[go: up one dir, main page]

CN112818396A - Method for generating and managing BMC trusted audit log - Google Patents

Method for generating and managing BMC trusted audit log Download PDF

Info

Publication number
CN112818396A
CN112818396A CN202110140019.6A CN202110140019A CN112818396A CN 112818396 A CN112818396 A CN 112818396A CN 202110140019 A CN202110140019 A CN 202110140019A CN 112818396 A CN112818396 A CN 112818396A
Authority
CN
China
Prior art keywords
file
reference value
confidential
firmware
files
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110140019.6A
Other languages
Chinese (zh)
Other versions
CN112818396B (en
Inventor
张建标
张璐
韩利
赵东浩
王艳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Technology
Original Assignee
Beijing University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Technology filed Critical Beijing University of Technology
Priority to CN202110140019.6A priority Critical patent/CN112818396B/en
Publication of CN112818396A publication Critical patent/CN112818396A/en
Application granted granted Critical
Publication of CN112818396B publication Critical patent/CN112818396B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/11File system administration, e.g. details of archiving or snapshots
    • G06F16/116Details of conversion of file system types or formats
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/1805Append-only file systems, e.g. using logs or journals to store data
    • G06F16/1815Journaling file systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Mining & Analysis (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Storage Device Security (AREA)

Abstract

一种BMC可信审计日志的生成与管理方法属于单位核心敏感信息安全技术领域,其特征在于,鉴于该类信息具有层次全、隐蔽性强、变形快、生命周期短、种类多,体量小的特点,本发明以文件收到日、作者密码、关键词的词频组成特征值,构建了一个三级基准值库用于对机密信息类别文件生命周期实施层次式全覆盖,同时又以入库日期作为审计日,以24小时作为审计时频,在提高审计频率的同时扩展了个体机密信息保护时长,因而在面对外部攻击时能快速保护文件的完整性,在面对内部人员窃取文件时的安全性。本发明站在管理员的立场,以审计日志为抓手,以快速消除外部攻击的后果以及阻止内部窃取的源头这两者来同时实现对外部攻击和内部窃密的积极防御。

Figure 202110140019

A method for generating and managing BMC trusted audit logs belongs to the technical field of unit core sensitive information security, and is characterized in that, in view of the fact that this type of information has complete layers, strong concealment, fast deformation, short life cycle, many types, and small volume The invention uses the document receipt date, author password, and word frequency of keywords to form feature values, and builds a three-level benchmark value library to implement hierarchical full coverage of the life cycle of confidential information category files. The date is used as the audit day, and 24 hours is used as the audit time frequency, which increases the audit frequency and extends the protection time of individual confidential information, so it can quickly protect the integrity of files in the face of external attacks, and in the face of internal personnel stealing files. security. The present invention stands in the position of the administrator and takes the audit log as the starting point to quickly eliminate the consequences of external attacks and prevent the source of internal theft to simultaneously realize active defense against external attacks and internal theft.

Figure 202110140019

Description

Method for generating and managing BMC trusted audit log
Technical Field
A method for generating and managing a BMC trusted audit log belongs to the technical field of unit core sensitive information security.
Background
With the increasingly severe network forms, the global opportunity is met, but more significant challenges are met, and the security problem becomes a key concern of all countries. Information security means that an information system can continuously and reliably operate, and currently, security in the whole network environment, particularly data security, protocol security and access security, is deeply valued. The development of the domestic server from the lower global level to the present is gradually improved, and with the more and more developed big data, cloud computing, AI technology and mobile communication, the market of the domestic server requires that the server has higher security, the confidentiality and the integrity of the data are ensured, and the information service provided by the domestic server cannot be interrupted, so that network paralysis is caused.
There are inherent security defects in the servers, one intrusion means is started from the BIOS, and another hidden trouble is the necessary baseboard management controller(s) for each serverBMC.MBaseboard Management Controller), which is a special processor, is used to monitor the physical state of the related components in the server, such as the input/output Interface, the input/output bus, the temperature of the central processing unit, the power state, the fan speed, etc., and is matched with the Intelligent Platform Management Interface (IPMI) so as to facilitate the administrator to better perform the operation and maintenance of the server, including local and remote diagnosis of the server, console support, configuration Management, hardware Management, troubleshooting, etc. Starting from the two aspects, the most basic potential safety hazard can be avoided to the maximum extent.
Obviously, if a BMC bug occurs, the bug will be similar to the bug of the Basic Input Output System (BIOS). The IPMI is a key ring, BMC is controlled, and the list in the server is not lost. In reality, similar BMC hidden dangers occur, and servers of some manufacturers have the risk that BMC does not access through authentication; the BMC of some manufacturers has security holes, so that an intruder can imitate a legal user, check user records and execute transactions; the security hole often provides an entry point for an attacker to access and attack the system without authorization, so as to achieve the purpose of controlling or destroying the system, and recently, the Ministry of industry and trust finds that the BMC management chip of a chip manufacturer in the United states has the security hole, can steal user data to be sent outwards, and cannot be turned off or shielded.
The BMC system is generally only visible to core personnel such as a company administrator, based on the fact that BMC is started trustfully, by analyzing threats faced by BMC, threats which can be solved by existing security strategies are eliminated, and potential safety hazards brought by access control of drilled-in bits (for example, an intruder imitates a legal user, the intruder raises authority, and illegal personnel use an administrator account to falsify data and other illegal subjects to enter a protection area) can be found to be the largest aspect. Aiming at the problems, the invention provides a method for ensuring the credibility and the tamper-proof recovery of the audit log under the requirement of the audit log function of the BMC system, so as to strengthen the audit log protection mechanism of the BMC system and ensure the confidentiality and the integrity of the audit log.
The patent application number CN111478962A entitled "a block chain trusted log storage system" discloses a block chain trusted log storage system, which manages nodes at management nodes of a regional chain system after auditing, submits data requests, forms data operation logs, forms consensus nodes with common nodes after log verification by other nodes, and finally performs consensus verification. The independent hardware module serving as the log storage module authenticates auditing software running under an operating system serving as the log auditing module, and only when the authentication is passed, the auditing software is allowed to access a memory serving as a log storage unit, so that the hidden danger that a third-party tool possibly tampers the log is eliminated. The scheme is mainly innovated for registration and audit of the block chain nodes, but does not show how the credibility of the log is realized through storage of the block chain and how the log is verified and accessed. The BMC system is a system for managing a server and has strong privacy, generally exists only in a local area network, and is not suitable for introducing a block chain to ensure the credibility of a log.
The patent application number CN111858528A entitled BMC log collection and management method, system, terminal and storage medium proposes setting a log compressed file naming rule by setting a storage capacity peak value, a size limit of each log compressed file and a number limit value of the log compressed file which is stored at most once of a log storage system, formulating a log storage rule according to a tag, the storage capacity peak value, the number limit value and the size limit of the name of the log compressed file, acquiring a new log compressed file after the log storage system is started, and managing the log compressed file according to the formulated naming rule and the formulated storage rule. The method mainly aims at saving and managing the log files and adjusting the saving quantity and size of the log files, but the method does not consider the integrity and credibility of the BMC log and mainly aims at the characteristic of small BMC storage space to compress and manage the log and store the log as much as possible.
The patent application number CN108322306A entitled "cloud platform credible log auditing method facing privacy protection based on credible third party" provides collection and safe transmission of audit logs based on credible hardware cloud platform, generation and release of verification data structure of the audit logs of the third party, audit log verification facing cloud service providers and cloud users, and reliable collection and transmission of the audit logs. However, the method belongs to the field of cloud computing, and is huge for user groups, wherein although a measure of trusted verification is mentioned, recovery after log integrity is damaged in the method cannot be achieved.
On the basis of ensuring the credibility of the audit log, most of the schemes put forward that the log is stored on a block chain for reading and displaying, and the integrity of the log record is ensured through decentralization. The block chain has the characteristics of transparency in disclosure, incapability of ensuring the confidentiality of log contents and great limitation, for example, the security of the public block chain cannot be ensured, the cost for building the block chain by a private person is too high, and enough blocks need to be provided. The block chain technology is not perfect at present, the block chain stored in the log is difficult to delete, and the data storage consumption is extremely large. In the audit log generation scheme, few audit log generation schemes refer to protecting the confidentiality and the integrity of the log, and optimization processing is only performed on the problem of storage space.
However, in the prior art, the problem of how to stand on the standpoint of an administrator and take an audit log as a hand grip to protect the integrity and the security of unit core secrets and how to quickly solve the problem of text information security caused by external attack and internal stealing does not exist. For enterprises, the core secrets at least comprise business secrets and key technology secrets, and the secrets have the characteristics of complete hierarchy, strong imperceptibility, fast deformation, short life cycle, multiple types and small volume.
Disclosure of Invention
The invention aims to provide a solution of an audit log suitable for protecting the integrity and the safety of core sensitive files of enterprises and public institutions.
The invention is characterized in that the method is established on the basis of trusted start and is hung on a UEFIBIOS confidential firmware file system on an inner core, stands on the standpoint of an administrator when facing external attack destroying the integrity of a file or internal stealing losing the confidentiality of the file, and takes an audit log as a gripper, and is realized in a confidential firmware file audit log management system of a BMC and a system for short as follows in sequence:
step (1) constructing a system, which comprises the following steps: management processor, CPU for short, of BMC confidentiality firmware fileBMC.MThe system comprises a database set, a reference value calculation module, an original secret firmware file formatting module and a secret firmware file extraction module, wherein:
BMC confidential firmware File System management processor, excluding CPUBMC.MIn addition, one is stored
A three-level reference value management tree, wherein:
a root node represented by a reference value of the UEFIBIOS confidentiality file firmware system,
the middle level node is respectively expressed by two reference values corresponding to the management of two types of audit logs, namely a business secret type audit log and a key technology type audit log,
leaf nodes which are a set of reference values of the confidentiality firmware files respectively corresponding to the two middle-layer nodes,
meanwhile, the authority of authorized extraction of various files is set,
the database set comprises a UEFIBIOS system confidentiality firmware file database, an audit log database, a backup database of the audit log database and a reference value database, wherein:
the UEFIBIOS system secret firmware file database is a kind of file format module in CPUBMC.MThe database is formatted under control, and the array of the confidential firmware file of the UEFIBIOS system obtained after formatting is as follows: [ date received, service type, file name, author, and file source],
An audit log database for respectively corresponding to the system audit log of the root node, the audit log of each middle layer node and the audit of each confidential firmware file of each type of leaf node
A log, wherein:
the system audit log is expressed by an array of values (audit date, audit log forming date, administrator password, system reference value corresponding to the reference value of various confidential firmware files at present),
the two types of audit logs corresponding to the two service classes are expressed by an array [ audit date, audit log generation date, administrator password, service class, class reference value corresponding to the reference value of each confidential document of the current class ],
the audit logs of confidential firmware files belonging to the same category are represented by an array [ file number, file name, audit date, audit log forming date, administrator password and file characteristic value ], wherein the file characteristic value is formed by sequentially connecting file receiving date, file author password and first three-digit keywords with high word frequency in the file in series.
The reference value calculation module comprises three submodules, namely single secret firmware file reference value calculation, reference value calculation of each service class and system reference value calculation, wherein:
the calculation of the reference value of the single confidential firmware file is realized by the following steps:
(a) the characteristic values of the individual confidential firmware files are constructed,
(b) expanding the eigenvalue obtained in step (a) into an expanded eigenvalue code sequence of 160 bits by using an expansion extension algorithm SHA1,
(c) calculating the hash value of the expanded characteristic value code sequence obtained in the step (b) by using a hash algorithm, namely the hash value is the reference value of a single confidential firmware file and is used for judging the integrity and the authenticity of the file,
the reference value calculation submodule of each service class is implemented according to the following steps:
(a) the reference values of all the confidential firmware files in the category are connected in series according to a set sequence to form the characteristic values of all the confidential firmware files in the category, the reference values of all the confidential firmware file sets are calculated by the method in the step (b) -the step (c) in the single confidential firmware file reference value calculation submodule of the category, and the method is used for judging the integrity and the credibility of the confidential firmware files under the category,
the system reference value calculation submodule is used for calculating the reference value according to the following steps:
(a) the reference values of all service classes in the system are concatenated into the characteristic values of all the confidential firmware files of the system according to a set sequence, the system reference values of all the classes of confidential firmware file sets are calculated by the method in the steps (b) to (c) in a single confidential firmware file reference value calculation submodule and are used for judging the integrity and the credibility of the confidential firmware files of the system,
three different reference values output by the three reference value calculation submodules form a three-level reference value tree which is stored in the reference value database,
the confidential firmware file extraction module is provided with a mapping table consisting of four parameters of file extraction authority, file reference value and file storage address field which are uniformly set and granted by a request extractor-system so as to prevent internal illegal personnel from stealing confidential files and damaging the security of the files on the premise of not influencing the legal use of the files,
an original secret firmware file formatting module for use in a CPUBMC.MUnder the control, the input confidential firmware files are transformed into formatted files of the single confidential firmware file audit logs according to the content and the format of the confidential firmware file audit logs corresponding to the categories one by one,
step (2) managing the credible audit log of the BMC firmware file according to the following steps in sequence:
step (2.1) system initialization:
taking the file storage date as an audit date, taking 24 hours as sampling intervals, calculating initial reference values based on file characteristic values of each node in the three-level reference value tree in the initialization date by counting the exit number and the entry number of the files in one day and the number of actual stock files, thereby forming an initialized initial three-level reference value tree which is added into a corresponding audit log,
step (2.2) at the end of the second day, calculating the dynamic reference value of each node in the three-level reference value tree by the same method, writing the dynamic reference value into a three-level audit log formed on the second day,
step (2.3) two reference values in the audit logs in two consecutive days are compared, and judgment is carried out:
if all the reference values are the same, the reference values in the audit logs corresponding to the three-level reference value tree are not changed,
if at least one is different, it shows that at least one file in the corresponding category is attacked from outside, the integrity is lost, and the CPUBMC.MUnder the control, the audit logs of the initial reference value in the audit logs corresponding to the backup library are corrected,
step (2.4) in the three-level reference value tree, after the integrity of the file in the audit log corresponding to the reference value of each node is ensured, in the CPUBMC.MUnder control, if the confidential firmware file is received from the confidential firmware file extraction moduleA request for the extraction of the file is made,
step (2.5) CPUBMC.MAccording to the file category and range authorized to be extracted from the extraction module, CPUBMC.MAnd (3) judging:
if the file extraction authority of the person requesting extraction meets the preset authorization authority, the extraction module is authorized to extract, otherwise, the extraction module is informed to refuse extraction, so that the security of the file is protected.
In the confidential firmware file audit log management system of the BMC, a quit management module of confidential firmware files is also arranged, and the quit management module takes the day as a unit and sends the confidential firmware files to the CPU every dayBMC.MDeclaring membership class, file name and number of files of the exited confidential firmware file for CPUBMC.MDeleted from the corresponding database in the database collection while in the CPUBMC.MAnd under the control, correcting the corresponding reference values of all levels in the three-level reference value management tree.
The invention has the advantages that:
1. the invention starts from the restoration of the integrity of the file when the file is attacked from the outside, ensures the security of the file when the file is stolen by internal personnel, and has stronger feasibility compared with the method of cutting in from an intrusion means.
2. Starting from the audit log of the file, the problems of quick restoration of the integrity of the file and avoidance of damage to the security of the file are synchronously solved.
3. The invention uses the characteristic values which are composed of the warehousing time, the author password and the word frequency of the keywords and integrates the three parameters of the timeliness, the sociality and the word frequency to define the characteristic information of the file, and has strong individuality and identifiability.
4. A reference value formed after expansion, extension and encryption of the characteristic value is taken as an element, a three-level reference value tree is provided, the reference value tree is taken as a framework, and a file exit and update mechanism is combined. Therefore, the hierarchical full coverage is realized on the life cycle of the classified files of the confidential information, so that the omnibearing protection is implemented.
5. The warehousing date is used as the auditing date, and the date is used as the auditing time frequency, so that the individual protection duration is prolonged, and the auditing frequency is improved.
Therefore, the core secret of the enterprise and public institution has the characteristics of complete hierarchy, strong concealment, multiple types, small volume, quick change and short life cycle, and has the advantages of high feasibility, wide coverage, wide adaptability and high efficiency.
Drawings
FIG. 1 is a block diagram of the system architecture of the present invention;
FIG. 2 is a block diagram of the main program flow of the present invention;
FIG. 3 is a three-level reference library architecture of the present invention.
Detailed Description
In order to enable a person skilled in the art to better understand the technical scheme of the present invention, the following clearly and specifically describes the technical scheme of the present invention with reference to the accompanying drawings in the embodiments of the present invention.
Firstly, the system is initialized, the file entry date is used as the audit date, the number of the exit files and the number of the actual stock files after the entry are counted in one day by taking 24 hours as the sampling interval.
Step 2, in the CPUBMC.MUnder the control, the confidential firmware file formatting module formats the input confidential firmware files one by one to generate an original confidential firmware file;
step 3, the confidential firmware file formatting module is in the CPUBMC.MRespectively sending the original secret firmware files to a system secret firmware file database storage and reference value calculation module to calculate reference values under control;
step 4, a single secret firmware file reference value calculation submodule of the reference value calculation module constructs a characteristic value of a single secret firmware file according to the input original secret firmware file, expands the characteristic value into a code sequence of 160 bits by using an SHA1 characteristic value, and calculates a hash value of the characteristic value code sequence as the reference value of the single secret firmware file by using a hash algorithm;
step 5, the standard value calculation submodule of each service class classifies the confidential firmware files according to commercial confidential classes and key technology classes, respectively concatenates the standard values of the confidential firmware files in each class into the characteristic value of each class of confidential firmware files according to the set sequence, and calculates the standard values of all the confidential firmware file sets;
step 6, the system reference value calculation submodule connects the reference values of two service classes in the system in series into the characteristic values of all the confidential firmware files of the system according to the set sequence, and calculates the reference values of all the confidential firmware file sets;
and 7, step 7: the reference value calculation module outputs a three-level reference value tree as shown in fig. 2, stores the three-level reference value tree into the reference value database, and simultaneously sends data to the audit log database and the audit log backup library to be written into the system audit logs of the root nodes, the audit logs of the middle-layer nodes and the audit logs of the confidential firmware files of the leaf nodes which respectively correspond to the audit log database and the audit log backup library;
the above is the flow of generating the reference value and generating the audit log, and the following is the flow of managing the audit log and the confidential firmware file.
Step 1: generating a reference value in the second day, comparing the reference values in the audit logs in the successive and adjacent second days, if all the reference values are the same, the integrity of the corresponding audit logs in the third-level reference value base is not changed, otherwise, indicating that at least one file in the corresponding category is attacked;
step 2: if the file is detected to be attacked from the outside, the CPUBMC.MUnder control, reading the audit logs of the initial reference value in the corresponding audit logs from the backup library for recovery;
when the user extracts the confidential firmware file, the legal extraction judgment is carried out, and the process is as follows:
step 1: CPU (central processing unit)BMC.MWill receive the file that the confidential firmware file extracts the module and sends and extract the request;
step 2: CPU (central processing unit)BMC.MJudging whether the file is in the list of authorized extractors based on the file type and range of authorized extractors from the extracting module, and CPUBMC.MSending an extraction control instruction to the extraction module;
and 3, step 3: if so, CPUBMC.MSending an authorized extraction instruction, and carrying out legal extraction after the extraction module receives the instruction;
and 4, step 4: if not, CPUBMC.MAnd sending an extraction rejection instruction, and after receiving the instruction, the extraction module carries out unauthorized extraction warning.
When the confidential firmware file is quitted from management, the CPUBMC.MAnd deleting files from the corresponding databases in the database set, and simultaneously correcting the corresponding reference values in the three-level reference value management tree under the control of the CPUBMC.
It should be understood that although the description is made in terms of embodiments, not every embodiment includes only a single embodiment, and such description is for clarity only, and those skilled in the art will recognize that the embodiments described herein may be combined as appropriate, and implemented as would be understood by those skilled in the art.
The above-listed series of detailed descriptions are merely specific illustrations of possible embodiments of the present invention, and they are not intended to limit the scope of the present invention, and all equivalent embodiments or modifications that do not depart from the technical spirit of the present invention should be included within the scope of the present invention.

Claims (2)

1. A method for generating and managing a BMC trusted audit log is characterized in that the method is established on the basis of trusted start and is attached to a UEFIBIOS confidential firmware file system on an inner core, stands on the standpoint of an administrator when external attacks damaging the integrity of files or internal stealing losing the confidentiality of the files face, and is provided by taking the audit log as a hand grip, and is realized in a confidential firmware file audit log management system of a BMC and a system for short in the following steps in sequence:
step (1) constructing a system, which comprises the following steps: management processor, CPU for short, of BMC confidentiality firmware fileBMC.MDatabase collection, reference value calculation module, original secret firmware file formatting module, and secret firmware file extractionA module, wherein:
BMC confidential firmware File System management processor, excluding CPUBMC.MIn addition, a three-level reference value management tree is stored, wherein:
a root node represented by a reference value of the UEFIBIOS confidentiality file firmware system,
the middle level node is respectively expressed by two reference values corresponding to the management of two types of audit logs, namely a business secret type audit log and a key technology type audit log,
leaf nodes which are a set of reference values of the confidentiality firmware files respectively corresponding to the two middle-layer nodes,
meanwhile, the authority of authorized extraction of various files is set,
the database set comprises a UEFIBIOS system confidentiality firmware file database, an audit log database, a backup database of the audit log database and a reference value database, wherein:
the UEFIBIOS system secret firmware file database is a kind of file format module in CPUBMC.MThe database is formatted under control, and the array of the confidential firmware file of the UEFIBIOS system obtained after formatting is as follows: [ date received, service type, file name, author, and file source],
An audit log database, which is respectively corresponding to a system audit log of a root node, audit logs of each middle-layer node and audit logs of each confidential firmware file of each type of leaf node, wherein:
the system audit log is expressed by an array of values (audit date, audit log forming date, administrator password, system reference value corresponding to the reference value of various confidential firmware files at present),
the two types of audit logs corresponding to the two service classes are expressed by an array [ audit date, audit log generation date, administrator password, service class, class reference value corresponding to the reference value of each confidential document of the current class ],
the audit logs of confidential firmware files belonging to the same category are represented by an array [ file number, file name, audit date, audit log forming date, administrator password and file characteristic value ], wherein the file characteristic value is formed by sequentially connecting file receiving date, file author password and first three-digit keywords with high word frequency in the file in series.
The reference value calculation module comprises three submodules, namely single secret firmware file reference value calculation, reference value calculation of each service class and system reference value calculation, wherein:
the calculation of the reference value of the single confidential firmware file is realized by the following steps:
(a) the characteristic values of the individual confidential firmware files are constructed,
(b) expanding the eigenvalue obtained in step (a) into an expanded eigenvalue code sequence of 160 bits by using an expansion extension algorithm SHA1,
(c) calculating the hash value of the expanded characteristic value code sequence obtained in the step (b) by using a hash algorithm, namely the hash value is the reference value of a single confidential firmware file and is used for judging the integrity and the authenticity of the file,
the reference value calculation submodule of each service class is implemented according to the following steps:
(a) the reference values of all the confidential firmware files in the category are connected in series according to a set sequence to form the characteristic values of all the confidential firmware files in the category, the reference values of all the confidential firmware file sets are calculated by the method in the step (b) -the step (c) in the single confidential firmware file reference value calculation submodule of the category, and the method is used for judging the integrity and the credibility of the confidential firmware files under the category,
the system reference value calculation submodule is used for calculating the reference value according to the following steps:
(a) the reference values of all service classes in the system are concatenated into the characteristic values of all the confidential firmware files of the system according to a set sequence, the system reference values of all the classes of confidential firmware file sets are calculated by the method in the steps (b) to (c) in a single confidential firmware file reference value calculation submodule and are used for judging the integrity and the credibility of the confidential firmware files of the system,
three different reference values output by the three reference value calculation submodules form a three-level reference value tree which is stored in the reference value database,
the confidential firmware file extraction module is provided with a mapping table consisting of four parameters of file extraction authority, file reference value and file storage address field which are uniformly set and granted by a request extractor-system so as to prevent internal illegal personnel from stealing confidential files and damaging the security of the files on the premise of not influencing the legal use of the files,
an original secret firmware file formatting module for use in a CPUBMC.MUnder the control, the input confidential firmware files are transformed into formatted files of the single confidential firmware file audit logs according to the content and the format of the confidential firmware file audit logs corresponding to the categories one by one,
step (2) managing the credible audit log of the BMC firmware file according to the following steps in sequence:
step (2.1) system initialization:
taking the file storage date as an audit date, taking 24 hours as sampling intervals, calculating initial reference values based on file characteristic values of each node in the three-level reference value tree in the initialization date by counting the exit number and the entry number of the files in one day and the number of actual stock files, thereby forming an initialized initial three-level reference value tree which is added into a corresponding audit log,
step (2.2) at the end of the second day, calculating the dynamic reference value of each node in the three-level reference value tree by the same method, writing the dynamic reference value into a three-level audit log formed on the second day,
step (2.3) two reference values in the audit logs in two consecutive days are compared, and judgment is carried out:
if all the reference values are the same, the reference values in the audit logs corresponding to the three-level reference value tree are not changed,
if at least one is different, it shows that at least one file in the corresponding category is attacked from outside, the integrity is lost, and the CPUBMC.MUnder the control, the audit logs of the initial reference value in the audit logs corresponding to the backup library are corrected,
step (2.4) in the three-level reference value tree, corresponding to the reference value of each nodeAfter the integrity of the files in the audit log is ensured, the files are transmitted to the CPUBMC.MUnder the control, if a file extraction request from the confidential firmware file extraction module is received,
step (2.5) CPUBMC.MAccording to the file category and range authorized to be extracted from the extraction module, CPUBMC.MAnd (3) judging:
if the file extraction authority of the person requesting extraction meets the preset authorization authority, the extraction module is authorized to extract, otherwise, the extraction module is informed to refuse extraction, so that the security of the file is protected.
2. The method as claimed in claim 1, wherein a log management module for auditing confidential firmware files is further provided, and the log management module is configured to log the confidential firmware files in a daily manner to the CPUBMC.MDeclaring membership class, file name and number of files of the exited confidential firmware file for CPUBMC.MDeleted from the corresponding database in the database collection while in the CPUBMC.MAnd under the control, correcting the corresponding reference values of all levels in the three-level reference value management tree.
CN202110140019.6A 2021-02-02 2021-02-02 A method for generating and managing BMC trusted audit logs Active CN112818396B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110140019.6A CN112818396B (en) 2021-02-02 2021-02-02 A method for generating and managing BMC trusted audit logs

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110140019.6A CN112818396B (en) 2021-02-02 2021-02-02 A method for generating and managing BMC trusted audit logs

Publications (2)

Publication Number Publication Date
CN112818396A true CN112818396A (en) 2021-05-18
CN112818396B CN112818396B (en) 2024-02-02

Family

ID=75861349

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110140019.6A Active CN112818396B (en) 2021-02-02 2021-02-02 A method for generating and managing BMC trusted audit logs

Country Status (1)

Country Link
CN (1) CN112818396B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115599755A (en) * 2022-09-27 2023-01-13 四川君诚互动科技有限公司(Cn) Storage system for audio, video and document
CN119783638A (en) * 2024-11-28 2025-04-08 浪潮云信息技术股份公司 A method for generating intelligent official documents based on large models and knowledge base

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10015015B1 (en) * 2014-09-30 2018-07-03 EMC IP Holding Company LLC Method and apparatus for verifying system log integrity
CN108322306A (en) * 2018-03-17 2018-07-24 北京工业大学 A kind of cloud platform reliable journal auditing method towards secret protection based on trusted third party
CN109561110A (en) * 2019-01-19 2019-04-02 北京工业大学 A kind of cloud platform audit log guard method based on SGX
CN109740353A (en) * 2019-01-03 2019-05-10 北京工业大学 A kind of credible starting method of the BMC firmware of server

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10015015B1 (en) * 2014-09-30 2018-07-03 EMC IP Holding Company LLC Method and apparatus for verifying system log integrity
CN108322306A (en) * 2018-03-17 2018-07-24 北京工业大学 A kind of cloud platform reliable journal auditing method towards secret protection based on trusted third party
CN109740353A (en) * 2019-01-03 2019-05-10 北京工业大学 A kind of credible starting method of the BMC firmware of server
CN109561110A (en) * 2019-01-19 2019-04-02 北京工业大学 A kind of cloud platform audit log guard method based on SGX

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
成茂才;徐开勇;: "基于可信计算平台的审计日志安全存储系统", 计算机科学, no. 06 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115599755A (en) * 2022-09-27 2023-01-13 四川君诚互动科技有限公司(Cn) Storage system for audio, video and document
CN119783638A (en) * 2024-11-28 2025-04-08 浪潮云信息技术股份公司 A method for generating intelligent official documents based on large models and knowledge base

Also Published As

Publication number Publication date
CN112818396B (en) 2024-02-02

Similar Documents

Publication Publication Date Title
US8639947B2 (en) Structure preserving database encryption method and system
CN110287262A (en) Bitcoin transaction query method that effectively protects user privacy
CN109726578B (en) Dynamic two-dimensional code anti-counterfeiting solution
CN102111267A (en) Website safety protection method based on digital signature and system adopting same
CN104239820A (en) Secure storage device
CN107154939A (en) A kind of method and system of data tracing
CN118631552A (en) A computer network security protection method
CN116032464A (en) A Property Data Encryption System Based on Quantum Communication
CN114881469A (en) Performance assessment and management system and method for enterprise workers
Gao et al. Similarity-based secure deduplication for IIoT cloud management system
CN101540704B (en) Unreliable DBMS malicious intrusion detection system and method
CN104484628A (en) Multi-application intelligent card with encryption and decryption functions
CN112818396A (en) Method for generating and managing BMC trusted audit log
Yu [Retracted] Encryption Technology for Computer Network Data Security Protection
Min-Hyuck et al. Trends in mobile ransomware and incident response from a digital forensics perspective
CN116432193A (en) Financial database data protection transformation method and financial data protection system thereof
CN118018326B (en) Data security encryption method and system based on distributed storage
CN119155120A (en) Encryption system and method for file management security measures
CN114567502B (en) System for trusted security log management in communication network based on process control
CN118784335A (en) A USB security isolation method and system
CN116467388A (en) System and method for maintaining consistency of shared files based on blockchain
CN113037743B (en) Encryption method and system for cloud server file
CN116894259A (en) A secure access control system for databases
CN116702188A (en) Management and control platform data management method and system
CN117708878B (en) ORAM (object oriented authentication and privacy preserving) function-based copyright information trusted retrieval method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant