US8702812B2 (en) | Remote disablement of a computer system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190222 |