CN112433737A - Server management control platform safety upgrading card - Google Patents
Server management control platform safety upgrading card Download PDFInfo
- Publication number
- CN112433737A CN112433737A CN202011148072.2A CN202011148072A CN112433737A CN 112433737 A CN112433737 A CN 112433737A CN 202011148072 A CN202011148072 A CN 202011148072A CN 112433737 A CN112433737 A CN 112433737A
- Authority
- CN
- China
- Prior art keywords
- key
- algorithm
- storage area
- stage
- original
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000011084 recovery Methods 0.000 claims abstract description 11
- 230000004044 response Effects 0.000 claims abstract description 6
- 238000001514 detection method Methods 0.000 claims description 12
- 238000012546 transfer Methods 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 238000000034 method Methods 0.000 description 5
- 230000001360 synchronised effect Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 230000014509 gene expression Effects 0.000 description 2
- 239000002184 metal Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 229910000967 As alloy Inorganic materials 0.000 description 1
- 229910000831 Steel Inorganic materials 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 239000003990 capacitor Substances 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000010959 steel Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides a server management control platform security upgrade card, comprising: the image storage area is used for storing an original firmware image file in a first stage; the first algorithm module is used for generating a first original operation value based on an original firmware image file in a first stage and generating a first new operation value based on the firmware image file extracted from the image storage area in a second stage; the second algorithm module is used for generating a pair of mapped public keys and private keys in the first stage, carrying out encryption operation on the first original operation value by using the private keys to obtain a signature value, and carrying out decryption operation on the signature value extracted from the mirror image storage area by using the public keys in the second stage to obtain a first original operation value recovery value; the main control module is used for comparing whether the first original operation value recovery value is equal to the first new operation value or not in the second stage and allowing or forbidding starting of the firmware upgrading program based on the comparison result; and the key erasing module is used for clearing the public key and the private key in response to detecting that the security upgrading card is damaged.
Description
Technical Field
The invention relates to the technical field of server management control, in particular to a security upgrading card for a server management control platform.
Background
The server management control platform is a management unit of the server, and an administrator remotely manages and controls the server by using a virtual keyboard, an interface, a mouse, a power supply and the like and can monitor physical characteristics of the server, such as the temperature, the voltage, the working state of a fan, power supply and case intrusion; in addition, the server management control platform is also used for storing corresponding files such as log records, mirror image upgrade packages and the like. The server management control platform is used as a management unit of the server, and is used for bearing calculation tasks, storage tasks and the like, the workload is heavy, and in addition, the server management control platform is also a target which is easy to attack.
At present, the upgrading of the network card, the disk array card, the GPU card and other firmware of the server platform is directly performed by the server management control platform for upgrading and maintaining. The server management control platform is responsible for upgrading all firmware, so that on one hand, the calculation and storage burden of the server management control platform is increased; on the other hand, once the server management control platform is down or controlled by malicious personnel, the service function of firmware update is influenced, and the continuity of server service is further influenced; on the other hand, the key stored in the server management control platform is leaked carelessly, and potential safety hazards exist.
Disclosure of Invention
In view of the above, an object of the present invention is to provide a security upgrade card for a server management control platform, which is used to transfer firmware storage and upgrade services on a server to the security upgrade card, so as to reduce the computation and storage burden of the server management control platform and improve the security of firmware upgrade.
Based on the above purpose, the present invention provides a server management control platform security upgrade card, including:
the image storage area is used for storing an original firmware image file in a first stage;
the first algorithm module is used for performing first operation on the original firmware image file through a first algorithm to generate a first original operation value in a first stage and performing first operation on the firmware image file extracted from the image storage area through the first algorithm to generate a first new operation value in a second stage;
the second algorithm module is used for generating a pair of mapped public keys and private keys through a second algorithm in the first stage, carrying out encryption operation on the first original operation value by using the private key to obtain a signature value and storing the signature value in the mirror image storage area, and carrying out decryption operation on the signature value extracted from the mirror image storage area by using the public key in the second stage to obtain a first original operation value recovery value;
the main control module is used for comparing whether the first original operation value recovery value is equal to the first new operation value or not in the second stage and allowing or forbidding a firmware upgrading program based on the comparison result; and
and the key erasing module is used for clearing the public key and the private key in response to detecting that the security upgrading card is damaged.
In some embodiments, the firmware upgrading program is configured to transfer the firmware image file extracted from the image storage area to the server module to be upgraded for firmware upgrading.
In some embodiments, the security upgrade card further comprises a key storage area for storing the mapped public and private keys in a first phase.
In some embodiments, the security upgrade card further comprises a cache area for receiving and temporarily storing the original firmware image file.
In some embodiments, the security upgrade card further comprises an input/output port for sending the original firmware image file sent by the server management control platform to the cache region.
In some embodiments, the first algorithm is the SHA256 algorithm; the first operation is a hash operation.
In some embodiments, the second algorithm is an RSA algorithm; the encryption operation is the encryption operation of an RSA algorithm; the decryption operation is the decryption operation of the RSA algorithm.
In some embodiments, the key storage area is a Flash memory; the mirror storage area is a non-volatile memory.
In some embodiments, the key erasure module includes:
the pressure sensor is used for receiving pressure information of the shell of the safety upgrading card damaged by external force and converting the pressure information into a pressure signal;
the pressure detection unit is used for receiving the pressure signal and sending the pressure signal to the main control module;
the erasing execution unit is used for receiving an erasing instruction sent by the main control module based on the pressure signal and executing key erasing operation, wherein the key erasing operation comprises erasing a public key and a private key of the key storage area; and
and the independent power supply unit is used for supplying power to the pressure detection unit and the erasing execution unit.
In some embodiments, there are four pressure sensors, each of the four pressure sensors being disposed within a respective corner of the housing.
The invention has at least the following beneficial technical effects:
1. the firmware image file is transferred to the server management control platform security upgrading card, and calculation and storage tasks are carried out, so that server firmware storage and upgrading services of the server management control platform are transferred to the security upgrading card, and the calculation and storage burden of the server management control platform is reduced;
2. the integrity, the reliability and the validity of the firmware upgrading service are ensured through the security operation of the first algorithm module and the second algorithm module;
3. by arranging the key erasing module, the key can be erased by detecting that the security upgrading card is damaged by external force, so that the security of the security upgrading card is effectively ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other embodiments can be obtained by using the drawings without creative efforts.
FIG. 1 is a schematic diagram of an embodiment of a server management control platform security upgrade card provided in accordance with the present invention;
FIG. 2 is a schematic diagram of an embodiment of a key erase module according to the present invention;
fig. 3 is a schematic diagram of an embodiment of detecting an on state and an off state of a switch according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the following embodiments of the present invention are described in further detail with reference to the accompanying drawings.
It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are used for distinguishing two non-identical entities with the same name or different parameters, and it is understood that "first" and "second" are only used for convenience of expression and should not be construed as limiting the embodiments of the present invention. Furthermore, the terms "comprises" and "comprising," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements does not include all of the other steps or elements inherent in the list.
Based on the above purpose, the embodiment of the invention provides a server management control platform security upgrade card. Fig. 1 is a schematic diagram illustrating an embodiment of a server management control platform security upgrade card provided by the present invention. As shown in fig. 1, the server management control platform security upgrade card according to the embodiment of the present invention includes: the system comprises a mirror image storage area 40, a first algorithm module 20, a second algorithm module 30, a main control module 10 and a key erasing module; the image storage area 40 is used for storing an original firmware image file in a first stage; the first algorithm module 20 is configured to perform a first operation on the original firmware image file through a first algorithm at a first stage to generate a first original operation value; the first algorithm module 20 is further configured to perform a first operation on the firmware image file extracted from the image storage area 40 through a first algorithm in a second stage to generate a first new operation value; the second algorithm module 30 is configured to generate a pair of mapped public and private keys through a second algorithm in the first stage, and perform encryption operation on the first original operation value by using the private key to obtain a signature value, where the signature value is stored in the mirror image storage area 40; the second algorithm module 30 is further configured to perform a decryption operation on the signature value extracted from the mirror image storage area 40 by using the public key at the second stage to obtain a first original operation value recovery value; the main control module 10 is configured to compare whether the first original operation value recovery value is equal to the first new operation value at the second stage, and allow or prohibit the firmware upgrade procedure based on the comparison result (for example, if the first original operation value recovery value is equal to the first new operation value, an upgrade instruction is sent to start firmware upgrade, and if the first original operation value recovery value is not equal to the first new operation value, firmware upgrade is prohibited); the key erasing module is used for clearing the public key and the private key in response to detecting that the security upgrading card is damaged.
In this embodiment, the main control module 10 may implement control of other modules, and the main control module 10 may be a programmable logic controller FPGA.
The embodiment of the invention transfers the firmware image file to the server management control platform security upgrade card, and carries out calculation and storage tasks, and transfers the server firmware storage and upgrade service of the server management control platform to the security upgrade card, thereby reducing the calculation and storage burden of the server management control platform; the integrity, the reliability and the validity of the firmware upgrading service are ensured through the security operation of the first algorithm module 20 and the second algorithm module 30; by arranging the key erasing module, the key can be erased by detecting that the security upgrading card is damaged by external force, so that the security of the security upgrading card is effectively ensured.
In some embodiments, the firmware upgrade program is configured to transfer the firmware image file extracted from the image storage area 40 to the server module to be upgraded for firmware upgrade. Therefore, the upgrading of the firmware of the server from the server management control platform to the upgrading of the firmware of the server by the security upgrading card is realized. The module to be upgraded of the server may be a network card, a disk array card, a GPU card, etc. of the server.
In some embodiments, the security upgrade card further comprises a key storage area 60 for storing the mapped public and private keys in a first phase.
In some embodiments, the security upgrade card further comprises a cache area 50 for receiving and temporarily storing the original firmware image file.
In some embodiments, the security upgrade card further comprises an input/output port 70 for sending the original firmware image file sent by the server management control platform to the cache 50. The input/output port 70 in this embodiment also serves as a data transmission interface between the security upgrade card and the server.
In some embodiments, the first algorithm is the SHA256 algorithm; the first operation is a hash operation. For any length of message, SHA256 will generate a 256-bit hash value. The Hash operation is also called Hash function (Hash function), which is a function for changing an input message string with any length into an output string with fixed length; cryptographic hash functions are often associated with many important cryptographic algorithms.
In some embodiments, the second algorithm is an RSA algorithm; the encryption operation is the encryption operation of an RSA algorithm; the decryption operation is the decryption operation of the RSA algorithm. The RSA algorithm is often used as an important encryption algorithm, and has extremely high security.
In this embodiment, when the first stage needs to be performed, the server management control platform sends the instruction 1, and the security upgrade card starts the following process after receiving the instruction 1:
1.1, transmitting an original firmware Image file (Image) to a cache region 50 through an input/output port 70(I/O port) for temporary storage, calling a second algorithm module 30 by a main control module 10, and starting an RSA algorithm to generate a pair of mapped public Key (Pub _ Key) and private Key (Pri _ Key);
1.2 the main control module 10 calls the first algorithm module 20, starts the SHA-256 algorithm to perform hash operation on the original firmware Image file Image, and generates the first original operation value Digst, i.e. Digst is hash (Image)SHA-256;
1.3 encrypting Digst by private Key Pri _ Key to generate signature value Sign of firmware image file, i.e. Sign equals ENC (Digst)Pri_KeyENC stands for encryption operation;
1.4 storing the firmware Image file Image together with the signature value Sign (Image + Sign) in the Image storage area 40 of the security upgrade card;
1.5 store the public Key Pub _ Key and private Key Pri _ Key for signature in the Key storage area 60 of the security upgrade card.
After the steps 1.1 to 1.5 are completed, the security upgrade card sends a response instruction 1 to inform the server management control platform that the first stage is completed, namely, the calculation and storage tasks are realized.
When a certain module (a network card, or a RAID card, or a GPU card, or other modules) in the server platform needs to be subjected to image upgrading, the second stage is entered, the server management control platform sends an upgrading instruction 2, and after the security upgrading card receives the upgrading instruction 2, the following steps are started:
2.1: the control module extracts the firmware Image file and the signature value (Image + Sign) from the Image storage area 40;
2.2: the control module extracts the public Key Pub _ Key from the Key storage area 60, then calls the second algorithm module 30, starts the decryption operation of the RSA algorithm to decrypt the signature value, and obtains the first original operation value Digst, that is, Digst ═ dec (sign)Pub_KeyDEC stands for decryption operation;
2.3: the control module calls the first algorithm module 20 to calculate the first new calculation value Digst 'of the firmware Image file Image in step 2.1, that is, Digst' is hash (Image)SHA-256;
2.4: comparing whether the first original operation value recovery value Digst is equal to the first new operation value Digst', transmitting the verified firmware image file to a module to be upgraded after the comparison is consistent, and then sending an instruction 3 to start firmware upgrade;
2.5: if the verification fails (Digst ≠ Digst'), firmware upgrade is prohibited.
After the step 2.1-2.5 is completed, the security upgrade card sends a response instruction 2 to inform the server management control platform that the upgrade service of the mirror image is completed, so that the calculation task is realized.
The safety analysis of this example was performed as follows:
(1) and (4) mirror image integrity guarantee: if the server management control platform is controlled by malicious personnel, the firmware Image file Image is tampered, that is, the Image is tampered in the step 2.1 to be Image ', and the Digst' calculated in the step 2.3 is not equal to the Digst, so that the integrity of the Image is ensured.
(2) And (4) guaranteeing the validity of the mirror image: if a malicious person tampers the signature value Sign of the firmware image file, i.e. the Sign is tamped to Sign 'in step 2.1, the Digst calculated in step 2.2 is inevitably not equal to the Digst' in step 2.3, thereby ensuring the credibility and legality of the signature value of the image.
(3) If the malicious person tampers with Image + Sign at the same time, change Image + Sign in the step 2.1 into Image ' and Sign ', and after the step 2.2 and the step 2.3, Digst and Digst ' are inevitably different, thereby ensuring the integrity and the validity of the mirror Image file.
In some embodiments, the key storage area 60 is a Flash memory; the mirror storage area 40 is a non-volatile memory. The Flash memory and the nonvolatile memory can not lose the stored data even after power failure.
Fig. 2 shows a schematic diagram of a key erasure module. As shown in fig. 2, the key erasure module includes: a pressure sensor, a pressure detection unit 80, an erasing execution unit, and an independent power supply unit; the pressure sensor is used for receiving pressure information of the shell of the security upgrading card damaged by external force and converting the pressure information into a pressure signal; the pressure detection unit 80 is configured to receive a pressure signal and send the pressure signal to the main control module 10; the erasing execution unit is configured to receive an erasing instruction sent by the main control module 10 based on the pressure signal and execute a key erasing operation, where the key erasing operation includes erasing a public key and a private key of the key storage area 60; the independent power supply unit is used for supplying power to the pressure detection unit 80 and the erasing execution unit.
According to the embodiment, the key erasing module is arranged, so that the key of the safety upgrading card cannot be revealed, and the safety of the safety upgrading card is ensured. The independent power supply unit is used for supplying power to the pressure detection unit 80 and the erasing execution unit, and when the security upgrading card is maliciously pulled out from the server by a person, although the power supply of the server is separated, the independent power supply unit can still erase the key by detecting that the security upgrading card is damaged by external force, so that the security of the security upgrading card is ensured. The independent power supply unit can adopt a button battery, a rechargeable battery, a farad capacitor and the like.
In some embodiments, there are four pressure sensors, each of the four pressure sensors being disposed within a respective corner of the housing. As shown in fig. 2, four pressure sensors, Sensor1, Sensor2, Sensor3 and Sensor4, are respectively disposed inside the four corners of the housing; the shell of the safety upgrading card is protected by a metal shell with stronger rigidity, such as alloy steel and the like. One implementation of the pressure sensor may employ a detection switch, such as the schematic diagram of the embodiment of fig. 3 that detects the on state and the off state of the switch. Normally, as shown in fig. 3(a), when the housing is not opened, the spring of the detection switch is pressed by the metal housing and is in an open state (on state); in an abnormal state, as shown in fig. 3 b, when the housing is opened, the spring of the detection switch is lifted up without the action of the external force, and the state of the detection switch is changed to be in an off state (off state).
Finally, it should be noted that the computer-readable storage medium (e.g., memory) herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of example, and not limitation, nonvolatile memory can include Read Only Memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which can act as external cache memory. By way of example and not limitation, RAM is available in a variety of forms such as synchronous RAM (DRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The storage devices of the disclosed aspects are intended to comprise, without being limited to, these and other suitable types of memory.
Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as software or hardware depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the disclosed embodiments of the present invention.
The foregoing is an exemplary embodiment of the present disclosure, but it should be noted that various changes and modifications could be made herein without departing from the scope of the present disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosed embodiments of the invention may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
It should be understood that, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, and the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, of embodiments of the invention is limited to these examples; within the idea of an embodiment of the invention, also technical features in the above embodiment or in different embodiments may be combined and there are many other variations of the different aspects of the embodiments of the invention as described above, which are not provided in detail for the sake of brevity. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of the embodiments of the present invention are intended to be included within the scope of the embodiments of the present invention.
Claims (10)
1. The utility model provides a server management control platform safety upgrading card which characterized in that includes:
the image storage area is used for storing an original firmware image file in a first stage;
the first algorithm module is used for performing first operation on the original firmware image file through a first algorithm to generate a first original operation value in the first stage and performing first operation on the firmware image file extracted from the image storage area through the first algorithm to generate a first new operation value in the second stage;
the second algorithm module is used for generating a pair of mapped public keys and private keys through a second algorithm in the first stage, carrying out encryption operation on the first original operation value by using the private keys to obtain signature values and storing the signature values in the mirror image storage area, and carrying out decryption operation on the signature values extracted from the mirror image storage area by using the public keys in the second stage to obtain first original operation value recovery values;
the main control module is used for comparing whether the first original operation value recovery value is equal to the first new operation value or not in the second stage and allowing or forbidding starting of the firmware upgrading program based on the comparison result; and
and the key erasing module is used for clearing the public key and the private key in response to detecting that the security upgrading card is damaged.
2. The security upgrade card according to claim 1, wherein the firmware upgrade program is configured to transfer the firmware image file extracted from the image storage area to a server module to be upgraded for firmware upgrade.
3. The security upgrade card according to claim 1, further comprising a key storage area for storing the mapped public and private keys in a first phase.
4. The security upgrade card according to claim 1, further comprising a buffer area for receiving and temporarily storing the original firmware image file.
5. The security upgrade card according to claim 4, further comprising an input/output port for sending the original firmware image file sent by the server management control platform to the cache region.
6. The security upgrade card according to claim 1, wherein the first algorithm is SHA256 algorithm; the first operation is a hash operation.
7. The security upgrade card according to claim 1, wherein the second algorithm is an RSA algorithm; the encryption operation is the encryption operation of the RSA algorithm; the decryption operation is a decryption operation of the RSA algorithm.
8. The security upgrade card according to claim 3, wherein the key storage area is a Flash memory; the mirror image storage area is a nonvolatile memory.
9. The security upgrade card according to claim 1, wherein the key erasure module comprises:
the pressure sensor is used for receiving pressure information of the shell of the security upgrading card damaged by external force and converting the pressure information into a pressure signal;
the pressure detection unit is used for receiving the pressure signal and sending the pressure signal to the main control module;
the erasing execution unit is used for receiving an erasing instruction sent by the main control module based on the pressure signal and executing a key erasing operation, wherein the key erasing operation comprises erasing the public key and the private key of the key storage area; and
and the independent power supply unit is used for supplying power to the pressure detection unit and the erasing execution unit.
10. The security upgrade card according to claim 9, wherein there are four pressure sensors, and four pressure sensors are respectively disposed inside four corners of the housing.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011148072.2A CN112433737A (en) | 2020-10-23 | 2020-10-23 | Server management control platform safety upgrading card |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011148072.2A CN112433737A (en) | 2020-10-23 | 2020-10-23 | Server management control platform safety upgrading card |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112433737A true CN112433737A (en) | 2021-03-02 |
Family
ID=74695973
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011148072.2A Pending CN112433737A (en) | 2020-10-23 | 2020-10-23 | Server management control platform safety upgrading card |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112433737A (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1963832A (en) * | 2006-12-07 | 2007-05-16 | 上海普芯达电子有限公司 | Data processing apparatus capable of preventing inbreak and embedded system |
CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
CN105378751A (en) * | 2013-07-11 | 2016-03-02 | 科瑞坡特拉股份公司 | Tamper responsive sensor |
CN111143247A (en) * | 2019-12-31 | 2020-05-12 | 海光信息技术有限公司 | Storage device data integrity protection method, controller thereof and system on chip |
-
2020
- 2020-10-23 CN CN202011148072.2A patent/CN112433737A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1963832A (en) * | 2006-12-07 | 2007-05-16 | 上海普芯达电子有限公司 | Data processing apparatus capable of preventing inbreak and embedded system |
CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
CN105378751A (en) * | 2013-07-11 | 2016-03-02 | 科瑞坡特拉股份公司 | Tamper responsive sensor |
CN111143247A (en) * | 2019-12-31 | 2020-05-12 | 海光信息技术有限公司 | Storage device data integrity protection method, controller thereof and system on chip |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11270306B2 (en) | Asset management method and apparatus, and electronic device | |
Dai et al. | SBLWT: A secure blockchain lightweight wallet based on trustzone | |
TWI667586B (en) | System and method for verifying changes to uefi authenticated variables | |
CN110492990B (en) | Private key management method, device and system under block chain scene | |
CN101578609B (en) | Secure booting a computing device | |
US8019994B2 (en) | Authentication of a request to alter at least one of a BIOS and a setting associated with the BIOS | |
JP2006080636A (en) | Information processing apparatus | |
CN101951316A (en) | Protected network boot of operating system | |
TW202036347A (en) | Method and apparatus for data storage and verification | |
US20140359305A1 (en) | Application integrity protection via secure interaction and processing | |
US11113423B2 (en) | FPGA hardware-based secure computing method and apparatus | |
EP3471042A1 (en) | Mobile payment method, system on chip and terminal | |
CN112637156B (en) | Key distribution method, device, computer equipment and storage medium | |
CN113626803A (en) | BMC firmware protection method, system and device and readable storage medium | |
JP2014235326A (en) | System, information processing apparatus, secure module, and verification method | |
US11251941B2 (en) | Managing cryptographic keys based on identity information | |
CN102662871B (en) | A kind of virtual disk integrity protection system and method based on credible password module | |
CN110932853B (en) | Key management device and key management method based on trusted module | |
CN117453343A (en) | Virtual machine measurement and secret calculation authentication method, device, system and storage medium | |
KR20190033930A (en) | Electronic device for encrypting security information and method for controlling thereof | |
WO2023147744A1 (en) | Key state inspection method and apparatus, and device and medium | |
CN112433737A (en) | Server management control platform safety upgrading card | |
CN102831360B (en) | Personal electronic document safety management system and management method thereof | |
CN111353150B (en) | Trusted boot method, trusted boot device, electronic equipment and readable storage medium | |
CN116264505A (en) | Key management system and method, electronic device, and computer-readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210302 |
|
RJ01 | Rejection of invention patent application after publication |