CN109614799A - A kind of information weight mirror method - Google Patents

A kind of information weight mirror method Download PDF

Info

Publication number
CN109614799A
CN109614799A CN201811435729.6A CN201811435729A CN109614799A CN 109614799 A CN109614799 A CN 109614799A CN 201811435729 A CN201811435729 A CN 201811435729A CN 109614799 A CN109614799 A CN 109614799A
Authority
CN
China
Prior art keywords
hard disk
credible
tpcm
information
credible hard
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811435729.6A
Other languages
Chinese (zh)
Other versions
CN109614799B (en
Inventor
孙瑜
杨秩
王涛
洪宇
王强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING HUATECH TRUSTED COMPUTING INFORMATION TECHNOLOGY Co Ltd
Original Assignee
BEIJING HUATECH TRUSTED COMPUTING INFORMATION TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING HUATECH TRUSTED COMPUTING INFORMATION TECHNOLOGY Co Ltd filed Critical BEIJING HUATECH TRUSTED COMPUTING INFORMATION TECHNOLOGY Co Ltd
Priority to CN201811435729.6A priority Critical patent/CN109614799B/en
Publication of CN109614799A publication Critical patent/CN109614799A/en
Application granted granted Critical
Publication of CN109614799B publication Critical patent/CN109614799B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a kind of information weight mirror methods, user identity authentication can be completed in the startup stage of credible hard disk, to the behavior for avoiding the computer equipment stolen and generation information is tampered, and it can use biological information to carry out safety certification to TPCM and carry out safety certification in the startup stage of BIOS, start method to provide comprehensive computer system security for user, to greatly promote the safety of computer system.

Description

A kind of information weight mirror method
Technical field
The present invention relates to computer safety fields, and in particular to a kind of information weight mirror method.
Background technique
With the high speed development of reliable computing technology, by business, the welcome of society, research institution, individual, but information Safety faces more and more security threats.Information security issue has become the bottle that credible calculating platform is really realized at present Neck, information security technology guarantee the safe operation of system by the mode that strong cryptographic algorithm and key combine, still The mechanism of this pure software is not perfectly safe, and many users misoperation in management and use can lead to sensitive data Leakage, steal, distort and destroy.In addition, the crypto-operation of pure software will consume a large amount of computer resource and time, so that The crypto-operation of pure software is not able to satisfy the demand of information security.
Credible 3.0 for improving the safety of system entirety, and main thought is drawn on existing device hardware platform Enter credible platform module TPM (Trusted Platform Module), provides crypto-operation by the module and realize credible draw It leads, the functions such as proof of identification and data protection, to guarantee system for computer safety.What it is in TPCM is that peace is realized on computer The functions such as full starting, identity identification, data encryption, can solve the safety problem of computer system.
Summary of the invention
The invention proposes a kind of information weight mirror methods, are suitable for carrying out safety certification and existing skill to computer system Safety certifying method in art is compared, and the safety of computer system can be greatly promoted.
A kind of information weight mirror method proposed by the present invention characterized by comprising
Step 1: system electrification starting, TPCM carry out active safety measurement to computer system, enter if if measuring Step 2,3 are otherwise entered step;
Step 2: increasing dialog boxes for login in OPROM, realize that personnel identity is recognized in OPROM in credible hard disk starting Card;
Step 3: reporting exception information, forbid the computer system starting.
Preferably, the step 2 includes:
Increase the setting of " Administrator password " field in TPCM configuration item in OPROM, to manage Personnel can realize the user identity authentication of credible hard disk startup stage by configuring the configuration item.
Preferably, before the step 1 further include:
It is identified by identity of the biometric apparatus to operator, using TPCM to computer if being identified by System carries out active safety measurement, otherwise reports exception information and quiescing personnel operate the TPCM.
Preferably, it is described by identity of the biometric apparatus to operator carry out identification include:
It is connected by external biological identification device with the TPCM, after TPCM electrifying startup completion, is formally opened Before opening active safety metric function, prompt operator's typing biological information to carry out safety verification.
Preferably, the biological information includes combination one or more in following biological information:
Finger print information, sclera information and face information.
Preferably, between the step 1 and step 2 further include:
The TPCM configuration item in BIOS is changed, realizes the user identity authentication of BIOS startup stage, if certification passes through, is counted Calculation machine system normally starts, and otherwise enters and reports exception information.
Preferably, the TPCM configuration item in the change BIOS:
Including increasing " Administrator password " in the TPCM configuration item in BIOS.
The invention also provides a kind of credible control methods based on credible hard disk, which is characterized in that the described method includes:
Step 1. powers on credible hard disk, using the TPCM module being embedded on the hard disk chip in credible hard disk to where it Other hardware are measured in system, if the measurement results of other hardware be it is normal, enter step 2, if it is described other The measurement results of hardware are exception, then alarm;
Step 2. powers on other described hardware, after system where starting the credible hard disk, to the credible hard disk institute Software is measured in systems, if the measurement results of the software be it is normal, 3 are entered step, if the measurement of the software As a result it is exception, then alarms;
System operates normally where credible hard disk described in step 3., and system is to described credible hard where the credible hard disk Disk carries out read/write operation, described credible to being buffered in using the TPCM module being embedded on the hard disk chip in the credible hard disk Hard disk the credible hard disk in systems need the data of read/write to carry out that the credible hard disk is needed read/write after solving/encrypting Data read/write is to the credible hard disk.
Preferably, other hardware include: BMC chip and BIOS chip in systems for the credible hard disk institute;
Software includes: MBR, OS LOADER and OS KERNEL in systems for the credible hard disk institute.
Preferably, the TPCM module being embedded on the hard disk chip using in the credible hard disk to be buffered in it is described can Letter hard disk the credible hard disk in systems need the data of read/write solve/encrypt, comprising:
System where the credible hard disk calls the TCM for the TPCM module being embedded on the hard disk chip in the credible hard disk Module solution/encryption be buffered in the credible hard disk the credible hard disk in systems need the data of read/write.
Preferably, the credible hard disk is IDE hard disk, PIDE hard disk, SCSI hard disk, SATA hard disc, SAS hard disk or SSD Hard disk.
Preferably, the credible hard disk supports M.2 interface, SAS interface, SATA interface and/or M.P interface.
Preferably, it is described alarm include: light indicator light, the alarm that pipes, printing interface prompt print error message or Shutdown.
Information weight mirror method in the present invention can complete user identity authentication in the startup stage of credible hard disk, to avoid The computer equipment is stolen and the behavior that information is tampered occurs, and can use biological information and pacify to TPCM It is complete to authenticate and carry out safety certification in the startup stage of BIOS, it is opened to provide comprehensive computer system security for user Dynamic method, to greatly promote the safety of computer system.
Detailed description of the invention
Present invention will be further explained below with reference to the attached drawings and examples, in attached drawing:
Fig. 1 is a kind of flow chart of information weight mirror method in the embodiment of the present invention one;
Fig. 2 is a kind of flow chart of information weight mirror method in the embodiment of the present invention two;
Fig. 3 is a kind of flow chart of information weight mirror method in the embodiment of the present invention three.
Specific embodiment
Now in conjunction with attached drawing, elaborate to presently preferred embodiments of the present invention.
A kind of information weight mirror method of the present invention is applied among computer system, and the computer system has master The function of dynamic security measure, the active safety metric function by increase in the computer system TPCM safety chip come It realizes.
Wherein, to each Main firmware of computer system during the TPCM is used to electrically activate on the computer systems And component part carries out active safety measurement, the Main firmware and component part include BIOS/firmware, BMC firmware and refer to Determine fdisk etc., if active measurement results be it is normal, allow computer system normally to start, otherwise forbid the computer System normally starts.
Embodiment one
Based on above-mentioned computer system, the present embodiment proposes a kind of information weight mirror method, and flow chart is as shown in Figure 1, institute The method of stating includes the following steps:
Step 1: after system electrification starting, being identified by identity of the biometric apparatus to operator, if identification By then entering step 2,3 are otherwise entered step.
Specifically, the active safety measurement in order to realize computer system, needs the Schilling before starting computer system The TPCM safety chip electrifying startup.
Specifically, passing through the biologies such as circumscribed USB key, fingerprint acquisition instrument in order to avoid the TPCM is usurped and distorted by people Identification device is connected with the TPCM, after TPCM electrifying startup completion, it is formal open active safety metric function it Before, prompt operator's typing biological information to carry out safety verification.
Preferably, the biological information includes finger print information, sclera information and face information etc..
Step 2: the TPCM formally enters working condition, carries out active safety measurement to the computer system.
Specifically, the content of active safety measurement include to BIOS/firmware, BMC firmware and specified fdisk etc. into Row completeness check.
Step 3: reporting exception information, quiescing personnel operate the TPCM.
Specifically, proving that the computer system has stolen and information if the authentication of operator fails The risk distorted, in this case, computer system enter lock state from TPCM described in the command of execution, and control under the TPCM Electricity.
Safety certifying method in the present embodiment utilizes the biological information pair of operator in computer system starting TPCM safety chip is authenticated, and carries out active safety degree to the computer system using the TPCM if if authenticating Amount, otherwise quiescing personnel operate the TPCM safety chip, through this embodiment in safety certifying method can guarantee behaviour Making personnel all is certification user, distorts so as to avoid TPCM is stolen with information, improves the safety of computer system.
Embodiment two
The present embodiment is based on embodiment one and proposes another information weight mirror method, and flow chart is as shown in Fig. 2, the side Method includes:
Step 1: system electrification starting carries out active safety measurement to computer system using TPCM, if measurement passes through 2 are entered step, otherwise enters step 3.
Specifically, the content of the active safety measurement is as previously mentioned, details are not described herein.
Step 2: the TPCM configuration item in change BIOS realizes the user identity authentication of BIOS startup stage, if certification is logical It crosses, then computer system normally starts, and otherwise enters step 3.
Specifically, the TPCM configuration item in the change BIOS, including increasing in the TPCM configuration item in BIOS " Administrator password ", so that administrative staff can realize the use of BIOS startup stage by configuring the configuration item Family authentication.
Step 3: reporting exception information, forbid the computer system starting.
Specifically, proving that the computer system has stolen and information if the authentication of operator fails The risk distorted, in this case, computer system enter lock state from TPCM described in the command of execution, and control under the TPCM Electricity.
Preferably, the method in the present embodiment can be combined with the method in embodiment one, so that obtaining one kind can be same When to TPCM carry out biometric information authentication and the BIOS stage carry out user identity safety certification method, wherein it is described The process that the BIOS stage carries out user identity authentication is located at after the process for carrying out biometric information authentication to TPCM.
Safety certifying method in the present embodiment in BIOS by increasing the configuration item about TPCM, to realize BIOS startup stage carry out user identity authentication, through this embodiment in safety certifying method, can avoid the department of computer science System is stolen and progress information is distorted, to promote the safety of the computer system.
Embodiment three
The present embodiment based on the above embodiment one and embodiment two in safety certifying method propose another information Weigh mirror method, it is preferred that the process of safety certifying method can individually be implemented in the present embodiment, can also be with above-described embodiment one and reality The method flow applied in example two combines, and flow chart is as shown in figure 3, the safety certifying method in the present embodiment includes:
Step 1: system electrification starting, TPCM carry out active safety measurement to computer system, enter if if measuring Step 2,3 are otherwise entered step.
Step 2: increasing dialog boxes for login in OPROM, realize that personnel identity is recognized in OPROM in credible hard disk starting Card.
Specifically, increase the setting of " Administrator password " field in TPCM configuration item in OPROM, from And administrative staff can realize the user identity authentication of credible hard disk startup stage by configuring the configuration item.
Step 3: reporting exception information, forbid the computer system starting.
Specifically, proving that the computer system has stolen and information if the authentication of operator fails The risk distorted, in this case, computer system enter lock state from TPCM described in the command of execution, and control under the TPCM Electricity.
Preferably, TPCM can be used using biometric information according to the method in embodiment one before step 1 Family authentication can complete user identity in BIOS startup stage according to the method in embodiment two between step 1 and step 2 Certification.
The technical solution of the present embodiment can complete user identity authentication in the startup stage of credible hard disk, to avoid described Computer equipment is stolen and the behavior that information is tampered occurs, and the present embodiment can be with embodiment one and embodiment two-phase In conjunction with so that comprehensive computer system security authentication method is provided for user, to greatly promote computer system Safety.
Example IV
The invention also provides a kind of credible control methods based on credible hard disk, which is characterized in that the described method includes:
Step 1. powers on credible hard disk, using the TPCM module being embedded on the hard disk chip in credible hard disk to where it Other hardware are measured in system, if the measurement results of other hardware be it is normal, enter step 2, if it is described other The measurement results of hardware are exception, then alarm;
Step 2. powers on other described hardware, after system where starting the credible hard disk, to the credible hard disk institute Software is measured in systems, if the measurement results of the software be it is normal, 3 are entered step, if the measurement of the software As a result it is exception, then alarms;
System operates normally where credible hard disk described in step 3., and system is to described credible hard where the credible hard disk Disk carries out read/write operation, described credible to being buffered in using the TPCM module being embedded on the hard disk chip in the credible hard disk Hard disk the credible hard disk in systems need the data of read/write to carry out that the credible hard disk is needed read/write after solving/encrypting Data read/write is to the credible hard disk.
Preferably, other hardware include: BMC chip and BIOS chip in systems for the credible hard disk institute;
Software includes: MBR, OS LOADER and OS KERNEL in systems for the credible hard disk institute.
Preferably, the TPCM module being embedded on the hard disk chip using in the credible hard disk to be buffered in it is described can Letter hard disk the credible hard disk in systems need the data of read/write solve/encrypt, comprising:
System where the credible hard disk calls the TCM for the TPCM module being embedded on the hard disk chip in the credible hard disk Module solution/encryption be buffered in the credible hard disk the credible hard disk in systems need the data of read/write.
Preferably, IDE hard disk, PIDE hard disk, SCSI hard disk, SATA hard disc, SAS hard disk can be selected in the credible hard disk And/or SSD hard disk.
Preferably, the credible hard disk supports M.2 interface, SAS interface, SATA interface and/or M.P interface.
Preferably, it is described alarm include: light indicator light, the alarm that pipes, printing interface prompt print error message or Shutdown.
Technical solution in through this embodiment can use the TPCM module in insertion credible hard disk to other in system Hardware and credible hard disk software in systems measured, and the mistake that the system where credible hard disk operates normally Cheng Zhong can use credible read-write of the TPCM module control data of insertion credible hard disk into credible hard disk.
In several embodiments provided by the present invention, it should be understood that disclosed method and terminal can pass through it Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the module, only Only a kind of logical function partition, there may be another division manner in actual implementation.
In addition, the technical solution in above-mentioned several embodiments can be combined with each other and replace in the case where not conflicting It changes.
The module as illustrated by the separation member may or may not be physically separated, aobvious as module The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.Some or all of the modules therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.
It, can also be in addition, each functional module in each embodiment of the present invention can integrate in one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of hardware adds software function module.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims Variation is included in the present invention.Any attached associated diagram label in claim should not be considered as right involved in limitation to want It asks.Furthermore, it is to be understood that one word of " comprising " does not exclude other units or steps, odd number is not excluded for plural number.It is stated in system claims Multiple modules or device can also be implemented through software or hardware by a module or device.The first, the second equal words It is used to indicate names, and does not indicate any particular order.
Finally it should be noted that the above examples are only used to illustrate the technical scheme of the present invention and are not limiting, although reference Preferred embodiment describes the invention in detail, those skilled in the art should understand that, it can be to of the invention Technical solution is modified or equivalent replacement, without departing from the spirit and scope of the technical solution of the present invention.

Claims (13)

  1. A kind of method 1. information weight is reflected characterized by comprising
    Step 1: system electrification starting, TPCM carry out active safety measurement to computer system, enter step if if measuring 2, otherwise enter step 3;
    Step 2: increasing dialog boxes for login in OPROM, realize personnel identity certification in OPROM in credible hard disk starting;
    Step 3: reporting exception information, forbid the computer system starting.
  2. 2. a kind of information weight is reflected method as described in claim 1, which is characterized in that the step 2 includes:
    Increase the setting of " Administrator password " field in TPCM configuration item in OPROM, thus administrative staff The user identity authentication of credible hard disk startup stage can be realized by configuring the configuration item.
  3. 3. a kind of information weight mirror method as described in claim 1, which is characterized in that before the step 1 further include:
    It is identified by identity of the biometric apparatus to operator, using TPCM to computer system if being identified by Active safety measurement is carried out, exception information is otherwise reported and quiescing personnel operates the TPCM.
  4. 4. a kind of information weight is reflected method as described in claim 3, which is characterized in that it is described by biometric apparatus to behaviour The identity for making personnel carries out identification and includes:
    It is connected by external biological identification device with the TPCM, after TPCM electrifying startup completion, formal unlatching master Before dynamic security measure function, prompt operator's typing biological information to carry out safety verification.
  5. 5. a kind of information weight mirror method as described in claim 4, which is characterized in that the biological information includes following biology One or more combination in information:
    Finger print information, sclera information and face information.
  6. The method 6. a kind of information weight as described in claim 1 is reflected, which is characterized in that also wrapped between the step 1 and step 2 It includes:
    The TPCM configuration item in BIOS is changed, realizes the user identity authentication of BIOS startup stage, if certification passes through, computer System normally starts, and otherwise enters and reports exception information.
  7. The method 7. a kind of information weight as claimed in claim 6 is reflected, which is characterized in that the TPCM configuration in the change BIOS :
    Including increasing " Administrator password " in the TPCM configuration item in BIOS.
  8. 8. a kind of credible control method based on credible hard disk, which is characterized in that the described method includes:
    Step 1. powers on credible hard disk, using the TPCM module being embedded on the hard disk chip in credible hard disk to system where it In other hardware measured, if the measurement results of other hardware be it is normal, 2 are entered step, if other described hardware Measurement results be it is abnormal, then alarm;
    Step 2. powers on other described hardware, after system where starting the credible hard disk, to system where the credible hard disk Software is measured in system, if the measurement results of the software be it is normal, 3 are entered step, if the measurement results of the software For exception, then alarm;
    System where credible hard disk described in step 3. operates normally, where the credible hard disk system to the credible hard disk into Row read/write operation, using the TPCM module being embedded on the hard disk chip in the credible hard disk to being buffered in the credible hard disk The credible hard disk in systems need the data of read/write to carry out the data that the credible hard disk is needed to read/write after solving/encrypting Read/write is to the credible hard disk.
  9. 9. method according to claim 8, which is characterized in that other hardware include: BMC in systems for the credible hard disk institute Chip and BIOS chip;
    Software includes: MBR, OS LOADER and OS KERNEL in systems for the credible hard disk institute.
  10. 10. method according to claim 8, which is characterized in that embedding on the hard disk chip using in the credible hard disk The TPCM module entered to be buffered in the credible hard disk the credible hard disk in systems need the data of read/write solve/ Encryption, comprising:
    System where the credible hard disk calls the TCM module for the TPCM module being embedded on the hard disk chip in the credible hard disk Solution/encryption be buffered in the credible hard disk the credible hard disk in systems need the data of read/write.
  11. 11. method according to claim 8, which is characterized in that the credible hard disk is IDE hard disk, PIDE hard disk, SCSI hard Disk, SATA hard disc, SAS hard disk or SSD hard disk.
  12. 12. method as claimed in claim 11, which is characterized in that the credible hard disk supports M.2 interface, SAS interface, SATA Interface and/or M.P interface.
  13. 13. method according to claim 8, which is characterized in that the alarm includes: to light indicator light, the alarm that pipes, beat Print interface prompt print error message or shutdown.
CN201811435729.6A 2018-11-28 2018-11-28 Information authentication method Active CN109614799B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811435729.6A CN109614799B (en) 2018-11-28 2018-11-28 Information authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811435729.6A CN109614799B (en) 2018-11-28 2018-11-28 Information authentication method

Publications (2)

Publication Number Publication Date
CN109614799A true CN109614799A (en) 2019-04-12
CN109614799B CN109614799B (en) 2021-03-16

Family

ID=66005311

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811435729.6A Active CN109614799B (en) 2018-11-28 2018-11-28 Information authentication method

Country Status (1)

Country Link
CN (1) CN109614799B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110933057A (en) * 2019-11-21 2020-03-27 深圳渊联技术有限公司 Internet of things security terminal and security control method thereof
CN111858114A (en) * 2019-04-30 2020-10-30 阿里巴巴集团控股有限公司 Equipment start exception handling method, device start control method, device and system
US11281781B2 (en) 2018-08-29 2022-03-22 Alibaba Group Holding Limited Key processing methods and apparatuses, storage media, and processors
US11349651B2 (en) 2018-08-02 2022-05-31 Alibaba Group Holding Limited Measurement processing of high-speed cryptographic operation
US11347857B2 (en) 2018-07-02 2022-05-31 Alibaba Group Holding Limited Key and certificate distribution method, identity information processing method, device, and medium
US11379586B2 (en) 2018-08-02 2022-07-05 Alibaba Group Holding Limited Measurement methods, devices and systems based on trusted high-speed encryption card

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101515316A (en) * 2008-02-19 2009-08-26 北京工业大学 Trusted computing terminal and trusted computing method
CN201408535Y (en) * 2009-05-11 2010-02-17 方正科技集团苏州制造有限公司 Trusted hard disk facing to trusted computation cryptograph supporting platform
CN102279914A (en) * 2011-07-13 2011-12-14 中国人民解放军海军计算技术研究所 Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same
CN103534976A (en) * 2013-06-05 2014-01-22 华为技术有限公司 Data security protection method, server, host, and system
CN106295352A (en) * 2016-07-29 2017-01-04 北京三未信安科技发展有限公司 The method of credible tolerance, main frame and system under basic input output system environment
CN106934268A (en) * 2017-03-31 2017-07-07 山东超越数控电子有限公司 A kind of method that encrypting fingerprint is realized in BIOS
JP2017157018A (en) * 2016-03-02 2017-09-07 株式会社リコー Information processing device, information processing method, information processing program, and trusted platform module

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101515316A (en) * 2008-02-19 2009-08-26 北京工业大学 Trusted computing terminal and trusted computing method
CN201408535Y (en) * 2009-05-11 2010-02-17 方正科技集团苏州制造有限公司 Trusted hard disk facing to trusted computation cryptograph supporting platform
CN102279914A (en) * 2011-07-13 2011-12-14 中国人民解放军海军计算技术研究所 Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same
CN103534976A (en) * 2013-06-05 2014-01-22 华为技术有限公司 Data security protection method, server, host, and system
JP2017157018A (en) * 2016-03-02 2017-09-07 株式会社リコー Information processing device, information processing method, information processing program, and trusted platform module
CN106295352A (en) * 2016-07-29 2017-01-04 北京三未信安科技发展有限公司 The method of credible tolerance, main frame and system under basic input output system environment
CN106934268A (en) * 2017-03-31 2017-07-07 山东超越数控电子有限公司 A kind of method that encrypting fingerprint is realized in BIOS

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11347857B2 (en) 2018-07-02 2022-05-31 Alibaba Group Holding Limited Key and certificate distribution method, identity information processing method, device, and medium
US11349651B2 (en) 2018-08-02 2022-05-31 Alibaba Group Holding Limited Measurement processing of high-speed cryptographic operation
US11379586B2 (en) 2018-08-02 2022-07-05 Alibaba Group Holding Limited Measurement methods, devices and systems based on trusted high-speed encryption card
US11281781B2 (en) 2018-08-29 2022-03-22 Alibaba Group Holding Limited Key processing methods and apparatuses, storage media, and processors
CN111858114A (en) * 2019-04-30 2020-10-30 阿里巴巴集团控股有限公司 Equipment start exception handling method, device start control method, device and system
CN110933057A (en) * 2019-11-21 2020-03-27 深圳渊联技术有限公司 Internet of things security terminal and security control method thereof
CN110933057B (en) * 2019-11-21 2021-11-23 深圳渊联技术有限公司 Internet of things security terminal and security control method thereof

Also Published As

Publication number Publication date
CN109614799B (en) 2021-03-16

Similar Documents

Publication Publication Date Title
CN109614799A (en) A kind of information weight mirror method
CN101523401B (en) Secure use of user secrets on a computing platform
CN101436247B (en) Biological personal identification method and system based on UEFI
US10516533B2 (en) Password triggered trusted encryption key deletion
US7900252B2 (en) Method and apparatus for managing shared passwords on a multi-user computer
RU2321055C2 (en) Device for protecting information from unsanctioned access for computers of informational and computing systems
US7480931B2 (en) Volume mount authentication
CN201126581Y (en) Biological personal identification apparatus based on UEFI
CN103201747A (en) A method for attesting a plurality of data processing systems
US20070239988A1 (en) Accessing data storage devices
CN109614154A (en) A kind of computer safety start method
CN108762782A (en) A kind of safety access control method for encrypting solid state disk and BIOS chips based on safety
CN103488937B (en) Measuring method, electronic equipment and measuring system
CN109784070A (en) A kind of reliable hardware structure
US7441118B2 (en) Network appliance having trusted device for providing verifiable identity and/or integrity information
CN109583214A (en) A kind of method of controlling security
CN109583169A (en) A kind of safety certifying method
KR102171749B1 (en) Plural Signer Bio Electronic Signature Using Block-chain Method and Device Thereof
CN109753804A (en) A kind of trusted system
CN112989362B (en) CPU trusted starting system and method based on safety chip monitoring
CN109308414A (en) A kind of mainboard clean boot realization system and method based on Domestic Platform
US20220261585A1 (en) User authentication for an information handling system using a secured stylus
CN109598125A (en) A kind of safe starting method
Fink et al. Catching the Cuckoo: Verifying TPM Proximity Using a Quote Timing Side-Channel: (Short Paper)
US20220092189A1 (en) Implementation of Trusted Computing System Based on Master Controller of Solid-State Drive

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant