[go: up one dir, main page]

TWI778320B - Method and system of automatically launch a secure of the operating system - Google Patents

Method and system of automatically launch a secure of the operating system Download PDF

Info

Publication number
TWI778320B
TWI778320B TW109101408A TW109101408A TWI778320B TW I778320 B TWI778320 B TW I778320B TW 109101408 A TW109101408 A TW 109101408A TW 109101408 A TW109101408 A TW 109101408A TW I778320 B TWI778320 B TW I778320B
Authority
TW
Taiwan
Prior art keywords
operating system
startup
host device
hard disk
booting
Prior art date
Application number
TW109101408A
Other languages
Chinese (zh)
Other versions
TW202129494A (en
Inventor
簡愛卉
Original Assignee
立端科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 立端科技股份有限公司 filed Critical 立端科技股份有限公司
Priority to TW109101408A priority Critical patent/TWI778320B/en
Publication of TW202129494A publication Critical patent/TW202129494A/en
Application granted granted Critical
Publication of TWI778320B publication Critical patent/TWI778320B/en

Links

Images

Landscapes

  • Selective Calling Equipment (AREA)
  • Devices For Checking Fares Or Tickets At Control Points (AREA)
  • Stored Programmes (AREA)

Abstract

The present invention provides a system of automatically launch a secure of the operating system. The system is applied in a host electronic device that has a first hard drive and at least one second hard drive, wherein the first hard drive is installed with an operating system that is a predetermined main operating system of the host electronic device, and the second hard drive is installed with a backup operating system. The system of the present invention comprises: a memory unit storing with a boot certificate of operating system, a watchdog unit and a control unit. During a boot procedure of the host electronic device, the control unit conducts a method of safety launching operating system to determine whether the immediate main operating system of the host electronic device is trustable or not, so as to set the backup operating system to be the main operating system of the host electronic device in case of the immediate main operating system of the host electronic device is detected to be trustless, thereby guaranteeing that the host electronic device can be successfully booted.

Description

具有自動啟動安全作業系統的啟動方法及其啟動系統 Start-up method with automatic start-up safe operating system and start-up system thereof

本發明係關於一種主機設備安全性啟動檢測的方法,尤指一種具有自動啟動安全作業系統的啟動方法及其啟動系統。 The present invention relates to a method for detecting security startup of a host device, in particular to a startup method and startup system with automatic startup of a secure operating system.

一般而言,基本輸出入系統(Basic Input Output System,BIOS)主要儲存於快閃記憶體中並預安裝於主機板上,其在主機啟動階段執行硬體初始化以及提供作業系統運行時不可或缺的韌體,其BIOS的設定與作業系統之硬體具有關連性,若作業系統之硬體有變更的話該主機就無法順利開啟。 Generally speaking, the Basic Input Output System (BIOS) is mainly stored in the flash memory and pre-installed on the motherboard. It is indispensable for performing hardware initialization and providing the operating system during the boot phase of the host. The firmware of the BIOS is related to the hardware of the operating system. If the hardware of the operating system is changed, the host cannot be turned on smoothly.

但是隨著資訊技術的發展,不同功能的系統其所認定自身系統正常安全的定義也不同,其系統的BIOS須透過手動變更設定控制中央處理單元(CPU)和各相關周邊裝置之設定。 However, with the development of information technology, systems with different functions have different definitions of the normal security of their own systems. The BIOS of the system must manually change the settings to control the settings of the central processing unit (CPU) and related peripheral devices.

因此,有鑑於作業系統因為不同設備而產生不同的BIOS,本案之發明人係極力加以研究發明創作,而終於研發完成本發明之一種具有自動啟動安全作業系統的啟動方法及其啟動系統。 Therefore, considering that the operating system generates different BIOSes due to different devices, the inventor of this case has made great efforts to research and create, and finally developed a startup method and a startup system with automatic startup of a secure operating system of the present invention.

本發明提供一種具有自動啟動安全作業系統的啟動系統,應用於一主機設備之中。其中,該主機設備具有一第一硬碟與至少一第二硬碟,該第一硬碟安裝有一作業系統優先作為當前作業系統,且所述第二硬碟安裝有備用作業系統。本發明所述之啟動系統包括:一記憶單元、一監視單元以及一控制單元,其中該記憶單元儲存有一作業系統啟動憑證。其中,在該主機設備進行開機程序的過程中,該控制單元依本發明所設計的一啟動方法檢測該主機設備的當前作業系統,從而在該當前作業系統不被信任時自動地將備用作業系統切換成該主機設備的當前作業系統,使該主機設備可以順利地完成開機。。 The present invention provides a startup system with an automatic startup safety operating system, which is applied to a host device. Wherein, the host device has a first hard disk and at least one second hard disk, the first hard disk is installed with an operating system that is preferably used as the current operating system, and the second hard disk is installed with a backup operating system. The startup system of the present invention includes: a memory unit, a monitoring unit and a control unit, wherein the memory unit stores an operating system startup certificate. Wherein, in the process of the host device performing the booting procedure, the control unit detects the current operating system of the host device according to a startup method designed by the present invention, so that when the current operating system is not trusted, the backup operating system is automatically Switch to the current operating system of the host device, so that the host device can be successfully powered on. .

因此,為了達成本發明上述之目的,本案之發明人提出一種具有自動啟動安全作業系統的啟動方法,係包括:(1)基本輸出入系統依據一系統啟動安全憑證對一主機設備的一當前作業系統進行一作業系統啟動驗證;(2)確認所述作業系統啟動驗證是否通過,若是則執行步驟(4),若否則執行步驟(3);(3)基本輸出入系統改令一備用作業系統作為該主機設備的該當前作業系統,接著重複執行該步驟(1);(4)在所述作業系統啟動驗證通過的情況下,啟用一監視單元進行開機計時,且該當前作業系統啟動時,依據一安全憑證進行一自我安全性檢查; (5)當前作業系統啟動並確認所述自我安全性檢查是否通過以及是否於計時時限內完成啟動,若是則執行步驟(7),若否則監視單元於逾時後執行步驟(6);(6)基本輸出入系統改令一備用作業系統作為該主機設備的該當前作業系統並重新啟動該主機設備,接著重複執行該步驟(1);以及(7)完成該主機設備及該當前作業系統的開機程序,該當前作業系統停止該監視單元之開機計時。 Therefore, in order to achieve the above-mentioned object of the present invention, the inventor of this case proposes a startup method with automatic startup of a secure operating system, which includes: (1) a basic input/output system starts a current operation of a host device with a security certificate according to a system The system performs an operating system startup verification; (2) confirms whether the operating system startup verification is passed, and if so, executes step (4), if otherwise, executes step (3); (3) the basic I/O system is changed to a standby operating system As the current operating system of the host device, the step (1) is then repeatedly performed; (4) in the case that the operating system startup verification is passed, a monitoring unit is enabled to perform boot timing, and when the current operating system is started, performing a self-security check based on a security credential; (5) Start the current operating system and confirm whether the self-security check is passed and whether the startup is completed within the time limit, if so, execute step (7), otherwise, the monitoring unit executes step (6) after the timeout; (6) ) BIOS changes to make a standby operating system as the current operating system of the host device and restarts the host device, and then repeats the steps (1); and (7) completes the process of the host device and the current operating system Start-up procedure, the current operating system stops the start-up timing of the monitoring unit.

為了達成本發明上述之目的,本案之發明人又提出一種具有自動啟動安全作業系統的啟動系統,係用於一主機設備,並包括:一記憶單元,存儲一系統啟動安全憑證;一監視單元;以及一控制單元,耦接該記憶單元與該監視單元,且該控制單元執行如請求項1所述之具有自動啟動安全作業系統的啟動方法,使該主機設備完成開機。 In order to achieve the above-mentioned purpose of the present invention, the inventor of this case further proposes a startup system with an automatic startup security operating system, which is used in a host device, and includes: a memory unit for storing a system startup security certificate; a monitoring unit; and a control unit, which is coupled to the memory unit and the monitoring unit, and the control unit executes the startup method with automatic startup of the security operating system as described in claim 1, so that the host device completes booting.

<本發明> <The present invention>

2:主機設備 2: Host device

21:第一硬碟 21: The first hard disk

211:作業系統 211: Operating System

22:第二硬碟 22: Second hard drive

221:備用作業系統 221: Alternate operating system

23:第三硬碟 23: The third hard drive

231:備用作業系統 231: Alternate Operating System

11:BIOS晶片 11: BIOS chip

14:監視單元 14: Monitoring unit

15:控制單元 15: Control unit

S1~S7:方法步驟 S1~S7: Method steps

圖1為本發明之具有自動啟動安全作業系統的啟動系統的架構圖;以及圖2A與圖2B為本發明之具有自動啟動安全作業系統的啟動方法的流程圖。 FIG. 1 is a schematic diagram of a startup system with an automatic startup of a secure operating system according to the present invention; and FIGS. 2A and 2B are flowcharts of a startup method with an automatic startup of a secure operating system according to the present invention.

為了能夠更清楚地描述本發明所提出之一種具有自動啟動安全作業系統的啟動方法及其啟動系統,以下將配合圖式,詳盡地說明本發明之較佳實施例。 In order to more clearly describe a startup method with an automatic startup of a safe operating system and a startup system thereof proposed by the present invention, the preferred embodiments of the present invention will be described in detail below with reference to the drawings.

請參閱圖1,圖1為本發明之具有自動啟動安全作業系統的啟動系統的架構圖。如圖1所示,具有自動啟動安全作業系統的啟動系統係用於一主機設備2,其中,該主機設備2的一第一硬碟21係安裝一作業系統211,且該主機設備2具有至少一備用作業系統。舉例而言,圖1繪示該主機設備2的一第二硬碟22係安裝一備用作業系統221,且該主機設備2的一第三硬碟23係安裝一備用作業系統231。 Please refer to FIG. 1 . FIG. 1 is a schematic diagram of a startup system having an automatic startup of a secure operating system according to the present invention. As shown in FIG. 1 , the booting system with automatic booting of the secure operating system is used for a host device 2 , wherein an operating system 211 is installed on a first hard disk 21 of the host device 2 , and the host device 2 has at least An alternate operating system. For example, FIG. 1 shows that a second hard disk 22 of the host device 2 is installed with an alternate operating system 221 , and a third hard disk 23 of the host device 2 is installed with an alternate operating system 231 .

應可理解,Basic Input Output System(BIOS),譯為基本輸出入系統,主要用於電腦主機開機過程中各種硬體設備的初始化和檢測,此過程習稱為硬體開機。舉例而言,用戶可以在BIOS裡面設定硬體開機順序為1.軟碟機、2.光碟機、3.硬碟。隨著資料儲存技術的演進,目前大部分的電腦主機皆無搭載軟碟機和光碟機。因此,BIOS設定新增了USB隨身碟開機。換句話說,用戶可以在BIOS裡面設定硬體開機順序為1.USB隨身碟、2.硬碟。因此,如圖1所示,該主機設備2具有用以實現基本輸入輸出系統的一BIOS晶片11。特別地,本發明之啟動系統即實現在該BIOS晶片11之中,使該BIOS晶片11含有一儲存單元122、一監視單元14、以及一控制單元15,其中,該儲存單元122內儲存有一作業系統啟動憑證。並且,在該作業系統211、該備用作業系統221和該備用作業系統231之中皆含有一安全憑證。 It should be understood that the Basic Input Output System (BIOS), translated as the basic input input system, is mainly used for the initialization and detection of various hardware devices during the booting process of the computer host, which is commonly referred to as hardware booting. For example, the user can set the hardware boot order in the BIOS as 1. floppy disk drive, 2. optical disk drive, 3. hard disk. With the evolution of data storage technology, most of the current computer mainframes are not equipped with floppy disk drives and CD-ROM drives. Therefore, the BIOS settings have added a USB flash drive to boot. In other words, the user can set the hardware boot sequence in the BIOS as 1.USB flash drive, 2.hard drive. Therefore, as shown in FIG. 1 , the host device 2 has a BIOS chip 11 for implementing a basic input output system. In particular, the startup system of the present invention is implemented in the BIOS chip 11, so that the BIOS chip 11 includes a storage unit 122, a monitoring unit 14, and a control unit 15, wherein the storage unit 122 stores an operation System startup credentials. In addition, a security certificate is included in the operating system 211 , the standby operating system 221 and the standby operating system 231 .

按照正常的開機程序,該BIOS晶體設備的初始化和檢測期間,依據儲存在該儲存單元122內的該作業系統啟動憑證,該BIOS晶片11(即,基本輸出入系統)的該控制單元15(亦可稱為驗證單元)對安裝在該第一硬碟21的該作業系統211進行一作業系統啟動驗證,當該作業系統通過作業系統啟動憑證之驗證後,便完成硬體開機,接著才會接著進入操作系統(Operating system,OS)的啟動程序。 According to the normal boot procedure, during initialization and detection of the BIOS chip device, the control unit 15 (also known as the BIOS chip 11 ) of the BIOS chip 11 (ie, the basic input/output system) is executed according to the operating system boot certificate stored in the storage unit 122 . It may be referred to as a verification unit) to perform an operating system boot verification on the operating system 211 installed on the first hard disk 21. When the operating system passes the verification of the operating system boot certificate, the hardware boot is completed, and then the Enter the startup program of the operating system (OS).

在上述控制單元15對第一硬碟21的該作業系統211進行驗證時,若作業系統非為作業系統啟動憑證所信任之作業系統,或受病毒感染或者某些原因而變得不可信任時,所述作業系統啟動驗證不會通過(fail)。此時,該控制單元15會先變更該BIOS晶片11之開機順序設定。其中,變更開機順序設定係用以設定讓該BIOS晶片11在完成硬體開機之後接著以安裝在該第二硬碟22的該備用作業系統221進入OS啟動程序,並同時啟用該監視單元(即,watchdog)14以執行一開機計時。繼續地,當重新開機後控制單元15向安裝在第二硬碟22的該備用作業系統221進行所述作業系統啟動驗證,當該備用作業系統221的作業系統啟動驗證確認通過完成硬體開機,進入作業系統啟動階段,該備用作業系統221會在啟動後依據所述安全憑證進行自我安全性檢查,確認作業系統啟動是否達安全憑證所信任之環境條件。若所述自我安全性檢查確認通過之後,完成該主機設備2的開機,並終止監視單元的開機計時。 When the above-mentioned control unit 15 verifies the operating system 211 of the first hard disk 21, if the operating system is not an operating system trusted by the operating system startup certificate, or becomes untrustworthy due to virus infection or some reasons, The operating system startup verification fails. At this time, the control unit 15 will first change the boot sequence setting of the BIOS chip 11 . Wherein, changing the boot sequence setting is used to set the BIOS chip 11 to enter the OS boot process with the standby operating system 221 installed on the second hard disk 22 after the hardware boot is completed, and simultaneously enable the monitoring unit (ie , watchdog) 14 to perform a boot timing. Continuingly, after rebooting, the control unit 15 performs the operating system startup verification on the standby operating system 221 installed on the second hard disk 22, and when the operating system startup verification of the standby operating system 221 confirms that the hardware startup is completed, Entering the operating system startup stage, the standby operating system 221 will perform self-security check according to the security certificate after startup to confirm whether the operating system startup meets the environmental conditions trusted by the security certificate. If the self-security check is confirmed to pass, the host device 2 is powered on, and the power-on timing of the monitoring unit is terminated.

值得說明的是,在該備用作業系統221進行所述自我安全性檢查的過程中,若過程超過一預定時間而作業系統仍未達到安全憑 證所信任之環境條件,則該監視單元(即,watchdog)14會通知該BIOS晶片11重新進行該主機設備2的開機程序。意即,當所述作業系統啟動的安全驗證確認未通過時,作業系統將無法完成啟動,一旦作業系統啟動逾時,則該監視單元(即,watchdog)14會通知該控制單元15再次變更該BIOS晶片11之開機順序設定,讓該BIOS晶片11在完成硬體開機之後接著以安裝在該第三硬碟23的該備用作業系統231進入OS啟動程序,而於OS啟動同時由監視單元14執行開機計時。 It is worth noting that, in the process of the standby operating system 221 performing the self-security check, if the process exceeds a predetermined time and the operating system has not yet reached the security credentials If the trusted environmental condition is verified, the monitoring unit (ie, the watchdog) 14 will notify the BIOS chip 11 to perform the booting procedure of the host device 2 again. That is, when the security verification confirmation of the startup of the operating system fails, the operating system will not be able to complete the startup. Once the startup of the operating system times out, the monitoring unit (ie, the watchdog) 14 will notify the control unit 15 to change the The boot sequence of the BIOS chip 11 is set, so that the BIOS chip 11 enters the OS boot procedure with the standby operating system 231 installed on the third hard disk 23 after the hardware boot is completed, and is executed by the monitoring unit 14 at the same time as the OS is booted Start time.

請同時參閱圖1、圖2A與圖2B,其中,圖2A與圖2B為本發明之具有自動啟動安全作業系統的啟動方法流程圖。如圖1、圖2A與圖2B所示,該控制單元15執行本發明之具有自動啟動安全作業系統的啟動方法使該主機設備2完成開機。 Please refer to FIG. 1 , FIG. 2A and FIG. 2B at the same time, wherein FIG. 2A and FIG. 2B are flowcharts of the startup method with the automatic startup of the secure operating system according to the present invention. As shown in FIG. 1 , FIG. 2A and FIG. 2B , the control unit 15 executes the booting method with automatic booting of the secure operating system of the present invention to complete the booting of the host device 2 .

如圖2A與圖2B所示,該具有自動啟動安全作業系統的啟動方法包括以下步驟:步驟S1:基本輸出入系統依據一系統啟動安全憑證對一主機設備2的一當前作業系統(例如:安裝在第一硬碟21的操作系統211)進行一作業系統啟動驗證;步驟S2:確認所述作業系統啟動驗證是否通過,若是則執行步驟S4,若否則執行步驟S3;步驟S3:基本輸出入系統改令一備用作業系統(例如:安裝在第二硬碟22的備用作業系統221)作為該主機設備的該當前作業系統,接著重複執行該步驟S1; 步驟S4:在所述作業系統啟動驗證通過的情況下,啟用一監視單元14進行開機計時,且該當前作業系統啟動時,依據一安全憑證進行一作業系統自我安全性檢查;步驟S5:當前作業系統啟動並確認所述自我安全性檢查是否通過以及是否於計時時限內完成啟動,若是則執行步驟S7,若否則執行步驟S6;步驟S6:基本輸出入系統改令一備用作業系統作為該主機設備2的該當前作業系統並重新啟動該主機設備2,接著重複執行該步驟S1;以及步驟S7:完成該主機設備2及該當前作業系統的開機程序,該當前作業系統停止該監視單元14之開機計時。 As shown in FIG. 2A and FIG. 2B , the booting method with automatic booting of the secure operating system includes the following steps: Step S1 : the BIOS starts a current operating system of a host device 2 according to a system boot security certificate (for example, installs Perform an operating system startup verification on the operating system 211) of the first hard disk 21; Step S2: confirm whether the operating system startup verification is passed, if so, go to Step S4, if not, go to Step S3; Step S3: Basic I/O system Change a backup operating system (for example: the backup operating system 221 installed on the second hard disk 22) as the current operating system of the host device, and then repeat the step S1; Step S4: In the case that the operating system startup verification is passed, a monitoring unit 14 is activated to perform power-on timing, and when the current operating system is started, an operating system self-security check is performed according to a security certificate; Step S5: current operation The system starts and confirms whether the self-security check is passed and whether the startup is completed within the time limit, if so, go to step S7, if not, go to step S6; step S6: the basic input and output system is changed to a standby operating system as the host device 2 and restart the host device 2, and then repeat the step S1; and step S7: complete the booting procedure of the host device 2 and the current operating system, and the current operating system stops the booting of the monitoring unit 14 timing.

如此,上述係已完整且清楚地說明本發明之具有自動啟動安全作業系統的啟動方法及其啟動系統的結構、功能;經由上述,吾人可以得知本發明係具有下列之技術特徵與優點:本發明提供一種具有自動啟動安全作業系統的啟動系統,應用於一主機設備2之中。其中,該主機設備2具有一第一硬碟21與至少一第二硬碟22,該第一硬碟21安裝有一作業系統211優先作為當前作業系統,且所述第二硬碟22安裝有備用作業系統221。本發明所述之啟動系統包括:一記憶單元122、一監視單元14以及一控制單元15,其中該記憶單元122儲存有一作業系統啟動憑證。在該主機設備2進行開機程序的過程中,該控制單元15依本發明所設計的一啟動方法檢測該主機設備2的當前作業系統,從而在該當前作業系統不被信任時自動 地將備用作業系統切換成該主機設備2的當前作業系統,使該主機設備2可以順利地完成開機。 In this way, the above has completely and clearly explained the structure and function of the startup method with automatic startup of the safe operating system and the startup system of the present invention; through the above, we can know that the present invention has the following technical features and advantages: The invention provides a booting system with automatic booting of a secure operating system, which is applied to a host device 2 . The host device 2 has a first hard disk 21 and at least one second hard disk 22. An operating system 211 is installed on the first hard disk 21 as the current operating system, and the second hard disk 22 is installed with a spare Operating System 221 . The startup system of the present invention includes: a memory unit 122 , a monitoring unit 14 and a control unit 15 , wherein the memory unit 122 stores an operating system startup certificate. During the process of the host device 2 booting up, the control unit 15 detects the current operating system of the host device 2 according to a startup method designed in the present invention, so as to automatically detect the current operating system when the current operating system is not trusted The standby operating system is switched to the current operating system of the host device 2, so that the host device 2 can be successfully powered on.

必須加以強調的是,上述之詳細說明係針對本發明可行實施例之具體說明,惟該實施例並非用以限制本發明之專利範圍,凡未脫離本發明技藝精神所為之等效實施或變更,均應包含於本案之專利範圍中。 It must be emphasized that the above-mentioned detailed descriptions are for specific descriptions of feasible embodiments of the present invention, but the embodiments are not intended to limit the patent scope of the present invention. All should be included in the scope of the patent in this case.

2:主機設備 2: Host device

21:第一硬碟 21: The first hard disk

211:作業系統 211: Operating System

22:第二硬碟 22: Second hard drive

221:備用作業系統 221: Alternate operating system

23:第三硬碟 23: The third hard drive

231:備用作業系統 231: Alternate Operating System

11:BIOS晶片 11: BIOS chip

14:監視單元 14: Monitoring unit

15:控制單元 15: Control unit

122:儲存單元 122: storage unit

Claims (6)

一種具有自動啟動安全作業系統的啟動方法,係包括以下步驟:(1)基本輸出入系統依據一系統啟動安全憑證對一主機設備的一當前作業系統進行一作業系統啟動驗證;(2)確認所述作業系統啟動驗證是否通過,若是則執行步驟(4),若否則執行步驟(3);(3)基本輸出入系統改令一備用作業系統作為該主機設備的該當前作業系統,接著重複執行該步驟(1);(4)在所述作業系統啟動驗證通過的情況下,啟用一監視單元進行開機計時,且該當前作業系統啟動時,依據一安全憑證進行一自我安全性檢查;(5)當前作業系統啟動並確認所述自我安全性檢查是否通過以及是否於計時時限內完成啟動,若是則執行步驟(7),若否則監視單元於逾時後執行步驟(6);(6)基本輸出入系統改令一備用作業系統作為該主機設備的該當前作業系統並重新啟動該主機設備,接著重複執行該步驟(1);以及(7)完成該主機設備及該當前作業系統的開機程序,該當前作業系統停止該監視單元之開機計時。 A startup method with automatic startup of a secure operating system, comprising the following steps: (1) a basic input/output system performs an operating system startup verification on a current operating system of a host device according to a system startup security credential; (2) confirms all Whether the operating system startup verification is passed, if so, go to step (4), if not, go to step (3); (3) The basic IO system changes a standby operating system as the current operating system of the host device, and then repeats the execution Steps (1); (4) In the case that the operating system startup verification is passed, a monitoring unit is enabled to perform boot timing, and when the current operating system is started, a self-security check is performed according to a security credential; (5) ) Start the current operating system and confirm whether the self-security check is passed and whether the startup is completed within the time limit, if so, execute step (7), if otherwise, the monitoring unit executes step (6) after the timeout; (6) Basic The I/O system changes a standby operating system as the current operating system of the host device and restarts the host device, and then repeats the steps (1); and (7) completes the boot process of the host device and the current operating system , the current operating system stops the start-up timing of the monitoring unit. 如請求項1所述之具有自動啟動安全作業系統的啟動方法,其中,該主機設備具有一第一硬碟與至少一第二硬碟,該第一硬 碟安裝有一作業系統優先作為所述當前作業系統,且所述第二硬碟安裝有所述備用作業系統。 The booting method with automatically booting a secure operating system according to claim 1, wherein the host device has a first hard disk and at least a second hard disk, the first hard disk An operating system is installed on the hard disk as the current operating system, and the second hard disk is installed with the standby operating system. 如請求項1所述之具有自動啟動安全作業系統的啟動方法,其中,該主機設備具有用以實現所述基本輸出入系統的一BIOS晶片,且該BIOS晶片包含一儲存單元、一控制單元以及所述監視單元,其中該儲存單元儲存有所述系統啟動安全憑證,使該控制單元依據所述系統啟動安全憑證對所述當前作業系統進行所述作業系統啟動驗證。 The booting method with automatic booting of a secure operating system as claimed in claim 1, wherein the host device has a BIOS chip for implementing the basic input/output system, and the BIOS chip includes a storage unit, a control unit, and The monitoring unit, wherein the storage unit stores the system startup security certificate, so that the control unit performs the operating system startup verification on the current operating system according to the system startup security certificate. 一種具有自動啟動安全作業系統的啟動系統,係用於一主機設備,並包括:一記憶單元,存儲一系統啟動安全憑證;一監視單元;以及一控制單元,耦接該記憶單元與該監視單元,且該控制單元執行如請求項1所述之具有自動啟動安全作業系統的啟動方法,使該主機設備完成開機。 A startup system with an automatic startup security operating system is used for a host device, and includes: a memory unit, which stores a system startup security certificate; a monitoring unit; and a control unit, which is coupled to the memory unit and the monitoring unit , and the control unit executes the startup method with automatic startup of the secure operating system as described in claim 1, so that the host device completes the startup. 如請求項4所述之具有自動啟動安全作業系統的啟動系統,其中,該主機設備具有一第一硬碟與至少一第二硬碟,該第一硬碟安裝有一作業系統優先作為所述當前作業系統,且所述第二硬碟安裝有所述備用作業系統。 The booting system with automatic booting of a secure operating system according to claim 4, wherein the host device has a first hard disk and at least a second hard disk, and an operating system is installed on the first hard disk as the current priority an operating system, and the second hard disk is installed with the standby operating system. 如請求項4所述之具有自動啟動安全作業系統的啟動系統,其中,在該監視單元啟用後,該監視單元係執行一開機計時。 The booting system with automatic booting of a secure operating system as described in claim 4, wherein after the monitoring unit is activated, the monitoring unit executes a boot timer.
TW109101408A 2020-01-15 2020-01-15 Method and system of automatically launch a secure of the operating system TWI778320B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109101408A TWI778320B (en) 2020-01-15 2020-01-15 Method and system of automatically launch a secure of the operating system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109101408A TWI778320B (en) 2020-01-15 2020-01-15 Method and system of automatically launch a secure of the operating system

Publications (2)

Publication Number Publication Date
TW202129494A TW202129494A (en) 2021-08-01
TWI778320B true TWI778320B (en) 2022-09-21

Family

ID=78282757

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109101408A TWI778320B (en) 2020-01-15 2020-01-15 Method and system of automatically launch a secure of the operating system

Country Status (1)

Country Link
TW (1) TWI778320B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200721008A (en) * 2005-11-23 2007-06-01 Inventec Corp Method and system for switching between embedded operating systems of computer platform
TW201216159A (en) * 2010-10-13 2012-04-16 Inventec Corp Method for automatically setting up system
TW201248499A (en) * 2011-05-18 2012-12-01 Asustek Comp Inc Method of swapping between operating systems applied to computer system
CN105447391A (en) * 2015-12-09 2016-03-30 浪潮电子信息产业股份有限公司 Operating system secure startup method, startup manager and operating system secure startup system
US20170085380A1 (en) * 2015-09-22 2017-03-23 Verisign, Inc. Methods and systems for bootstrapping
TW201719401A (en) * 2015-11-20 2017-06-01 啟碁科技股份有限公司 Booting method and booting system
US20190034616A1 (en) * 2015-09-25 2019-01-31 Intel Corporation Secure authentication protocol systems and methods
CN110532777A (en) * 2018-05-24 2019-12-03 霍尼韦尔环境自控产品(天津)有限公司 Secure startup system and method, terminal device and its core system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200721008A (en) * 2005-11-23 2007-06-01 Inventec Corp Method and system for switching between embedded operating systems of computer platform
TW201216159A (en) * 2010-10-13 2012-04-16 Inventec Corp Method for automatically setting up system
TW201248499A (en) * 2011-05-18 2012-12-01 Asustek Comp Inc Method of swapping between operating systems applied to computer system
US20170085380A1 (en) * 2015-09-22 2017-03-23 Verisign, Inc. Methods and systems for bootstrapping
US20190034616A1 (en) * 2015-09-25 2019-01-31 Intel Corporation Secure authentication protocol systems and methods
TW201719401A (en) * 2015-11-20 2017-06-01 啟碁科技股份有限公司 Booting method and booting system
CN105447391A (en) * 2015-12-09 2016-03-30 浪潮电子信息产业股份有限公司 Operating system secure startup method, startup manager and operating system secure startup system
CN110532777A (en) * 2018-05-24 2019-12-03 霍尼韦尔环境自控产品(天津)有限公司 Secure startup system and method, terminal device and its core system

Also Published As

Publication number Publication date
TW202129494A (en) 2021-08-01

Similar Documents

Publication Publication Date Title
CN103999041B (en) The backup firmware during equipment initializes
EP2989579B1 (en) Redundant system boot code in a secondary non-volatile memory
CN103858107B (en) Secure Recovery Apparatus and Method
KR101626433B1 (en) Method and system for verifying proper operation of a computing device after a system change
TWI784526B (en) Methods, systems and bios chip for preventing hang up in a post routine from faulty bios settings
US20180088962A1 (en) Auto bootloader recovery in bmc
US9152492B2 (en) Performing recovery of a headless computer
US20040158702A1 (en) Redundancy architecture of computer system using a plurality of BIOS programs
JP2014518428A (en) Protection and notification against BIOS flash attacks
US20150095632A1 (en) Computer booting system and method for computer system
US20090271660A1 (en) Motherboard, a method for recovering the bios thereof and a method for booting a computer
CN107766102B (en) Boot method of dual basic input/output system (BIOS) and electronic device with same
US12393486B2 (en) Automatic BMC and bios firmware recovery
TWI486874B (en) Electronic apparatus and booting method
CN112000508A (en) Starting repair method of ARM server and related device
JP4903833B2 (en) System operating method using hardware lock and electronic device activated using hardware lock
WO2010113282A1 (en) A reconfigurable information processing device having a verification function and a control method therefor
US11163643B2 (en) Boot data validity
CN104572143A (en) Startup detection system and method for computer
CN114611116B (en) Device starting method and device, electronic device and computer readable storage medium
TWI778320B (en) Method and system of automatically launch a secure of the operating system
CN119861985A (en) Method, device, storage medium and program product for starting server
CN115576750A (en) Out-of-band power-off method, computer device and storage medium
TW202418070A (en) Boot method based on hard disk type
CN119336394A (en) A method for starting a computer system

Legal Events

Date Code Title Description
GD4A Issue of patent certificate for granted invention patent