Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Embedded partition image security authentication and kernel trusted boot method and device thereof

An embedded device and security certification technology, which is applied in computer security devices, instruments, electrical digital data processing, etc., can solve problems such as inability to verify security, and achieve the effect of ensuring the uniqueness of data

Active Publication Date: 2017-11-10
HANGZHOU BYTE INFORMATION TECH CO LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] like image 3 and 4 As shown, the current embedded system partitions generally include: U-Boot, Boot, Ramdisk, Recovery, System, Userdata, etc. The contents of the partitions only include the corresponding image original data, and they cannot be checked for safety
[0006] Based on the above, in terms of software, there are currently many intrusion risks in embedded systems or products.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Embedded partition image security authentication and kernel trusted boot method and device thereof
  • Embedded partition image security authentication and kernel trusted boot method and device thereof
  • Embedded partition image security authentication and kernel trusted boot method and device thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] The present invention will be described in further detail below in conjunction with the accompanying drawings, but it is not intended to limit the protection scope of the present invention.

[0050] The present invention provides a set of new embedded system partition image security authentication, operating system kernel trustworthy guidance mechanism, this technical scheme is designed based on the embedded device platform of Android system; The loading domain has been security reinforced and reconstructed according to specific rules, including: realizing the system power-on and initialization phase, ensuring DMA / MMU / MPU / CACHE (I-CACHE / D-CACHE) / DDR / JTAG and other system storage, Physical isolation of processor cache and on-chip debugging system, system access control, etc., to prevent intruders from "bypass attacks" at this stage through physical technology, bus detection, etc., to ensure that the U-Boot partition is not maliciously tampered with; realize U-Boot The im...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an embedded type partition image security certification and kernel trusted boot method. Based on an embedded type equipment platform of the Android system, on the premise that the system power, the system Bootloader guide and kernel loading and starting are secure and trusted, security reinforcement is conducted to the system in a mode that system partition and kernel verification are combined. According to the method, the system power, the Bootloader, the kernel partition Layout and part of loading areas are subjected to the security reinforcement and reconstitution according to specific rules. The invention provides a set of novel embedded type system partition image security certification and operation system kernel trusted boot method based on security hardware, multi-layer reinforcement is conducted to the starting process of the embedded type system, the BOOTLOADER, the operation system kernel, the file system data or application program data of the system are prevented from malicious hijack or tamper, and the using security of the embedded type equipment is protected.

Description

technical field [0001] The invention belongs to the field of embedded system security, in particular to an embedded partition image security authentication and kernel trusted guidance method and equipment thereof. Background technique [0002] Embedded system application development is different from PC. Its development process involves both software and hardware. It needs to consider the design of hardware platform, operating system and upper layer application development comprehensively. Due to application and cost constraints, the hardware platform of the embedded system needs to be tailored according to the application. Usually, there are many options for PMU, memory, peripherals, etc., and the special software debugging technology makes the operating system of the embedded platform diversified. And the difference is relatively large, but the whole process from power-on to system startup of various embedded operating systems, that is, the booting and starting process of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/51
CPCG06F21/51G06F2221/033
Inventor 毛伟信徐礼定
Owner HANGZHOU BYTE INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products