CN109614799A - A kind of information weight mirror method - Google Patents
A kind of information weight mirror method Download PDFInfo
- Publication number
- CN109614799A CN109614799A CN201811435729.6A CN201811435729A CN109614799A CN 109614799 A CN109614799 A CN 109614799A CN 201811435729 A CN201811435729 A CN 201811435729A CN 109614799 A CN109614799 A CN 109614799A
- Authority
- CN
- China
- Prior art keywords
- hard disk
- credible
- tpcm
- information
- credible hard
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of information weight mirror methods, user identity authentication can be completed in the startup stage of credible hard disk, to the behavior for avoiding the computer equipment stolen and generation information is tampered, and it can use biological information to carry out safety certification to TPCM and carry out safety certification in the startup stage of BIOS, start method to provide comprehensive computer system security for user, to greatly promote the safety of computer system.
Description
Technical field
The present invention relates to computer safety fields, and in particular to a kind of information weight mirror method.
Background technique
With the high speed development of reliable computing technology, by business, the welcome of society, research institution, individual, but information
Safety faces more and more security threats.Information security issue has become the bottle that credible calculating platform is really realized at present
Neck, information security technology guarantee the safe operation of system by the mode that strong cryptographic algorithm and key combine, still
The mechanism of this pure software is not perfectly safe, and many users misoperation in management and use can lead to sensitive data
Leakage, steal, distort and destroy.In addition, the crypto-operation of pure software will consume a large amount of computer resource and time, so that
The crypto-operation of pure software is not able to satisfy the demand of information security.
Credible 3.0 for improving the safety of system entirety, and main thought is drawn on existing device hardware platform
Enter credible platform module TPM (Trusted Platform Module), provides crypto-operation by the module and realize credible draw
It leads, the functions such as proof of identification and data protection, to guarantee system for computer safety.What it is in TPCM is that peace is realized on computer
The functions such as full starting, identity identification, data encryption, can solve the safety problem of computer system.
Summary of the invention
The invention proposes a kind of information weight mirror methods, are suitable for carrying out safety certification and existing skill to computer system
Safety certifying method in art is compared, and the safety of computer system can be greatly promoted.
A kind of information weight mirror method proposed by the present invention characterized by comprising
Step 1: system electrification starting, TPCM carry out active safety measurement to computer system, enter if if measuring
Step 2,3 are otherwise entered step;
Step 2: increasing dialog boxes for login in OPROM, realize that personnel identity is recognized in OPROM in credible hard disk starting
Card;
Step 3: reporting exception information, forbid the computer system starting.
Preferably, the step 2 includes:
Increase the setting of " Administrator password " field in TPCM configuration item in OPROM, to manage
Personnel can realize the user identity authentication of credible hard disk startup stage by configuring the configuration item.
Preferably, before the step 1 further include:
It is identified by identity of the biometric apparatus to operator, using TPCM to computer if being identified by
System carries out active safety measurement, otherwise reports exception information and quiescing personnel operate the TPCM.
Preferably, it is described by identity of the biometric apparatus to operator carry out identification include:
It is connected by external biological identification device with the TPCM, after TPCM electrifying startup completion, is formally opened
Before opening active safety metric function, prompt operator's typing biological information to carry out safety verification.
Preferably, the biological information includes combination one or more in following biological information:
Finger print information, sclera information and face information.
Preferably, between the step 1 and step 2 further include:
The TPCM configuration item in BIOS is changed, realizes the user identity authentication of BIOS startup stage, if certification passes through, is counted
Calculation machine system normally starts, and otherwise enters and reports exception information.
Preferably, the TPCM configuration item in the change BIOS:
Including increasing " Administrator password " in the TPCM configuration item in BIOS.
The invention also provides a kind of credible control methods based on credible hard disk, which is characterized in that the described method includes:
Step 1. powers on credible hard disk, using the TPCM module being embedded on the hard disk chip in credible hard disk to where it
Other hardware are measured in system, if the measurement results of other hardware be it is normal, enter step 2, if it is described other
The measurement results of hardware are exception, then alarm;
Step 2. powers on other described hardware, after system where starting the credible hard disk, to the credible hard disk institute
Software is measured in systems, if the measurement results of the software be it is normal, 3 are entered step, if the measurement of the software
As a result it is exception, then alarms;
System operates normally where credible hard disk described in step 3., and system is to described credible hard where the credible hard disk
Disk carries out read/write operation, described credible to being buffered in using the TPCM module being embedded on the hard disk chip in the credible hard disk
Hard disk the credible hard disk in systems need the data of read/write to carry out that the credible hard disk is needed read/write after solving/encrypting
Data read/write is to the credible hard disk.
