WO2002088954A2 - Dispositif et procede permettant de realiser une transition d'etat de securite d'un dispositif informatique - Google Patents
Dispositif et procede permettant de realiser une transition d'etat de securite d'un dispositif informatique Download PDFInfo
- Publication number
- WO2002088954A2 WO2002088954A2 PCT/CN2002/000299 CN0200299W WO02088954A2 WO 2002088954 A2 WO2002088954 A2 WO 2002088954A2 CN 0200299 W CN0200299 W CN 0200299W WO 02088954 A2 WO02088954 A2 WO 02088954A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- state
- transition
- computing device
- conversion
- control
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/28—Error detection; Error correction; Monitoring by checking the correct order of processing
Definitions
- the present invention relates to a device and a method for realizing a state transition of a computing device, and in particular, to a device and a method for realizing a state transition of a computing device only if a certified state transition device can perform the state transition.
- the internal network (office or confidential network) is physically separated from the external network (such as the Internet) due to security considerations; or in a home computer, an internal network (private data, not necessarily connected to the network) and Extranets (such as the Internet) are physically isolated.
- an internal network private data, not necessarily connected to the network
- Extranets such as the Internet
- the dual hard disk solution refers to the installation of two hard disks in one computer.
- an internal network When an internal network is required, start with a hard disk relative to the internal network and connect to the network connection (or not connect to the network) with the internal network.
- an external network When you need to use an external network, start with a hard disk relative to the external network, and connect the network connection to the external network.
- the external network or internal network
- the internal network or external network
- the internal network is physically isolated with hard disks and network connections (that is, it is absolutely unavailable or cannot be effectively read or written). In this way, a computer can use the internal network and the external network, while ensuring internal and external network isolation and internal data security.
- the dual hard disk solution securely isolates the internal and external networks. But this solution requires Two hard disks make the implementation cost of this solution relatively high, so there is a so-called single hard disk solution. It means that there are two partitions on a hard disk, and each partition has its own operating system (corresponding to the internal network and the external network respectively); then the computer is started by selecting the internal network or the external network.
- the single hard disk solution when the system is on an external network, at least the data on the internal network must be ensured that it cannot be read or written (see Chinese invention patent 9 4 1 1 1 4 6 1); at the same time, multiple operating systems need to be started ( Intranet and extranet).
- the computer can be physically separated from the internal network and the external network to ensure that when the computer is on the external network, any program (including the user) cannot be physically removed from the computer. Get information on the intranet. 2.
- the user can choose to send relevant information to the external network in a controlled manner when in the internal network (in order to ensure security, it must be ensured that the control program cannot be modified by any virus to be write protected) 3. It can easily and quickly switch between internal and external networks.
- this computer can be extended to all computing devices, such as handheld devices.
- Use the external network when you need to communicate with the network enter the internal network when you need to use a digital signature, and then send the digitally signed file to the external network and hand it over to the place where it is needed.
- a computer can run two sets of operating systems "simultaneously", and it can also provide convenience for computer multi-system teaching.
- the present applicant proposed a device for implementing state transition of a computing device, which includes a state transition instruction input device, a current state storage device for a computing device, and a computing device.
- a previous state storage device of the device a transition connection device which is optionally connected to the two state storage devices to communicate with the computing device, and a transition control device which controls the transition connection device to be connected to one of the two state storage devices, respectively.
- the computing device can quickly switch the operating system, and at the same time realize the physical isolation of the internal and external networks, and perform the rapid internal and external network conversion.
- a device for implementing a state transition of a computing device including: a requesting device for requesting the computing device to transition from a current state to a previous state; a transition device for implementing the calculation State transition of the device; a control device for ensuring that the state transition process is absolutely uninterruptible, wherein the control device controls the transition device to transition the computing device from the current state to the previous state in response to a request issued by the requesting device.
- the conversion device is a changeover switch for selectively switching between the current state and the previous state according to an instruction issued by the control device, so as to change or restore all current variables of the computing device. status information.
- control device further includes an authentication device for ensuring that the conversion device can perform conversion only after identity authentication.
- control device includes: a memory, which stores control instructions for completing a state transition operation; and a monitoring device, which is used to ensure that only the control instructions of the memory can be executed in response to the state transition request, otherwise the control of the transition device cannot be performed Conversion.
- control device further includes: a set trigger, as a flag that allows the conversion device to perform normal conversion, and simultaneously issue a non-maskable interrupt to the central processing device in the computing device; a reset trigger, which is used to complete the conversion
- a set trigger as a flag that allows the conversion device to perform normal conversion, and simultaneously issue a non-maskable interrupt to the central processing device in the computing device
- a reset trigger which is used to complete the conversion
- the set flip-flops described later are reset to prevent use by other programs.
- control device further includes an interrupt monitoring device, which is used to ensure that processing of the non-maskable program cannot be interrupted before the reset trigger completes resetting.
- control device includes: a memory that stores control instructions for completing a state transition operation; and a device that prohibits reading and writing of all RAMs in the computing device to ensure that only programs in the memory can be executed during the conversion process .
- a full-transition method includes: a) receiving a request for a computing device to transition from the current state to a previous transition; b) responding to the request and executing a state transition control program that is guaranteed to be absolutely uninterruptible; c) changing the state of the computing device Transition from the current state to a previously stored state to change or restore all current variable state information for the computing device.
- step b) further includes steps:
- step b) includes: d) setting a flag allowing normal conversion, and issuing a non-maskable interrupt at the same time; c) resetting said flag after the conversion is completed to prevent it from being used by other programs.
- the step b) further includes the step of: guaranteeing that the non-maskable program processing cannot be interrupted before the resetting is completed.
- step b) includes the steps of: ensuring that only a predetermined control program can be executed in response to the state transition request, otherwise no transition is allowed. '
- step b) includes the steps of: forbidding reading and writing of all RAM in the computing device to ensure that only programs in the memory can be executed during the conversion process.
- FIG. 1 is a block diagram of a device according to a preferred embodiment of the present invention.
- Fig. 2 is a block diagram of an apparatus according to another preferred embodiment of the present invention
- Fig. 3 is a block diagram of an apparatus according to yet another preferred embodiment of the present invention
- Fig. 4 is a flow chart of a method according to a preferred embodiment of the present invention Figures
- Figure 5 is a flowchart of a method according to another preferred embodiment of the present invention
- Figure 6 is a flowchart of a method according to another preferred embodiment of the present invention.
- FIG. 1 illustrates a computing device 100 according to an embodiment of the present invention.
- information about the running status of computing devices is stored in their respective locations, for example, the address of the program or data information currently running on the computing device is stored in memory ⁇ buffer memory or other storage,
- the information currently displayed by the device is stored in the video memory of the computing device, etc., and these devices that store status information are respectively connected to the corresponding controllers, for example, the memory is connected to a memory controller, and the video memory is connected to the video memory controller.
- the computing device of the present invention can run in, for example, dual operating systems or in two completely different states.
- the computing device further includes a central processing unit 101 for performing calculation operations and the like.
- the computing device 100 further includes a device for implementing a secure transition of the computing device between the two states described above.
- the device for transitioning includes one state.
- the switching device 205 a state switching instruction input device 201, and a safety switching control device 208 for ensuring that the switching process is absolutely uninterruptible.
- the instruction input device 201 accepts a user's request and triggers a signal to notify the computing device to change from the current state to the previous state or enter the next state.
- the instruction device 201 can be implemented by any device that can generate instructions, including keys. .
- the security transition control device 208 receives the state transition request signal from the input device 201.
- the security transition control device 208 sends an unmaskable interrupt signal to the central processing device 101, and the central processing device 101 responds to the unmaskable interrupt signal Start to execute an interrupt processing program defined by the security transition control device 208, which is used to perform the state transition and save data in the variable state register of the current state in the computing device, such as the current Internet information including addresses, pages, and client's Other actions, etc., and execute the conversion action sent to the conversion connection device 205 after the saving is completed, and the conversion device 205 is used to control switching between two states of the computing device, specifically, for example, according to the conversion process Under the control of the safety conversion control device 208, the connection between the video memory controller 14 and the current video memory 12 is switched to the connection with the video memory 22, and the connection of the hardware disk control unit 18 and the hard disk 17 is switched to the connection with the hardware 23, And the connection between the network adaptation unit 19 and the Internet 202 is switched to the connection with the local area network or the intranet 203, and so on.
- an interrupt processing program defined by the
- the security conversion control device 208 guarantees that the state conversion process is absolutely uninterruptible, that is, that the conversion process is a primitive process, thereby ensuring that the central processing device 101 will not execute any more during the conversion process. Other programs.
- the security transition control device 208 After executing the interrupt service routine, the security transition control device 208 notifies the central processing device 101 that the storage devices connected after the conversion and storing the previous state information can be read in order to restore the computing device in the previous state.
- the data in the variable status register in the server so as to complete the transition from one operating system or to another operating system, or from the internal network to the external network, and any other possible two different states.
- the security conversion control device 208 notifies the central processing device 101 that it can start executing another operating system or enter a new service.
- the changeover connection device 205 may be either an electronic switch or a mechanical switch, and according to the instruction issued by the safety changeover control device 208, the current state and the previous state are selected alternately. Switch between to change or restore all current variable state information of the computing device 100.
- central processing device 101 in the computing device is used to execute an interrupt processing program to complete the conversion processing in this embodiment, a processing with a calculation processing function may also be integrated in the security conversion control device 208 Means for executing the interrupt processing program, thereby eliminating the need for central processing equipment in the computing device 100 Set the 101 dependency.
- the security conversion control device 208 preferably further includes an identity authentication device.
- the authentication device determines that the user is a legal user, the conversion connection device 205 can be operated, otherwise the operation of the conversion connection device 205 is prohibited.
- FIG. 2 illustrates a computing device 100 ′ having a device that implements a secure transition of the state of the computing device according to another embodiment of the present invention.
- the device 100 ′ is basically the same as the device 100 in Embodiment 1.
- the same components are denoted by the same reference numerals, except that a monitoring device 110 and a memory ROM are used in the computing device 100 ′.
- 111 replaces the safety switching control device 208 in the first embodiment.
- the ROM 111 stores control instructions for completing the state transition operation
- the monitoring device 110 is configured to receive a request transition instruction from the requesting device 201, and then send an interrupt control signal to the central processing device 101, The processing device 101 is instructed to execute an interrupt service program stored in the ROM 111.
- the monitoring device 110 monitors the execution process of the central processing device 101 and confirms that the execution process of the central processing device is always in the primitive of the interrupt service routine (a program code that is not allowed to be interrupted during execution), thereby ensuring that only The program stored in the ROM 111 is executed, otherwise the control conversion connection device 205 cannot perform any conversion.
- the memory 111 is implemented by a ROM, but it may also be implemented by any storage device having a write protection function, such as a write protection RAM , a FLASH, or the like.
- FIG. 3 shows a computing device 100 "having a device that implements a secure transition of the computing device state according to another embodiment of the present invention.
- the device 100 is basically the same as the device 100 'in Embodiment 2 Where the same components have the same reference numerals No. indicates that the difference is that the computing device 100 "further includes a set trigger 206 connected to the monitoring device 110, which trigger serves as a sign that allows the conversion connection device 205 to perform a normal conversion, and at the same time, it sends a central processing to the computing device.
- the device issues an unmaskable interrupt.
- the conversion connection device 205 can determine whether to perform a normal conversion by reading the flag value of the set trigger; it also includes a reset trigger 207, which is separately monitored and monitored.
- the device 110 is connected to the set trigger 206, and its function is that when the conversion is completed, the monitoring device 110 sends a signal to the reset trigger 207, and the reset trigger 206 resets the set trigger 206 after receiving the signal, and shields
- the conversion function of the conversion connection device 205 is dropped to prohibit use by other programs and illegally perform the conversion.
- FIG. 4 shows a flowchart of a method for implementing a secure transition of a computing device state according to an embodiment of the present invention. As shown in the figure, the method includes steps: (1) first receiving an input via the state transition instruction A state transition instruction input by the device 201;
- a conversion request is sent to a security conversion control device 208; (3) The conversion control device 208 responds to the conversion request to verify whether it is a request for identity authentication, and if so, sends a non-maskable interrupt signal to The central processing device 101, otherwise the program returns and is in a waiting state; (4) the central processing device 101 executes an interrupt service routine that physically guarantees no change in response to the non-maskable interrupt signal (steps; (5) saves the current
- the data in the variable status register in the state computing device sends a completion signal to the transition control device 208 after saving, and the transition control device 208 responds to the completion signal to the state conversion device 200
- the conversion control device 205 issues an instruction to complete the conversion connection action with one of the two state saving devices through the conversion connection device 205; (6) the conversion control device 208 notifies after executing the interrupt service routine
- the central processing unit 101 to restore the previous state in the variable state register of the computing device The data).
- FIG. 5 shows a flowchart of a method for implementing a secure transition of a computing device state according to an embodiment of the present invention.
- the method includes steps: (1) first receiving A state transition instruction input by the state transition instruction input device 201; (2) sending a transition request to a monitoring device 110; (3) the monitoring device responding to the transition request to verify whether it is a request for identity authentication, If so, an unmaskable interrupt signal is sent to the central processing device 101, otherwise the program returns and is in a waiting state; (4) the central processing device 101 responds to the unmaskable interrupt signal and executes a physically guaranteed unchangeable
- the interrupt service routine (step; the monitoring device described in (5) verifies whether the interrupt service routine being executed is a program stored in a predetermined memory, and after confirming that the computing device is in the primitive of the interrupt service routine, the program continues Otherwise, the program exits; (6) Variable state in the computing device that saves the current state Data in the memory, and sends a completion signal to the monitoring device
- FIG. 6 shows a flowchart of a method for implementing a secure transition of a computing device state according to an embodiment of the present invention.
- the method includes steps: (1) first receiving A state transition instruction input by the state transition instruction input device 201; (2) sending a transition request to a monitoring device 110; (3) the monitoring device responding to the transition request to verify whether it is a request for identity authentication; (4) If the verification is passed, a set signal is sent to a set trigger and set by The trigger sends an unmaskable interrupt signal to the central processing device 101; (5) the central processing device 101 executes a physically guaranteed unchangeable interrupt service routine in response to the unmaskable interrupt signal; (6) the The monitoring device verifies whether the interrupt service routine being executed is a program stored in a predetermined memory, and after confirming that the computing device is in the primitive of the interrupt service routine, the program continues, otherwise the program exits; (7) the current state of the After the data in the variable state register in the computing device is saved, a completion signal is
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Hardware Redundancy (AREA)
- Storage Device Security (AREA)
Description
Claims
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/693,224 US20040088569A1 (en) | 2001-04-27 | 2003-10-24 | Apparatus and a method for securely switching status of a computing system |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB011174013A CN100356350C (zh) | 2001-04-27 | 2001-04-27 | 实现计算设备状态转换装置安全操作的装置和方法 |
CN01117401.3 | 2001-04-27 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2002088954A2 true WO2002088954A2 (fr) | 2002-11-07 |
Family
ID=4662702
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2002/000299 WO2002088954A2 (fr) | 2001-04-27 | 2002-04-27 | Dispositif et procede permettant de realiser une transition d'etat de securite d'un dispositif informatique |
Country Status (3)
Country | Link |
---|---|
US (1) | US20040088569A1 (zh) |
CN (1) | CN100356350C (zh) |
WO (1) | WO2002088954A2 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014015514A1 (zh) * | 2012-07-27 | 2014-01-30 | 华为技术有限公司 | 云终端 |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040221312A1 (en) * | 2003-05-01 | 2004-11-04 | Genesis Microchip Inc. | Techniques for reducing multimedia data packet overhead |
CN1918556A (zh) | 2004-02-05 | 2007-02-21 | Kings情报通信 | 使用安全输入装置驱动器的计算机安全装置和方法 |
CN102867158B (zh) * | 2011-07-07 | 2016-03-30 | 联想(北京)有限公司 | 一种切换内存的方法、装置及具有双***的终端 |
CN109347859A (zh) * | 2018-11-19 | 2019-02-15 | 国网黑龙江省电力有限公司信息通信公司 | 单电缆多显示器的计算机内外网切换方法 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5276863A (en) * | 1991-06-28 | 1994-01-04 | Digital Equipment Corporation | Computer system console |
CN1053507C (zh) * | 1994-10-07 | 2000-06-14 | 邵通 | 计算机硬盘读写控制装置 |
US6061711A (en) * | 1996-08-19 | 2000-05-09 | Samsung Electronics, Inc. | Efficient context saving and restoring in a multi-tasking computing system environment |
JP4072271B2 (ja) * | 1999-02-19 | 2008-04-09 | 株式会社日立製作所 | 複数のオペレーティングシステムを実行する計算機 |
CN1236922A (zh) * | 1999-05-27 | 1999-12-01 | 林光荣 | 存储器分体同时运行多平台计算机 |
AU2001263377B2 (en) * | 2000-05-19 | 2005-03-17 | Vir2Us, Inc. | A computer with switchable components |
US20020129276A1 (en) * | 2001-03-08 | 2002-09-12 | Watts Michael P.C. | Dual network with distributed firewall for network security |
-
2001
- 2001-04-27 CN CNB011174013A patent/CN100356350C/zh not_active Expired - Lifetime
-
2002
- 2002-04-27 WO PCT/CN2002/000299 patent/WO2002088954A2/zh not_active Application Discontinuation
-
2003
- 2003-10-24 US US10/693,224 patent/US20040088569A1/en not_active Abandoned
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014015514A1 (zh) * | 2012-07-27 | 2014-01-30 | 华为技术有限公司 | 云终端 |
Also Published As
Publication number | Publication date |
---|---|
CN100356350C (zh) | 2007-12-19 |
US20040088569A1 (en) | 2004-05-06 |
CN1383069A (zh) | 2002-12-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8909940B2 (en) | Extensible pre-boot authentication | |
US9426147B2 (en) | Protected device management | |
US8566610B2 (en) | Methods and apparatus for restoration of an anti-theft platform | |
JP6505704B2 (ja) | ミドルウェアマシン環境において入出力(i/o)デバイスのホストベースのインバンド/サイドバンドファームウェアアップグレードをサポートするためのシステムおよび方法 | |
US9904557B2 (en) | Provisioning of operating systems to user terminals | |
US7587750B2 (en) | Method and system to support network port authentication from out-of-band firmware | |
US6223284B1 (en) | Method and apparatus for remote ROM flashing and security management for a computer system | |
JP5173436B2 (ja) | コンピュータへのデバイスのバインド | |
US20090319806A1 (en) | Extensible pre-boot authentication | |
US20050010811A1 (en) | Method and system to support network port authentication from out-of-band firmware | |
US9147076B2 (en) | System and method for establishing perpetual trust among platform domains | |
US20080022099A1 (en) | Information transfer | |
JP2008052704A (ja) | コンピュータおよび共有パスワードの管理方法 | |
JP5689429B2 (ja) | 認証装置、および、認証方法 | |
US10853086B2 (en) | Information handling systems and related methods for establishing trust between boot firmware and applications based on user physical presence verification | |
JP2011138279A (ja) | シンクライアントシステム、シンクライアント端末およびシンクライアントプログラム | |
JP2003337736A (ja) | 計算機、ハードディスク装置、複数の該計算機及び共有ハードディスク装置から構成されるディスク装置共有システム、及び該共有システムにおいて利用されるディスク装置の共有方法 | |
JP5220675B2 (ja) | シンクライアントマスタの書換システム、シンクライアントマスタの書換方法、およびシンクライアント | |
US20080177560A1 (en) | ID Lending system, computer-readable recording medium storing ID lending program, and ID lending method | |
US11748520B2 (en) | Protection of a secured application in a cluster | |
WO2002088954A2 (fr) | Dispositif et procede permettant de realiser une transition d'etat de securite d'un dispositif informatique | |
CN117453343A (zh) | 虚拟机度量、机密计算认证方法、设备、***及存储介质 | |
WO2002088955A2 (fr) | Appareil et procede permettant de realiser des transitions d'etats dans un dispositif de calcul | |
CN114296873B (zh) | 一种虚拟机镜像保护方法、相关器件、芯片及电子设备 | |
JP2009020748A (ja) | 機器管理装置、機器管理方法、および機器管理プログラム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: JP |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: JP |