Preferably, other hardware include: BMC chip and BIOS chip in systems for the credible hard disk institute;
Software includes: MBR, OS LOADER and OS KERNEL in systems for the credible hard disk institute.
Preferably, the TPCM module being embedded on the hard disk chip using in the credible hard disk to be buffered in it is described can
Letter hard disk the credible hard disk in systems need the data of read/write solve/encrypt, comprising:
System where the credible hard disk calls the TCM for the TPCM module being embedded on the hard disk chip in the credible hard disk
Module solution/encryption be buffered in the credible hard disk the credible hard disk in systems need the data of read/write.
Preferably, the credible hard disk is IDE hard disk, PIDE hard disk, SCSI hard disk, SATA hard disc, SAS hard disk or SSD
Hard disk.
Preferably, the credible hard disk supports M.2 interface, SAS interface, SATA interface and/or M.P interface.
Preferably, it is described alarm include: light indicator light, the alarm that pipes, printing interface prompt print error message or
Shutdown.
Information weight mirror method in the present invention can complete user identity authentication in the startup stage of credible hard disk, to avoid
The computer equipment is stolen and the behavior that information is tampered occurs, and can use biological information and pacify to TPCM
It is complete to authenticate and carry out safety certification in the startup stage of BIOS, it is opened to provide comprehensive computer system security for user
Dynamic method, to greatly promote the safety of computer system.
Detailed description of the invention
Present invention will be further explained below with reference to the attached drawings and examples, in attached drawing:
Fig. 1 is a kind of flow chart of information weight mirror method in the embodiment of the present invention one;
Fig. 2 is a kind of flow chart of information weight mirror method in the embodiment of the present invention two;
Fig. 3 is a kind of flow chart of information weight mirror method in the embodiment of the present invention three.
Specific embodiment
Now in conjunction with attached drawing, elaborate to presently preferred embodiments of the present invention.
A kind of information weight mirror method of the present invention is applied among computer system, and the computer system has master
The function of dynamic security measure, the active safety metric function by increase in the computer system TPCM safety chip come
It realizes.
Wherein, to each Main firmware of computer system during the TPCM is used to electrically activate on the computer systems
And component part carries out active safety measurement, the Main firmware and component part include BIOS/firmware, BMC firmware and refer to
Determine fdisk etc., if active measurement results be it is normal, allow computer system normally to start, otherwise forbid the computer
System normally starts.
Embodiment one
Based on above-mentioned computer system, the present embodiment proposes a kind of information weight mirror method, and flow chart is as shown in Figure 1, institute
The method of stating includes the following steps:
Step 1: after system electrification starting, being identified by identity of the biometric apparatus to operator, if identification
By then entering step 2,3 are otherwise entered step.
Specifically, the active safety measurement in order to realize computer system, needs the Schilling before starting computer system
The TPCM safety chip electrifying startup.
Specifically, passing through the biologies such as circumscribed USB key, fingerprint acquisition instrument in order to avoid the TPCM is usurped and distorted by people
Identification device is connected with the TPCM, after TPCM electrifying startup completion, it is formal open active safety metric function it
Before, prompt operator's typing biological information to carry out safety verification.
Preferably, the biological information includes finger print information, sclera information and face information etc..
Step 2: the TPCM formally enters working condition, carries out active safety measurement to the computer system.
Specifically, the content of active safety measurement include to BIOS/firmware, BMC firmware and specified fdisk etc. into
Row completeness check.
Step 3: reporting exception information, quiescing personnel operate the TPCM.
Specifically, proving that the computer system has stolen and information if the authentication of operator fails
The risk distorted, in this case, computer system enter lock state from TPCM described in the command of execution, and control under the TPCM
Electricity.
Safety certifying method in the present embodiment utilizes the biological information pair of operator in computer system starting
TPCM safety chip is authenticated, and carries out active safety degree to the computer system using the TPCM if if authenticating
Amount, otherwise quiescing personnel operate the TPCM safety chip, through this embodiment in safety certifying method can guarantee behaviour
Making personnel all is certification user, distorts so as to avoid TPCM is stolen with information, improves the safety of computer system.
Embodiment two
The present embodiment is based on embodiment one and proposes another information weight mirror method, and flow chart is as shown in Fig. 2, the side
Method includes:
Step 1: system electrification starting carries out active safety measurement to computer system using TPCM, if measurement passes through
2 are entered step, otherwise enters step 3.
Specifically, the content of the active safety measurement is as previously mentioned, details are not described herein.
Step 2: the TPCM configuration item in change BIOS realizes the user identity authentication of BIOS startup stage, if certification is logical
It crosses, then computer system normally starts, and otherwise enters step 3.
Specifically, the TPCM configuration item in the change BIOS, including increasing in the TPCM configuration item in BIOS
" Administrator password ", so that administrative staff can realize the use of BIOS startup stage by configuring the configuration item
Family authentication.
Step 3: reporting exception information, forbid the computer system starting.
Specifically, proving that the computer system has stolen and information if the authentication of operator fails
The risk distorted, in this case, computer system enter lock state from TPCM described in the command of execution, and control under the TPCM
Electricity.
Preferably, the method in the present embodiment can be combined with the method in embodiment one, so that obtaining one kind can be same
When to TPCM carry out biometric information authentication and the BIOS stage carry out user identity safety certification method, wherein it is described
The process that the BIOS stage carries out user identity authentication is located at after the process for carrying out biometric information authentication to TPCM.
Safety certifying method in the present embodiment in BIOS by increasing the configuration item about TPCM, to realize
BIOS startup stage carry out user identity authentication, through this embodiment in safety certifying method, can avoid the department of computer science
System is stolen and progress information is distorted, to promote the safety of the computer system.
Embodiment three
The present embodiment based on the above embodiment one and embodiment two in safety certifying method propose another information
Weigh mirror method, it is preferred that the process of safety certifying method can individually be implemented in the present embodiment, can also be with above-described embodiment one and reality
The method flow applied in example two combines, and flow chart is as shown in figure 3, the safety certifying method in the present embodiment includes:
Step 1: system electrification starting, TPCM carry out active safety measurement to computer system, enter if if measuring
Step 2,3 are otherwise entered step.
Step 2: increasing dialog boxes for login in OPROM, realize that personnel identity is recognized in OPROM in credible hard disk starting
Card.
Specifically, increase the setting of " Administrator password " field in TPCM configuration item in OPROM, from
And administrative staff can realize the user identity authentication of credible hard disk startup stage by configuring the configuration item.
Step 3: reporting exception information, forbid the computer system starting.
Specifically, proving that the computer system has stolen and information if the authentication of operator fails
The risk distorted, in this case, computer system enter lock state from TPCM described in the command of execution, and control under the TPCM
Electricity.
Preferably, TPCM can be used using biometric information according to the method in embodiment one before step 1
Family authentication can complete user identity in BIOS startup stage according to the method in embodiment two between step 1 and step 2
Certification.
The technical solution of the present embodiment can complete user identity authentication in the startup stage of credible hard disk, to avoid described
Computer equipment is stolen and the behavior that information is tampered occurs, and the present embodiment can be with embodiment one and embodiment two-phase
In conjunction with so that comprehensive computer system security authentication method is provided for user, to greatly promote computer system
Safety.
Example IV
The invention also provides a kind of credible control methods based on credible hard disk, which is characterized in that the described method includes:
Step 1. powers on credible hard disk, using the TPCM module being embedded on the hard disk chip in credible hard disk to where it
Other hardware are measured in system, if the measurement results of other hardware be it is normal, enter step 2, if it is described other
The measurement results of hardware are exception, then alarm;
Step 2. powers on other described hardware, after system where starting the credible hard disk, to the credible hard disk institute
Software is measured in systems, if the measurement results of the software be it is normal, 3 are entered step, if the measurement of the software
As a result it is exception, then alarms;
System operates normally where credible hard disk described in step 3., and system is to described credible hard where the credible hard disk
Disk carries out read/write operation, described credible to being buffered in using the TPCM module being embedded on the hard disk chip in the credible hard disk
Hard disk the credible hard disk in systems need the data of read/write to carry out that the credible hard disk is needed read/write after solving/encrypting
Data read/write is to the credible hard disk.
Preferably, other hardware include: BMC chip and BIOS chip in systems for the credible hard disk institute;
Software includes: MBR, OS LOADER and OS KERNEL in systems for the credible hard disk institute.
Preferably, the TPCM module being embedded on the hard disk chip using in the credible hard disk to be buffered in it is described can
Letter hard disk the credible hard disk in systems need the data of read/write solve/encrypt, comprising:
System where the credible hard disk calls the TCM for the TPCM module being embedded on the hard disk chip in the credible hard disk
Module solution/encryption be buffered in the credible hard disk the credible hard disk in systems need the data of read/write.
Preferably, IDE hard disk, PIDE hard disk, SCSI hard disk, SATA hard disc, SAS hard disk can be selected in the credible hard disk
And/or SSD hard disk.
Preferably, the credible hard disk supports M.2 interface, SAS interface, SATA interface and/or M.P interface.
Preferably, it is described alarm include: light indicator light, the alarm that pipes, printing interface prompt print error message or
Shutdown.
Technical solution in through this embodiment can use the TPCM module in insertion credible hard disk to other in system
Hardware and credible hard disk software in systems measured, and the mistake that the system where credible hard disk operates normally
Cheng Zhong can use credible read-write of the TPCM module control data of insertion credible hard disk into credible hard disk.
In several embodiments provided by the present invention, it should be understood that disclosed method and terminal can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the module, only
Only a kind of logical function partition, there may be another division manner in actual implementation.
In addition, the technical solution in above-mentioned several embodiments can be combined with each other and replace in the case where not conflicting
It changes.
The module as illustrated by the separation member may or may not be physically separated, aobvious as module
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.Some or all of the modules therein can be selected to realize the mesh of this embodiment scheme according to the actual needs
's.
It, can also be in addition, each functional module in each embodiment of the present invention can integrate in one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of hardware adds software function module.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie
In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter
From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power
Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims
Variation is included in the present invention.Any attached associated diagram label in claim should not be considered as right involved in limitation to want
It asks.Furthermore, it is to be understood that one word of " comprising " does not exclude other units or steps, odd number is not excluded for plural number.It is stated in system claims
Multiple modules or device can also be implemented through software or hardware by a module or device.The first, the second equal words
It is used to indicate names, and does not indicate any particular order.
Finally it should be noted that the above examples are only used to illustrate the technical scheme of the present invention and are not limiting, although reference
Preferred embodiment describes the invention in detail, those skilled in the art should understand that, it can be to of the invention
Technical solution is modified or equivalent replacement, without departing from the spirit and scope of the technical solution of the present invention.
Claims (13)
- A kind of method 1. information weight is reflected characterized by comprisingStep 1: system electrification starting, TPCM carry out active safety measurement to computer system, enter step if if measuring 2, otherwise enter step 3;Step 2: increasing dialog boxes for login in OPROM, realize personnel identity certification in OPROM in credible hard disk starting;Step 3: reporting exception information, forbid the computer system starting.
- 2. a kind of information weight is reflected method as described in claim 1, which is characterized in that the step 2 includes:Increase the setting of " Administrator password " field in TPCM configuration item in OPROM, thus administrative staff The user identity authentication of credible hard disk startup stage can be realized by configuring the configuration item.
- 3. a kind of information weight mirror method as described in claim 1, which is characterized in that before the step 1 further include:It is identified by identity of the biometric apparatus to operator, using TPCM to computer system if being identified by Active safety measurement is carried out, exception information is otherwise reported and quiescing personnel operates the TPCM.
- 4. a kind of information weight is reflected method as described in claim 3, which is characterized in that it is described by biometric apparatus to behaviour The identity for making personnel carries out identification and includes:It is connected by external biological identification device with the TPCM, after TPCM electrifying startup completion, formal unlatching master Before dynamic security measure function, prompt operator's typing biological information to carry out safety verification.
- 5. a kind of information weight mirror method as described in claim 4, which is characterized in that the biological information includes following biology One or more combination in information:Finger print information, sclera information and face information.
- The method 6. a kind of information weight as described in claim 1 is reflected, which is characterized in that also wrapped between the step 1 and step 2 It includes:The TPCM configuration item in BIOS is changed, realizes the user identity authentication of BIOS startup stage, if certification passes through, computer System normally starts, and otherwise enters and reports exception information.
- The method 7. a kind of information weight as claimed in claim 6 is reflected, which is characterized in that the TPCM configuration in the change BIOS :Including increasing " Administrator password " in the TPCM configuration item in BIOS.
- 8. a kind of credible control method based on credible hard disk, which is characterized in that the described method includes:Step 1. powers on credible hard disk, using the TPCM module being embedded on the hard disk chip in credible hard disk to system where it In other hardware measured, if the measurement results of other hardware be it is normal, 2 are entered step, if other described hardware Measurement results be it is abnormal, then alarm;Step 2. powers on other described hardware, after system where starting the credible hard disk, to system where the credible hard disk Software is measured in system, if the measurement results of the software be it is normal, 3 are entered step, if the measurement results of the software For exception, then alarm;System where credible hard disk described in step 3. operates normally, where the credible hard disk system to the credible hard disk into Row read/write operation, using the TPCM module being embedded on the hard disk chip in the credible hard disk to being buffered in the credible hard disk The credible hard disk in systems need the data of read/write to carry out the data that the credible hard disk is needed to read/write after solving/encrypting Read/write is to the credible hard disk.
- 9. method according to claim 8, which is characterized in that other hardware include: BMC in systems for the credible hard disk institute Chip and BIOS chip;Software includes: MBR, OS LOADER and OS KERNEL in systems for the credible hard disk institute.
- 10. method according to claim 8, which is characterized in that embedding on the hard disk chip using in the credible hard disk The TPCM module entered to be buffered in the credible hard disk the credible hard disk in systems need the data of read/write solve/ Encryption, comprising:System where the credible hard disk calls the TCM module for the TPCM module being embedded on the hard disk chip in the credible hard disk Solution/encryption be buffered in the credible hard disk the credible hard disk in systems need the data of read/write.
- 11. method according to claim 8, which is characterized in that the credible hard disk is IDE hard disk, PIDE hard disk, SCSI hard Disk, SATA hard disc, SAS hard disk or SSD hard disk.
- 12. method as claimed in claim 11, which is characterized in that the credible hard disk supports M.2 interface, SAS interface, SATA Interface and/or M.P interface.
- 13. method according to claim 8, which is characterized in that the alarm includes: to light indicator light, the alarm that pipes, beat Print interface prompt print error message or shutdown.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811435729.6A CN109614799B (en) | 2018-11-28 | 2018-11-28 | Information authentication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811435729.6A CN109614799B (en) | 2018-11-28 | 2018-11-28 | Information authentication method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109614799A true CN109614799A (en) | 2019-04-12 |
CN109614799B CN109614799B (en) | 2021-03-16 |
Family
ID=66005311
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811435729.6A Active CN109614799B (en) | 2018-11-28 | 2018-11-28 | Information authentication method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109614799B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110933057A (en) * | 2019-11-21 | 2020-03-27 | 深圳渊联技术有限公司 | Internet of things security terminal and security control method thereof |
CN111858114A (en) * | 2019-04-30 | 2020-10-30 | 阿里巴巴集团控股有限公司 | Equipment start exception handling method, device start control method, device and system |
US11281781B2 (en) | 2018-08-29 | 2022-03-22 | Alibaba Group Holding Limited | Key processing methods and apparatuses, storage media, and processors |
US11349651B2 (en) | 2018-08-02 | 2022-05-31 | Alibaba Group Holding Limited | Measurement processing of high-speed cryptographic operation |
US11347857B2 (en) | 2018-07-02 | 2022-05-31 | Alibaba Group Holding Limited | Key and certificate distribution method, identity information processing method, device, and medium |
US11379586B2 (en) | 2018-08-02 | 2022-07-05 | Alibaba Group Holding Limited | Measurement methods, devices and systems based on trusted high-speed encryption card |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101515316A (en) * | 2008-02-19 | 2009-08-26 | 北京工业大学 | Trusted computing terminal and trusted computing method |
CN201408535Y (en) * | 2009-05-11 | 2010-02-17 | 方正科技集团苏州制造有限公司 | Trusted hard disk facing to trusted computation cryptograph supporting platform |
CN102279914A (en) * | 2011-07-13 | 2011-12-14 | 中国人民解放军海军计算技术研究所 | Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same |
CN103534976A (en) * | 2013-06-05 | 2014-01-22 | 华为技术有限公司 | Data security protection method, server, host, and system |
CN106295352A (en) * | 2016-07-29 | 2017-01-04 | 北京三未信安科技发展有限公司 | The method of credible tolerance, main frame and system under basic input output system environment |
CN106934268A (en) * | 2017-03-31 | 2017-07-07 | 山东超越数控电子有限公司 | A kind of method that encrypting fingerprint is realized in BIOS |
JP2017157018A (en) * | 2016-03-02 | 2017-09-07 | 株式会社リコー | Information processing device, information processing method, information processing program, and trusted platform module |
-
2018
- 2018-11-28 CN CN201811435729.6A patent/CN109614799B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101515316A (en) * | 2008-02-19 | 2009-08-26 | 北京工业大学 | Trusted computing terminal and trusted computing method |
CN201408535Y (en) * | 2009-05-11 | 2010-02-17 | 方正科技集团苏州制造有限公司 | Trusted hard disk facing to trusted computation cryptograph supporting platform |
CN102279914A (en) * | 2011-07-13 | 2011-12-14 | 中国人民解放军海军计算技术研究所 | Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same |
CN103534976A (en) * | 2013-06-05 | 2014-01-22 | 华为技术有限公司 | Data security protection method, server, host, and system |
JP2017157018A (en) * | 2016-03-02 | 2017-09-07 | 株式会社リコー | Information processing device, information processing method, information processing program, and trusted platform module |
CN106295352A (en) * | 2016-07-29 | 2017-01-04 | 北京三未信安科技发展有限公司 | The method of credible tolerance, main frame and system under basic input output system environment |
CN106934268A (en) * | 2017-03-31 | 2017-07-07 | 山东超越数控电子有限公司 | A kind of method that encrypting fingerprint is realized in BIOS |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11347857B2 (en) | 2018-07-02 | 2022-05-31 | Alibaba Group Holding Limited | Key and certificate distribution method, identity information processing method, device, and medium |
US11349651B2 (en) | 2018-08-02 | 2022-05-31 | Alibaba Group Holding Limited | Measurement processing of high-speed cryptographic operation |
US11379586B2 (en) | 2018-08-02 | 2022-07-05 | Alibaba Group Holding Limited | Measurement methods, devices and systems based on trusted high-speed encryption card |
US11281781B2 (en) | 2018-08-29 | 2022-03-22 | Alibaba Group Holding Limited | Key processing methods and apparatuses, storage media, and processors |
CN111858114A (en) * | 2019-04-30 | 2020-10-30 | 阿里巴巴集团控股有限公司 | Equipment start exception handling method, device start control method, device and system |
CN110933057A (en) * | 2019-11-21 | 2020-03-27 | 深圳渊联技术有限公司 | Internet of things security terminal and security control method thereof |
CN110933057B (en) * | 2019-11-21 | 2021-11-23 | 深圳渊联技术有限公司 | Internet of things security terminal and security control method thereof |
Also Published As
Publication number | Publication date |
---|---|
CN109614799B (en) | 2021-03-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109614799A (en) | A kind of information weight mirror method | |
CN101523401B (en) | Secure use of user secrets on a computing platform | |
CN101436247B (en) | Biological personal identification method and system based on UEFI | |
US10516533B2 (en) | Password triggered trusted encryption key deletion | |
US7900252B2 (en) | Method and apparatus for managing shared passwords on a multi-user computer | |
RU2321055C2 (en) | Device for protecting information from unsanctioned access for computers of informational and computing systems | |
US7480931B2 (en) | Volume mount authentication | |
CN201126581Y (en) | Biological personal identification apparatus based on UEFI | |
CN103201747A (en) | A method for attesting a plurality of data processing systems | |
US20070239988A1 (en) | Accessing data storage devices | |
CN109614154A (en) | A kind of computer safety start method | |
CN108762782A (en) | A kind of safety access control method for encrypting solid state disk and BIOS chips based on safety | |
CN103488937B (en) | Measuring method, electronic equipment and measuring system | |
CN109784070A (en) | A kind of reliable hardware structure | |
US7441118B2 (en) | Network appliance having trusted device for providing verifiable identity and/or integrity information | |
CN109583214A (en) | A kind of method of controlling security | |
CN109583169A (en) | A kind of safety certifying method | |
KR102171749B1 (en) | Plural Signer Bio Electronic Signature Using Block-chain Method and Device Thereof | |
CN109753804A (en) | A kind of trusted system | |
CN112989362B (en) | CPU trusted starting system and method based on safety chip monitoring | |
CN109308414A (en) | A kind of mainboard clean boot realization system and method based on Domestic Platform | |
US20220261585A1 (en) | User authentication for an information handling system using a secured stylus | |
CN109598125A (en) | A kind of safe starting method | |
Fink et al. | Catching the Cuckoo: Verifying TPM Proximity Using a Quote Timing Side-Channel: (Short Paper) | |
US20220092189A1 (en) | Implementation of Trusted Computing System Based on Master Controller of Solid-State Drive |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |